Gaping Safari Security Hole

By Harry McCracken | Thursday, July 22, 2010 at 12:27 pm

Okay, this is the most disturbing Apple security weakness I’ve heard about to date: a fairly straightforward Safari exploit that would let a hacker silently swipe information from your address book. Embarrassing, too: The guy who discovered it says he alerted Apple last month, and got only an automated reply.

3 Comments

3 Comments For This Post

John Baxter Says:
July 22nd, 2010 at 8:33 pm
Paranoia goes a long way: I always turn off AutoFill and similar abilities in web browsers.
Hamranhansenhansen Says:
July 23rd, 2010 at 2:32 am
The automated reply was "we're aware of this bug and are working on it and will have a fix soon." Not sure what is embarrassing about that.

It only applies to Safari on the Mac. It's unlikely to be long-lived because the Mac so easily patches itself, so it's unlikely to be broadly exploited.
Poondog Says:
July 25th, 2010 at 2:15 am
@Hamranhansenhansen That doesn't mean that they actually did look at it. You must send all of your error reports too.

The Weird History of Windows
Laptopia: Twenty-One Totally Bizarre Laptops
Fifteen Classic Game Console Design Mistakes
The Thirteen Greatest Error Messages of All Time
When the Muppets Worked for IBM
Tech Products That Were Brilliant. And Doomed
The Legend of the Legend of Zelda
15 Breakthrough Products That Went Absolutely Nowhere
The 25 Most Notable Quotes in Tech History
How 1940s Whiskey Ads Predicted the Future
The Great Operating System Games
The Weird Secret Origin of Tech's Favorite Insult