Safari for Windows Has Glitch That Could Let Attackers Take Complete Control Of The PC

According to an article in PC World, only hours after Apple debuted its Safari browser for Windows, 8 bugs were found, one of which is so severe that it could let an attacker “grab complete control of the PC.”

David Maynor, the security consultant who found the first bugs told PC World,

“I can’t speak for anybody else, but the bugs found in the beta copy of Safari on Windows work on the production copy on OS X as well,” he said in a posting on the Errata site. “The exploit is robust mostly thanks to the lack of any kind of advanced security features in [Mac] OS X.”

It was a Danish researcher, Thor Larholm, who found the most dangerous exploit, which could be used to hijack a PC said:

“On OS X, Apple has enjoyed the same luxury and the same curse as Internet Explorer has had on Windows, namely intimate operating system knowledge,” said Larholm. “The integration with the original operating system is tightly defined, but [that] knowledge is crippled when the software is released on other systems and mistakes and mishaps occur.

“Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser.”

Apple chose not to respond to PC World’s requests for comment.

The beta site for Safari for Windows makes the following security claim:

Now you can enjoy worry-free web browsing on any computer. Apple engineers designed Safari to be secure from day one.

For starters, Safari uses robust encryption to ensure that your private information stays that way. When you browse a secure site, Safari displays a lock icon in the upper-right corner of the browser. If you want to know more about the credentials of a secure site, click the lock icon and Safari displays detailed information about the site’s security certificate.

A lock icon. Awesome. We feel better now. PC World is currently reporting that the number of Safari bugs is 18 and counting. Are they picking on poor Apple, or is this thing a train wreck? —MEGHANN MARCO

Researchers find eight bugs in Safari for Windows [PC World]

Comments

Edit Your Comment

  1. homerjay says:

    And its no better for OSX either. I can’t even get it to open PDF’s without crashing.

  2. IRSistherootofallevil says:

    It’s still in beta testing. What do you expect? If all software was perfect every time it was developed, software people would find themselves unemployed very soon. Oh wait, they already are. I meant nobody would betatest anything if software came out perfect every time. Well they found this error, so they’re going to go back and fix it. Big deal. Windows already lets hackers control the system. There’s a good reason nobody can figure out how to hack into a mac.

  3. chooki says:

    Um, you might want to revisit Mr Maynor’s history with OS X “exploits” and lack of evidence. Reference: Daring Fireball. Plenty of pages on the web asking questions of him, few answers, and even less data.

  4. bedofnails says:

    Consumerist, don’t you know an anti-apple article will be the death of you?

    Better call reputation defender.

  5. Crazytree says:

    BUT THE COOL GUY IN THE APPLE COMMERCIAL TOLD ME APPLE STUFF WAS MORE SECURE THAN MICROSOFT STUFF.

    =….(

  6. LatherRinseRepeat says:

    How and when did Safari become “the world’s best browser”?

  7. Hawk07 says:

    Microsoft – 1, Apple – 0


    Hopefully Apple gets a dose of their own medicine about the difficulty in developing on a platform that is so customizable that there are literally billions of iterations of it. I’m sure if MS was the solder provider of the mobo, CPU, and pretty much every other piece of hardware in the system, their products would run more smoothly.

    With the PC, you have so many more user customizable routes to get your work done where as on a Mac, you’re left at the mercy of Steve Jobs and what he wants to put in your machine.

  8. delphi_ote says:

    [www.youtube.com]
    That’s all I have to say about that.

  9. Scazza says:
  10. Seth_Went_to_the_Bank says:

    Safari 3 Public Beta

    Safari 3 Public Beta

    Safari 3 Public Beta

  11. ShadowFalls says:

    Let us not forget to point out the claims of being the “fastest” browser for Windows, have already being tested and debunked.

  12. hudsong says:

    It’s called a BETA. Yeah, I know the person above me posted that already, but it needs to be stressed. The name “beta” is so fu**ing overused these days (I once saw it on iTunes, google has had apps in “beta” for YEARS) no one seems to know what it used to mean. It means crashes, it means problems.
    BETA is synonymous with BUGS.
    I like how Thor mentioned that apple has a “lousy track record with security.” Is that why I have never had a single virus or a piece of spyware, malware, or a browser hijack?

    Besides, Maynor is a dumbass who likes posting conclusions without evidence. I’m not saying he’s wrong this time, but he’s been wrong before…:
    [daringfireball.net]

  13. hudsong says:

    As an addendum, I think Apple made a really stupid move porting Safari to OSX. I just wanted to clear up the meaning of Beta.

  14. Chese says:

    It’s not a glitch, its a feature! C’mon :)

  15. BillyMumphry says:

    @Seth_Went_to_the_Bank:


    Safari 3 PUBLIC Beta

    Safari 3 PUBLIC Beta

    Safari 3 PUBLIC Beta


    I love how apple is supposed to be for the hipster liberal set while their profit margins are absurd and their CEO engages in the shadiest backdating practices wall street has seen since Comverse.

    Let’s see if ole’ Walt has the cojones to call out the iPhone.

  16. bedofnails says:

    @hudsong:

    Is that why I have never had a single virus or a piece of spyware, malware, or a browser hijack?

    No.

  17. Hawk07 says:

    Beta! Beta! Beta!

    Speaking of beta’s, anyone find any bugs in Gmail Beta lately?

  18. Kryndis says:

    All of you people yelling “beta” need to stop. That’s a terrible defense and I’ll explain why.

    1. Apple has buttered its bread by marketing itself as the easy choice for novice computer users. Novices are the exact same demographic that is least likely to know exactly what “beta” means. What’s more, “beta” can mean anything from “the interface needs a few tweaks” to “glaring security holes” depending on who you ask. It’s downright irresponsible for Apple to not give a full disclosure of what “beta” means in terms of this product on the download page.

    2. Not only do they not disclose the meaning of beta, they heavily emphasize the security features present in the product (despite those features being totally un-noteworthy). Again, they should not be touting security features unless the browser is actually secure, at least not without a caveat in bold type about the beta status.

    3. As best as I can tell, while the exploit was discovered on the Windows version, it applies to all versions of Safari including the version for OS X. I was under the impression Safari for OS X was not in beta. I may be wrong about that though, please correct me if so.

    4. Any responsible company would have either yanked the download or issued an immediate patch for a bug of this severity. The fact that all they’ve done is remain silent speaks volumes about their attitude toward security. Basically it means one of three things: Either they don’t know if the exploit is real, they don’t care if it’s real, or they’ve confirmed it but it’s so bad they can’t fix it quickly and they’re hoping the story will die while they quietly release a new version. None of these situations is even slightly acceptable.

    Face it guys, Apple really screwed up on this one and they deserve every bit of criticism they get for it.

  19. Falconfire says:

    Given that Apple has had a lousy track record with security on OS X

    Oh bull fucking shit. Im so tired of every tiny bug that could possibly crash OS X being called a major security hole by these guys (even if there is absolutely no way you can execute code with said bug), while huge holes have remained open in the Windows code base since 98 and CONTINUE to remain open in Vista.

    As it is half the so called “security experts” are paid shills of Symantec Corp or Microsoft.

    Wonder what he based his lousy track record on? The Month of Apple bugs that turned out to only have 4 bugs that actually pertained to Apple products while the rest where because of poor coding on behalf of application makers like Microsoft, Omni, and Adobe?

  20. ValkRaider says:

    Are they picking on poor Apple, or is this thing a train wreck?

    Beta. Beta. What don’t you understand?

    Spell it aloud if you must:

    B E T A

    Lets see what Wikipedia has to say about “beta” software:

    “Beta version software is likely to be useful for internal demonstrations and previews to select customers, but unstable and not yet ready for release.”
    Software release life cycle

    And lets see what Apple has to say about the Safari 3 BETA:

    IMPORTANT NOTE: THIS IS “BETA”, PRE-RELEASE, TIME-LIMITED SOFTWARE MEANT FOR EVALUATION AND DEVELOPMENT PURPOSES ONLY. THIS SOFTWARE SHOULD NOT BE USED IN A COMMERCIAL OPERATING ENVIRONMENT OR WITH IMPORTANT DATA. BEFORE INSTALLING THIS APPLE SOFTWARE, YOU SHOULD BACK UP ALL OF YOUR DATA AND REGULARLY BACK UP DATA WHILE USING THIS APPLE SOFTWARE.
    SOFTWARE LICENSE AGREEMENT FOR SAFARI
    BETA VERSION

    Get a freaking life people. There are bugs in beta software. SURPRISE!

  21. Falconfire says:

    Oh and Im not saying that Apples not at fault here, Safari quite frankly sucks, there are better browsers out there like Camino and Firefox. The only reason Safari even exists is because Microsoft stopped supporting Apple with its browser so Apple made their own.

    But still Im tired of a fucking beta application being used to push some douchbags Anti-Apple agenda. Especially one who has repeatedly been shown by the security community to have ulterior motives (IE they traced money from Microsoft to him)

  22. ValkRaider says:

    @Kryndis

    It’s downright irresponsible for Apple to not give a full disclosure of what “beta” means in terms of this product on the download page.

    You mean like this?

    IMPORTANT NOTE: THIS IS “BETA”, PRE-RELEASE, TIME-LIMITED SOFTWARE MEANT FOR EVALUATION AND DEVELOPMENT PURPOSES ONLY. THIS SOFTWARE SHOULD NOT BE USED IN A COMMERCIAL OPERATING ENVIRONMENT OR WITH IMPORTANT DATA. BEFORE INSTALLING THIS APPLE SOFTWARE, YOU SHOULD BACK UP ALL OF YOUR DATA AND REGULARLY BACK UP DATA WHILE USING THIS APPLE SOFTWARE.

    Again, they should not be touting security features unless the browser is actually secure, at least not without a caveat in bold type about the beta status.

    A caveat? You mean something like this?

    IMPORTANT NOTE: THIS IS “BETA”, PRE-RELEASE, TIME-LIMITED SOFTWARE MEANT FOR EVALUATION AND DEVELOPMENT PURPOSES ONLY. THIS SOFTWARE SHOULD NOT BE USED IN A COMMERCIAL OPERATING ENVIRONMENT OR WITH IMPORTANT DATA. BEFORE INSTALLING THIS APPLE SOFTWARE, YOU SHOULD BACK UP ALL OF YOUR DATA AND REGULARLY BACK UP DATA WHILE USING THIS APPLE SOFTWARE.

    But I guess your problem is that it was not in “bold type” – ALL-CAPS was not enough for you…

    Any responsible company would have either yanked the download or issued an immediate patch for a bug of this severity. The fact that all they’ve done is remain silent speaks volumes about their attitude toward security. Basically it means one of three things: Either they don’t know if the exploit is real, they don’t care if it’s real, or they’ve confirmed it but it’s so bad they can’t fix it quickly and they’re hoping the story will die while they quietly release a new version. None of these situations is even slightly acceptable.

    Christ on a cracker.

    Do you have any idea how much code is involved, how many variables there are, and what the hell the purpose of BETA software actually is?

    1. It has been 2 goddamn days. Some people can’t even program a VCR in two days.

    2. The whole purpose of this beta – IS EXACTLY TO FIND BUGS LIKE THIS. They will take these reports, verify them, and then fix them. They might be fixed in the next BETA release or they might not be fixed until a full release. Either way there is no expectation that the product be pulled, or fixed, or relaunched.

    Why is none of that acceptible? You are free to use other browsers and never touch Safari 3 BETA. On Mac OSX there is Safari 2, Camino, Firefox, Opera, OmniWeb, iCab, Netscape, and Shiira. Probably more that I have missed too… On Windows there is IE, Firefox, Opera, and I am sure other browsers as well. No one is making you use a BETA product.

  23. ValkRaider says:

    @hudsong:
    The reason they are releasing Safari for Windows is so that people on Windows will be able to develop “apps” for the iPhone.

  24. junkmail says:

    So umm… is the OSX version beta too?

  25. 302079 says:

    @junkmail:

    Yes, it is. At least the new, buggy one is. There are older versions of Safari for OSX that are not beta, that don’t suffer from these bugs. That’s why I’m using the older version of Safari and stearing clear of the beta.

  26. zentec says:

    @Kryndis:

    You are hereby corrected, the exploit affects Windows only.

    Look people, have any of you read the details of the “zero day two hour” exploit? It’s serious because it is an input validation error and violates one of the basic tenets of client/server programming — “thou shalt not trust the other end”. Apple should have had this one under control.

    However, that particular exploit requires the assistance of Firefox in order to make it work. And since every other security researcher out there is whacking on the same validation bugs, it’s pretty clear that the 18 flaws will most likely be cleaned up in a few spots.

  27. cde says:

    @junkmail: Look at the picture. See the 3? So yes, Safari 3 for mac is also in beta.

  28. Trai_Dep says:

    It’s funny that Windows users – you know the Damn It I Want To Command Line EVERYTHING Cuz I’m SO 3lleet – don’t know Beta.

  29. Kryndis says:

    @ValkRaider:
    You mean like this?

    I don’t see that note anywhere on the download page. I went all the way to starting the download and never saw it. Does it only display on install? Wait, I just found it. All I had to do was click on the tiny link to the license agreement full of fine text. You think that’s full disclosure? Seriously? Give me a break.

    Do you have any idea how much code is involved, how many variables there are, and what the hell the purpose of BETA software actually is?

    I’m a computer programmer so yes, yes, and yes. No comment is totally unacceptable no matter how complex the problem is. At this point they have had more than enough time to, at the very least, confirm or deny the exploit exists and, if it’s as serious as claimed to be, yank the download. Beta should never mean you intentionally continue putting customers’ computers at risk after you have been made aware of a severe bug.

    1. It has been 2 goddamn days. Some people can’t even program a VCR in two days.

    What does that have to do with anything? Are those the same people programming for Apple? It would certainly explain the delay.

    2. The whole purpose of this beta – IS EXACTLY TO FIND BUGS LIKE THIS. They will take these reports, verify them, and then fix them. They might be fixed in the next BETA release or they might not be fixed until a full release. Either way there is no expectation that the product be pulled, or fixed, or relaunched.

    BS. A bug like this should have never made it through internal testing, especially if it applies to a non-beta version for another OS. This is a company trying to bill themselves as the more secure alternative and yet they leave a download up with a known massive security flaw and not so much as a note of warning to that effect. I say again, that’s irresponsible.

    Of course no one is making anyone use the product. That’s completely beside the point. The point is that there should at least be disclosure of this kind of flaw, even with a beta. Otherwise how are they any better than anyone else?

  30. Kryndis says:

    @zentec:

    Fair enough. I stand by my statement (and you seem to support it as well) that this should not have made it past internal testing, however. Nor should the download remain up with no note of a serious known security flaw. This is not the way a company that is trying to present itself as more dedicated to security than the competition should act.

  31. Havok154 says:

    Enough with the beta BS. Every company knows that when they put out a public beta, that it should be nearly indicative of the final version. The major and obvious bugs should be fixed by this point and the less dramatic bugs should be the only ones left. This is just an unfinished product that should still be in internal testing only. It is in no way ready for a public release of any type.

  32. JTres says:

    So because Google and other companies use BETA to signify an actually finished product, Apple must change their definition too?

    “Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers…”

    Ha hahahah ha ha ha hahhha hahaha hahaha haha!!!11! Now they reveal their true colors. These are obviously PC fanbois!

  33. tedyc03 says:

    I really think everyone ought to calm themselves down. Really now.

    I think it’s impossible to write a browser that would be impervious to attack…essentially what a browser does is it allows code, written by someone else, to be executed on your computer. Javascript, ActiveX, etc. are all scripts or programs that are executed on your computer. Maybe in the future someone will figure out how to completely sandbox a browser…but so far, no go.

    Ultimately, the presence of bugs is not surprising to me. In programming, it is impossible to write the perfect program. As long as human beings write programs, they will be fraught with security holes; the true mark of a company’s strength is not whether or not they write software that is 100% bug-free but how they respond when a bug is discovered.

    And that is why I am most concerned about their “no comment.”

  34. Crazytree says:

    @Kryndis: Apple fanboys are the internet’s Creationists.

  35. Crazytree says:

    “The World’s Best Browser”?

  36. quail says:

    “Can’t we all just get along?”
    (ROTFL)

  37. informer says:

    What kind of OS lets a browser glitch “Take Complete Control Of The PC “?

  38. Ahem… I just hate to point this factor out considering how many people are scorning it as another horribly ported Apple-to-PC piece of software (in which Quicktime and iTunes still needs to be fixed up abit…), but I just have to point this specific little four letter word out…

    B
    E
    T
    A

  39. @LatherRinseRepeat: Heh, I just noticed that. Right you are, sir.

  40. @Crazytree: I think I got what you meant by that, but allow me to ask you just what is worse… a Microsoft fanboy, or an Apple fanboy? Mind you that you can talk some sense into the latter…

  41. veronykah says:

    Is this really the first browser for Windows that has had some MAJOR security issues?
    Don’t they all?
    Why is this news, just because its an apple browser?

  42. zl9600 says:

    Gawker trolls for traffic constantly by posting stuff like this. And then people who cheer for Walt Mossberg to have “the cojones” to hand it to the iPhone when they haven’t even seen the thing just smacks of this pathetic, silly energy-burning over some stupid products from a company just because they may outshine yours or make you look less than a 10″ dicked stud for using products from another company.

    Sadly, consumerist has fed this with the stuff about the iphone (horrors! it’s only this, this and this! discuss!), the ipod (teenager tests next to pacemaker and thousands near death saved by zune! discuss!), and now this (beta software crashes, catching “pros” who don’t like to read fine print off-guard! gasp! discuss!)

    Please. I come here for good tips, dirt on misdeeds, tricks to get around shit. And Apple, like any company might have some crap that you need to call em on the carpet on. But feeding this shit is nothing more than trolling for page views, as is the original post from the questionable tester in the first place.

    meh.

  43. quiksilver says:

    BETA Software…

    You’re not required to install it, it’s there to be tested. HENCE THE BETA PART OF IT.

  44. Xkeeper says:

    Everyone who uses “lol, it’s a beta!” as an excuse needs to be shot.

    Nobody else should expect beta software to allow your PC to be completely hijacked. That should’ve been wiped out much earlier than a public release regardless of what it is.

    When you’re a big name, “beta release” turns into “public testing”. You should definitely have a lot of in-house testing to iron out all the gigantic holes found.

    When your software ends up taking control of PCs within days of release, you have a serious problem. Refusing to comment about it only makes it worse.

    “Beta” denotes a “mostly finished, just going though some light bugtesting/feature additon stage”, usually. G-Mail is still in beta because it doesn’t always quite work and there are still features being added somewhat regularly. While I do think the “Beta” tag is overused…

    With how it’s used now, though, “beta” becomes “mostly complete software, ready for constant use, just keep a backup handy in case you need to use something else”.


    In the end, the #1 point that matters, is that Apple refuses to comment on, release a patch for, or remove the download due to these massive security exploits. No matter what argument, no matter what bullshit you come up with, this point will utterly fucking destroy.

    There is no excuse for this, and there never has been, and there never will be.

  45. tcp100 says:

    Beta notwithstanding, all the apple folks would be tearing Microsoft apart as such problems being “typical microsoft” even if MS put out a product labeled as Beta.

    The problem people have with Mac folks has nothing to do with the products; it’s the neverending attitude of superiority and the absolute lack of anyone willing to accept that anything that comes from His Steveness is not perfect.

    OSX, innately, is NOT more secure than Windows because Apple “cares more about security” and MS “doesn’t give a shit” like so many of you fanboys would like to boil it down to. MS’s stuff is vastly more widely used and on a more variegated system base – and therefore cannot be as easily secured. Argue all you want, but there’s 25 years of history in that which is a lot more than just the whim of a few guys at MS being “evil”.

    You guys also do understand that by claiming the whole BETA BETA BETA thing, that must mean that when it’s out of beta, these kinds of things will be few and far between right? Like the lack of exploits in Firefox or Opera? Oh, wait..

    Get over it people. It’s a computer. That’s it. The fact that you use a Mac doesn’t make you a better person, and EVERY piece of software has bugs and security holes, and always will.

    Oh, and to the “I’ve never had a virus on OS X” guy.. I haven’t had a virus on DOS/Windows since 1987, and if I do get one, it’s because people actually do write viruses targeting Windows. Virus writers don’t give a damn about OS X, because it’s installed on 1/10th as many machines, and won’t make their point. Get it?

  46. shoegazer says:

    Ah the sweet smell of fanboys in heat. The best browser in the world is the one YOU’RE using.

    You know it’s true.

  47. SexCpotatoes says:

    @zl9600: Suprise, suprise! Blogs are to make advertising money. Next, you’ll be bitching because all the internet is, is “page-views.”

  48. lizzybee says:

    @delphi_ote: I like the Japanese version of the ad better:

    [www.youtube.com]

  49. lemur says:

    @Papa Midnight: No, you can’t talk sense into Apple fanboys. Crazytree is totally correct to state that Apple fanboys are the internet’s Creationists. I prefer to put it a bit differently: Apple fanboys are the internet’s conspiracy theorists.

    Let’s take for instance the idea of UFOs at Roswell. Conspiracy theorists (of a particular kind) take as axiomatic the proposition “UFOs crashed at Roswell”. All evidence that would threaten this axiom is then interpreted as to protect this axiom. For instance, if an opponent points out that the government denied that UFOs crashed at Roswell, the theorist replies that the government is lying. If a USAF officer has claimed in the past that he has seen the wreck of the UFO crash at Roswell but then disavows his earlier claims, the conspiracy theorists will reply that the officer must be under government pressure to recant. And so on and so forth… At any rate, all evidence is processed as to make their basic axiom unassailable.

    Same with Apple fanboys. There’s a full set of axioms that they cherish: “OSX is inherently and significantly more secure than Windows”, “Apple is the bestest company on the face of the Earth”, “Apple is always the innovator and everybody else is just copying them”, etc. Whatever evidence comes that should cause a reevaluation of these axioms is interpreted to instead protect the axioms. So if Apple releases software with gaping security holes, Apple is excused because it is a “beta”. If someone points out security holes in OSX, that person must be an evil Microsoft lackey. And so on and so forth…

    In either case, it’s pointless to attempt discussion.

  50. anatak says:

    Thanks, Apple. Proving once again, its not about security, but rather scrutiny.

  51. Christ, leave Gizmodo and you STILL get a page full of raving jackass apple fanboys.

    Beta means product is still in the testing phase, but it is only A SINGLE step away from a full public (Alpha) release.

    If your product is fundamentally unstable at the time of Beta release, you’ve made a big fucking mistake. PERIOD. NO QUESTION. It’s the same for Microsoft products at the time of Beta – all computer companies should be treated equally for equally poor work. No excuses.

    So quit writing out the fucking goddamn word “beta”, please!

  52. cde says:

    @Pope John Peeps II: BETA != Release Candidate. A beta is more then a single step away from stable release. Hence why you can see companies put out small revisions but still keep something in beta. And if we are the creationists, you guys are the nazi’s of the internet. You guys are worse then pedophiles on 4chan.

  53. ExecutorElassus says:

    @Pope John Peeps II: you’re backwards. got back and read that wiki article about software lifecycles. Alpha comes BEFORE Beta. you might be thinking to the RC stage.

    and @tcp100: you think apple fanboys are arrogant elitists? lemme open up a can of my wicked-|33t custom-compiled all-beta gentoo box on your ass. and i can’t even step to those *BSD people.

  54. Falconfire says:

    @cde: Hey I take offense to that comment.

    Saying their are pedophiles on 4chan gives pedophiles a bad name…

  55. dmc says:

    Well, everybody can just STFU now because Apple patched it this morning.

    [www.macworld.com]

  56. mac-phisto says:

    i must be missing something here. why in god’s name would someone intentionally download safari onto a PC? glutton for punishment? well, IE really sucks, so let me replace it with another shitty browser.

  57. larry_y says:

    When did this place become Slashdot?

  58. elf6c says:

    I will take raving Mac fan boys for a thousand Alex.

  59. zentec says:

    @Kryndis:

    Okay, I’m wrong. I hereby correct myself correcting you.

    This morning I read that the input validation problem is known to exist on OS X as deep as the current public release. The exploitation of that problem didn’t appear to rely on pushing data into the program stack, so it seems to me that PowerPC and Intel platforms are at risk.

    I agree with you on all the points. I think the reason Apple didn’t take it down is because they released Safari on Windows so people could develop applications for the iPhone. While I’m sure Jobs would love to see people make it their browser on Windows, that just isn’t going to happen and I’m sure he’s aware of it. What he does need however, is people to be ready to kick out applications for the iPhone and they need Safari on Windows to make that happen.

    Is it responsible? In my opinion, they could do better. And certainly they could do better in making sure these errors don’t get released. I think the problem with Safari is being magnified by every security “researcher” looking for their name in print as opposed to objectively looking at the problem and the exploit.

  60. B says:

    This wouldn’t have happened if they used a credit union.

  61. bougatsa says:

    @Papa Midnight: “what is worse… a Microsoft fanboy, or an Apple fanboy? Mind you that you can talk some sense into the latter…”

    WRONG! If that were true, there would not be a single-word counter argument. You all look like kids with your fingers in your ears while repeatedly screaming “Beta! Beta!”

    As for ‘Microsoft Fanboys’, they are the first to give hell when Microsoft screws up and don’t deny their products have problems and or that things should be designed differently. Furthermore, there are many websites and forums dedicated to that and they also try to lobby for change. Does that exist with Apple fanboys? No, they just silently bitch about it and accept it because the Creator works in mysterious ways.

    @Crazytree, you nailed it perfectly!

  62. tcp100 says:

    @ExecutorElassus: Man, I NEVER said the individual linux distro / BSD nuts weren’t as bad. They are – they just usually confine themselves to slashdot.

    ANY zealot really needs to go and check what their life is all about. I’ll give you a hint: the brand of computer / type of OS / browser you use should probably be the bottom 10 criteria of defining yourself, not the top 3.

  63. tcp100 says:

    @dmc: “Well, everybody can just STFU now because Apple patched it this morning.”

    Whew, good to know. Hey, I guess all the Apple guys will then STFU about Microsoft too, right? I mean they release patches..

    I think the point here that is being missed is that Apple, like Oracle’s “UNBREAKABLE” ad sets themselves up for this kind of scrutiny by their arrogance and their supporters’ claims of infallibility.

  64. bougatsa says:

    @tcp100: I think the point here that is being missed is that Apple, like Oracle’s “UNBREAKABLE” ad sets themselves up for this kind of scrutiny by their arrogance and their supporters’ claims of infallibility.

    Well put, especially the last four words.

  65. rmz says:

    If you’re not using a text browser, you’re not hardcore enough.

  66. zl9600 says:

    @SexCpotatoes: Nice job of getting my point.

  67. shdwsclan says:

    HAHAH

    The best browser….yeah right….they should get sued…..

    It crashes on mac constantly…ebay to safari is like water to the evil witch of the west….

    I assume it crashes even more on windows…..
    I never even heard of safari for windows….

    I use firefox on all three oses…