Safari exploit found in Mac OSX hacking contest
By Jonathan Schlaffer
Safari is to Mac OSX as Internet Explorer is to Windows and you know what, I don’t recommend using either. Use Safari as necessary, when you need it but never any other times, the same applies to Internet Explorer on Windows.
I’ll take this space to remind everyone of the fact that vulnerabilities in Windows and IE are far more likely to be exploited than one in OSX, still, OSX security holes do exist but there are those who play up these problems with OSX more than they should.
Mac OSX is known for its “rock solid” security with Unix at its core, but it still has flaws, flaws that are harder to exploit than say, similar exploits on Windows. That did not stop Shan Macaulay who won a MacBook after locating and exploting a zero-day security flaw in Safari so says Cnet. The MacBook in question had the latest updates but no additional security software or configurations were performed on it, in other words, what an average person would be using.
When asked about the vulnerability, Spokesapples declined to comment saying only “Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users.”
The MacBook hack contest was held after Apple released 25 updates for Mac OSX some fixing critical security holes. Some out there would flaw Apple for not releasing as many updates as often as Microsoft does, they don’t need to. An exploit in OSX, even if it is serious is not likely to be taken advantage of and that’s nothing to say of actually breaching the OS itself.
Apple has a far greater chance of breaking OSX than you or any hacker does. Yes, Apple can and has released faulty updates but not nearly as many as Microsoft.
In other words, don’t use Safari, use Camino or Opera, those would be my choices or you could always ante up $14.95 in US money for OmniWeb but I don’t believe in that though it is the fastest Mac browser.
Related:
Stumble It!
Entry was posted
on Saturday, April 21st, 2007 at 10:17 am
under 
Print This Post
Read more entries by Jonathan Schlaffer.
April 22nd, 2007
We know nothing about this vulnerability. Was it in Webkit? Then Camino and Opera would both be in peril, because they use the same thing. Or was it in Safari’s implementation of javascript? In both those case, it’s Firefox that might be better, since they use the Mozilla engine and a separate version of java and javascript.
If the fault is somehow in the browser itself, then you could be right. But we know too little — and that’s good — about the flaw so far to really comment intelligently on it.
Another important point is this: once they were in, what exactly could they do?
April 23rd, 2007
Good points, no word on what the vulnerability was or what it did was released and I’m with you, I’d like to know what it was but so far, that information is not available. I don’t know where the flaw was located either… so… who knows… it’s probably not critical.
Firefox is pretty slow on OSX… but it is serviceable.
April 24th, 2007
[…] As the venerable Rod Serling said “You are now entering a new dimension, not of sight nor sound but of mind, the signpost ahead, The Twilight Zone,” and welcome to it dear readers. The “Hack a Mac” contest held some days ago revealed a flaw in the Safari browser, or that’s what was thought at the time. Network World reports on the flaw which actually exists on Windows as well. […]
September 3rd, 2007
fddddddddddddddddffffffffffffff