If you are a Mac user, and fancy Safari as your default internet browser, you are going to want to pay attention to this one. A bug found in Safari’s AutoFill feature can allow a malicious website to gather personal information from a users address book card — more specifically: first name, last name, work place, city, state, and email address. There is a published proof of concept exploit for the bug that can be found here. We suggest Safari users navigate to: Preferences > Auto-fill, and uncheck “Use info from my Address Book card” until Apple sorts this one out. Hit up the read link for more details. More →
For the first time since the browser’s inception, Google’s Chrome has overtaken Apple’s Safari in percentage of U.S. market share. Web analytics company StatCounter reports Chrome grabbed 8.97% of U.S. market share while Safari had 8.88% for the week beginning on June 21st. For some time now, Chrome (~ 9% globally) has bested Safari (~ 4% globally); however, as we’re sure Google will tell you, it is nice to win on your home turf. We’ve got the full press release queued up for you after the break. More →
Goatse Security, the firm who blew the lid off of an exploit that allowed the names and email addresses of over 114,000 iPad owners to be farmed, is speaking out. In a blog post, Goastse team member Escher Auernheimer writes:
I released a semantic integer overflow exploit for Safari through Goatse Security in March– it was patched on Apple’s desktop Safari but has yet to be patched on the iPad. This bug we crafted allows the viewer of a webpage to become a proxy (behind corporate and government firewalls!) for spamming, exploit payloads, password bruteforce attacks and other undesirables. The kicker is that this attack cannot be detected by any current IDS/IPS system. We released this in March, mind you, and Apple still hasn’t got around to patching this on the iPad! I know through personal experience that the patch time for an iPad vulnerability is over two months and counting. Given that, the number of parties which probably have active iPad exploits likely numbers in the hundreds, if not the thousands. The iPad simply is not a safe platform for those that require a secure environment.
And it doesn’t stop there. Addressing some of the verbiage in AT&T’s apology letter, Auernheimer goes onto say:
AT&T had plenty of time to inform the public before our disclosure. It was not done. Post-patch, disclosure should be immediate– within the hour. Days afterward is not acceptable. [...] AT&T says the person responsible for this went “to great efforts”. I’ll tell you this, the finder of the AT&T email leak spent just over a single hour of labor total (not counting the time the script ran with no human intervention) to scrape the 114,000 emails. If you see this as “great efforts”, so be it.
Auernheimer closes with: “We love America and the idea of the Russians or Chinese being able to subvert American infrastructure is a nightmare. We understand that good deeds many times go punished, and AT&T is trying to crucify us over this. [...] We did the right thing, and I will stand by the actions of my team and protect the finder of this bug no matter what the cost.” Amen, Escher, Amen. Your move Apple/AT&T. More →
Hot on the heels of 2010′s WWDC keynote, Apple has announced an update to its Safari web browser. The code update, simply titled Safari 5, boasts, “a 30 percent performance increase over Safari 4,” according to the company’s press release. At time of publishing, Apple had yet to update their official Safari page (www.apple.com/safari) with the updated download information, but we’ve got the full PR Newswire release for you after the bounce. More →
[Via TUAW] More →
Having long reigned as the king of the browser world, Internet Explorer continued its downward slide in April as its market share fell to a ten-year low. Market share for the Windows-based browser dropped 0.7 percent in April. to 59.95%. Despite its unhealthy losses, Internet Explorer still remains the dominant browser with double the market share of its closes competitor, Firerfox, which made a modest gain of 0.07% to finish the month at 24.59%. While IE stumbled, Chrome was on the upswing, grabbing 0.6 more percentage points to capture an overall market share of 6.73%. Apple’s Safari made a 0.07% gain at the expense of Opera which lost 0.07%. Next month’s figures should prove to be interesting as they may reveal whether the precipitous drop is the result of the EU’s mandatory browser ballot, now in full swing, or merely a bad month for Microsoft.
[via Ars Technica] More →
The battle between HTML 5 and Flash wages on with the discovery of an interesting report comparing the CPU usage of HTML 5 and Flash on both Mac and Windows platform. In the midst of all the smack talk about Flash, Flash was presumed to be a CPU hog that chokes your system to the point of death. A series of measurements performed by video compression guru Jan Ozer reveals that Flash may not be as much of a CPU killer as previously thought and that, in some cases, HTML 5 is the culprit that causes CPU overload. Ozer tested HTML 5 and Flash on a Mac using Safari, Chrome and Firefox and on a Windows machine using Safari, Chrome, Firefox and Internet Explorer.
The results show that Flash CPU utilization is much higher on a Mac with Flash 10.1 gobbling up 32.07 CPU % points when using Safari, 42.07 when using Firefox and a whopping 49.79 when using Chrome. Flash 10.1 was much gentler on the Windows machine with CPU utilization topping out a reasonable 14.63 CPU % points when using IE and dropping as low as 6% when using Firefox. HTML 5 results were all over the chart with HTML 5 consuming a mere 12.39 CPU % points in Safari, presumably due to the built-in H.264 decoding found in the Apple browser, while at the same time, chomping down a staggering 49.89 in the Mac version of Chrome. The Windows platform fared a bit better with Chrome using 25.66% CPU points when rendering HTML 5 content. In the end, Flash is markedly better on Windows (which we already knew) and HTML 5 shines in the Safari for the Mac but why is there such a disparity between the two platforms? Hit the jump to find out. More →
Browser market share data for January 2010 has hit the streets, and it looks like Google’s Chrome and Apple’s Safari have gained a little — and we do mean a little — ground. Chrome posted a 5.2% hold of market share in January, up from 4.6% in December of 2009. Apple’s Safari came in with a 4.51% share, up from 4.46% the previous month. Firefox and Internet Explorer both lost a tiny bit of ground in January; IE 62.2% which is down from 62.69%, Firefox 24.41% down from 24.62%. Opera was lumped into “other” on our chart, but registered 2.38% of the browser pie. Per usual, IE and FF still dominate the browser landscape with over 86% of market share. Anyone out there switch browsers recently? If so, which browser did you move to?
[Via ZDNet] More →
Google’s Chrome browser has only been on the market for 16 months, but it has already taken a good share of the market and beat out Safari for the number three spot. Safari, for the first time ever, is now ranked fourth. By the end of December, Chrome was up at 4.63% market share whereas Safari fell to about 4.46%. Of course, the big boost likely came from the fact that Chrome Beta became officially available for Mac and Linux. Top dogs are still Mozilla Firefox and Microsoft Internet Explorer, with IE8 still at the top but failing to see any real growth. So tell us, what browser are you currently using and why (speed, extensions, apps, etc)? More →
Is Safari beginning to eat away at your patience? Firefox for Mac crashing and burning every time you’re in the middle of some important task? Well, you might want to give Google Chrome for Mac a shot now that it’s officially available for download. announced yesterday, it promises a lot of speed and efficiency, and if you’re a fan of all things Google, your digital life will be complete. Of course, it’s still in beta so it might be pretty rough around the edges and extensions are pretty limited, but these things will be smoothed out over time. It’s also only available for OS X 10.5 or later. Hit the jump for a video demonstration of the new browser. More →
Our Apple tipster (who accurately predicted organizable iPhone homescreens in iTunes as well as integrated social networking components) is back at it again! This time we’ve been sent an image that we’re told is a “product mockup that may coincide with the launch of a revised Apple TV.” It seems a little far-fetched that this unit’s only purpose would be to control an Apple TV, and you can even see a Safari option on the mockup. To be honest, it looks like a touch screen iPod nano, just longer. We’re going to dig a little bit and see what we can find, but we figured we’d run this with a high dose of caution for informational purposes.
Lots of Google fans who are using Mac computers have been waiting for what feels like ages for Chrome. Well, it’s finally here. The only catch is that Google doesn’t recommend downloading it right now. Say what? That’s right, it’s still in very early stages and it’s actually not for general consumption just yet. So far, getting it installed is as simple as most Mac app installations are. The look mimics that of Safari 4 to keep the Apple feel, but reports are saying that some aspects of Chrome seem faster than Safari or Firefox 3. It’s available for download if you want to try it out, but pages like YouTube don’t work and editing settings is not entirely available, either. Just remember before you go crazy that it’s still in a pre-release stage and recommended for devs only.