safari

If you own a Mac or an iPhone, chances are you'll need to download at least one of the security updates issued by Apple late Tuesday.

Dozens of vulnerabilities and bugs were covered by a total of six downloads for Mac OS 10.3.9 (Panther), Mac OS 10.4.10 (Tiger) on PowerPC, and the Universal version of Mac OS 10.4.10, as well as the server versions of each of those operating systems. Each download contains several patches to correct flaws, and Apple is recommending that all users of those operating systems download the updates.

Some … Read more

Among the many features of the iPhone I am evaluating, the YouTube feature is an absolute treat. The picture quality is jaw-dropping. Downloading some of your classic favorites is the best way to impress people. Showing it off never entered your mind? Yeah, right.

Also excellent is the Safari browser. It truly is as easy to enlarge a page as it seems in the ads. Speed? Well, it's EDGE, so forget broadband. But with Wi-Fi, it's fast enough.

Of course, the bad thing about Wi-Fi is it eats up your battery. So you need to get into the … Read more

Researchers at Independent Security Evaluators have announced at least two exploits that take advantage of the way the Apple iPhone opens a specially crafted Web page in Safari. Exact details of the vulnerability exploited will have to wait until a presentation at the end of next week's Black Hat conference in Las Vegas. However, some general information has been offered here.

In a preliminary draft of the Black Hat presentation, ISE researchers Charlie Miller, Jake Honoroff, and Joshua Mason note that there are "serious problems with the design and implementation of security on the iPhone," and they … Read more

Intended to be a convenience, the unique dialing feature included in the iPhone version of the Safari browser might soon become a nightmare.

SPI Labs' lead researcher Billy Hoffman says that the feature that is designed to dial any number displayed on a Web page after a user taps it is subject to various attacks, including cross-site scripting and drive-by downloads. This issue was first reported to Apple on July 6, but Hoffman believes the "unique urgency" and its potential to affect a large number of people warranted public disclosure.

Potential uses of this vulnerability cited by Hoffman … Read more

After two days of timing and comparing the iPhone's download speed between AT&T's EDGE network and Wi-Fi, our CNET Lab has just released its official results.

EDGE averaged a download time of 15.69 minutes for a 9.4MB file, while Wi-Fi required a mere 1.18 minutes. In the end, our test results indicate that the iPhone's Wi-Fi connection is about 13 times faster than using EDGE.

Tests were run at different points throughout the day to account for changes in network bandwidth, and the iPhone was reformatted after each download to ensure that … Read more

Just in time for the iPhoneDevCamp this weekend (where Web developers will gather for a no-holds-barred effort to develop iPhone apps), Apple has released a Web development guide for the iPhone. The guide provides useful hints about the iPhone's abilities, how to integrate your app with the iPhone's phone, mail, and maps, the kinds of media types that the Safari browser supports, and more. Of course, there's also a link to the Safari for Windows beta, plus additional information about the Safari Webkit. If you're a potential iPhone developer, the guide is worth checking out. As … Read more

Galleries of images set off against a black background have become common as software and Web sites try to help people show off their photos better. Cooliris' PicLens offers a clever way to do set up such galleries from many Web sites on the fly.

The PicLens browser extension can convert a bunch of images from Google and Yahoo image search, Flickr, Picasa, Facebook and RSS Media-based sites and other locations into a full-screen gallery of pictures. The photos slide by at a stately pace or advance when the user clicks the keyboard's arrow key, and a handy filmstrip … Read more

Following last Friday's release of Safari 3.0.2 comes a brand-new Monday morning vulnerability. Researcher E. Azizov of ITdefence in Russia posted on the Bugtraq newsgroup a demonstration of a buffer overflow in the Windows XP version of Apple's browser. Specifically, the new vulnerability affects the title buffer in Safari bookmarks. If the title of a page you wish to bookmark in Safari 3.0.2 exceeds 1,024 bytes, as soon as you save the bookmark (Ctrl+D) your computer may become compromised.

Roughly one week after releasing Safari 3.0.1 for Windows (beta), Apple today released Safari 3.0.2 for Windows (beta). The Safari 3.0 beta patches issued today are for Apple Mac OS X as well as Windows XP and Windows Vista users, and basically piggybacks Apple Security Update 2007-006 intended only for Mac OS users who have installed Safari 3.0 beta.

Patch for Safari This patch affects users of Windows XP or Vista and does not affect Mac OS X, and addresses the vulnerability in CVE-2007-2398. In Safari Beta 3.0.1 for Windows, a timing … Read more