Safari for Windows: Released and hacked in a day Comments

InfoWorld: Top News by Robert_McMillan@idg.com (Robert McMillan) - Jun 11, '07 7:17pm
Add to Favorites Add to Live.com Add to Google Add to del.icio.us Add to Yahoo! Add to Digg Add to Reddit Add to Technorati Add to StumbleUpon

(InfoWorld) - Apple is becoming a favorite target of security researchers these days. In April, there was the $10,000 CanSecWest hack a Mac contest, and on Monday, there was the Safari Web browser. Or the public beta of Safari for Windows, anyway.

Just hours after Apple released its first Windows beta of Safari, researcher Aviv Raff said he'd found a bug.

In an interview, Raff said that it took about three minutes of fuzzing to find the bug and that he hadn't tested the issue on Mac OS X. So he couldn't say whether or not it affected Safari on Windows only. The bug causes the browser to crash and "might be exploitable," according to Raff, meaning it could possibly be used to run malware on the PC.

Raff was clearly unhappy with Apple's claim that Safari was designed to be "secure from day one" (he called this claim "pathetic"), but he said he wasn't particularly going after Apple. "I don't pick just on Apple," he said. "I've posted about Microsoft and Mozilla issues too."

"Everyone has bugs, but not everyone says that they are 'designed to be secured from day one,'" he added. "I guess it's day zero now."

Be the first to comment this.
Name: (required)
Email:   (not displayed, optional)
URL:     (optional)
          Remember info in safe cookie
Comments: (all HTML will be stripped)

Security Code:
© 2007 · wiredb.com · All trademarks are properties of their respective owners.