Goatse Security: The iPad simply is not a safe platform for those that require a secure environment

June 15th at 8:58 AM

Goatse Security: The iPad simply is not a safe platform for those that require a secure environment

Screen shot 2010-06-15 at 7.53.59 AM

Goatse Security, the firm who blew the lid off of an exploit that allowed the names and email addresses of over 114,000 iPad owners to be farmed, is speaking out. In a blog post, Goastse team member Escher Auernheimer writes:

I released a semantic integer overflow exploit for Safari through Goatse Security in March– it was patched on Apple’s desktop Safari but has yet to be patched on the iPad. This bug we crafted allows the viewer of a webpage to become a proxy (behind corporate and government firewalls!) for spamming, exploit payloads, password bruteforce attacks and other undesirables. The kicker is that this attack cannot be detected by any current IDS/IPS system. We released this in March, mind you, and Apple still hasn’t got around to patching this on the iPad! I know through personal experience that the patch time for an iPad vulnerability is over two months and counting. Given that, the number of parties which probably have active iPad exploits likely numbers in the hundreds, if not the thousands. The iPad simply is not a safe platform for those that require a secure environment.

And it doesn’t stop there. Addressing some of the verbiage in AT&T’s apology letter, Auernheimer goes onto say:

AT&T had plenty of time to inform the public before our disclosure. It was not done. Post-patch, disclosure should be immediate– within the hour. Days afterward is not acceptable. […] AT&T says the person responsible for this went “to great efforts”. I’ll tell you this, the finder of the AT&T email leak spent just over a single hour of labor total (not counting the time the script ran with no human intervention) to scrape the 114,000 emails. If you see this as “great efforts”, so be it.

Auernheimer closes with: “We love America and the idea of the Russians or Chinese being able to subvert American infrastructure is a nightmare. We understand that good deeds many times go punished, and AT&T is trying to crucify us over this. […] We did the right thing, and I will stand by the actions of my team and protect the finder of this bug no matter what the cost.” Amen, Escher, Amen. Your move Apple/AT&T. More →

35 Comments

Apple releases Safari 5 into the wild

June 7th at 6:44 PM

Apple releases Safari 5 into the wild

SafariLogo

Hot on the heels of 2010’s WWDC keynote, Apple has announced an update to its Safari web browser. The code update, simply titled Safari 5, boasts, “a 30 percent performance increase over Safari 4,” according to the company’s press release. At time of publishing, Apple had yet to update their official Safari page (www.apple.com/safari) with the updated download information, but we’ve got the full PR Newswire release for you after the bounce. More →

27 Comments

Safari 5 to debut at WWDC?

June 6th at 6:34 AM

Safari 5 to debut at WWDC?

SafariLogo

According to French blog MacGeneration, Apple will unveil Safari 5 during Monday’s WWDC 2010 keynote. Not much is known about Safari 5, but according to a changelog that MacGeneration was able to get a hold of, the major new features brought forward will be Safari Reader, a 25% bump in JavaScript performance, option to make Bing the default search engine, 12+ new HTML5 features, developer tools, and hardware acceleration for Windows. There are also lot of enhancements alleged to be apart of the update, but for those we’ll have to ask you to hit the jump.

[Via TUAW] More →

36 Comments

Internet Explorer falters in the browser market, Chrome on the upswing

May 4th at 1:07 PM

Internet Explorer falters in the browser market, Chrome on the upswing

browser-market-share

Having long reigned as the king of the browser world, Internet Explorer continued its downward slide in April as its market share fell to a ten-year low. Market share for the Windows-based browser dropped 0.7 percent in April. to 59.95%. Despite its unhealthy losses, Internet Explorer still remains the dominant browser with double the market share of its closes competitor, Firerfox, which made a modest gain of 0.07% to finish the month at 24.59%. While IE stumbled, Chrome was on the upswing, grabbing 0.6 more percentage points to capture an overall market share of 6.73%. Apple’s Safari made a 0.07% gain at the expense of Opera which lost 0.07%. Next month’s figures should prove to be interesting as they may reveal whether the precipitous drop is the result of the EU’s mandatory browser ballot, now in full swing, or merely a bad month for Microsoft.

[via Ars Technica] More →

30 Comments

Does Adobe Flash actually outperform HTML 5?

March 11th at 2:01 PM

Does Adobe Flash actually outperform HTML 5?

adobe_flash_logo1

The battle between HTML 5 and Flash wages on with the discovery of an interesting report comparing the CPU usage of HTML 5 and Flash on both Mac and Windows platform. In the midst of all the smack talk about Flash, Flash was presumed to be a CPU hog that chokes your system to the point of death. A series of measurements performed by video compression guru Jan Ozer reveals that Flash may not be as much of a CPU killer as previously thought and that, in some cases, HTML 5 is the culprit that causes CPU overload. Ozer tested HTML 5 and Flash on a Mac using Safari, Chrome and Firefox and on a Windows machine using Safari, Chrome, Firefox and Internet Explorer.

The results show that Flash CPU utilization is much higher on a Mac with Flash 10.1 gobbling up 32.07 CPU % points when using Safari, 42.07 when using Firefox and a whopping 49.79 when using Chrome. Flash 10.1 was much gentler on the Windows machine with CPU utilization topping out a reasonable 14.63 CPU % points when using IE and dropping as low as 6% when using Firefox. HTML 5 results were all over the chart with HTML 5 consuming a mere 12.39 CPU % points in Safari, presumably due to the built-in H.264 decoding found in the Apple browser, while at the same time, chomping down a staggering 49.89 in the Mac version of Chrome. The Windows platform fared a bit better with Chrome using 25.66% CPU points when rendering HTML 5 content. In the end, Flash is markedly better on Windows (which we already knew) and HTML 5 shines in the Safari for the Mac but why is there such a disparity between the two platforms? Hit the jump to find out. More →

73 Comments

Jan. '10 Browser Market Share: Google Chrome at 5%, IE and Firefox still dominate

February 1st at 4:19 PM

Jan. '10 Browser Market Share: Google Chrome at 5%, IE and Firefox still dominate

Browser Share Jan 10

Browser market share data for January 2010 has hit the streets, and it looks like Google’s Chrome and Apple’s Safari have gained a little — and we do mean a little — ground. Chrome posted a 5.2% hold of market share in January, up from 4.6% in December of 2009. Apple’s Safari came in with a 4.51% share, up from 4.46% the previous month. Firefox and Internet Explorer both lost a tiny bit of ground in January; IE 62.2% which is down from 62.69%, Firefox 24.41% down from 24.62%. Opera was lumped into “other” on our chart, but registered 2.38% of the browser pie. Per usual, IE and FF still dominate the browser landscape with over 86% of market share. Anyone out there switch browsers recently? If so, which browser did you move to?

[Via ZDNet] More →

77 Comments

Firefox 3.6 now available, sheds its beta label

January 22nd at 4:02 PM

Firefox 3.6 now available, sheds its beta label

You either love it or hate it, and ever since Chrome and Safari upped their games, we’ve been getting a little burned out by Firefox. Hopefully that will all change now with version 3.6 — new and improved (fingers crossed) and beta label gone. It’s now more customizable with additional add-ons and extensions, and it also features something new called “Personas,” which allows you to change the look at theme of your browser if you feel so inclined. Firefox 3.6 also has improved Javascript support as well as better support for HTML5 video, perfect for YouTube addicts excited about the recent introduction of HTML5 vids. If you haven’t abandoned Firefox for Safari, Chrome or IE8, you can download Firefox 3.6 starting today. More →

34 Comments

Chrome browser climbs over Safari for No. 3 spot

January 2nd at 5:47 PM

Chrome browser climbs over Safari for No. 3 spot

Google’s Chrome browser has only been on the market for 16 months, but it has already taken a good share of the market and beat out Safari for the number three spot. Safari, for the first time ever, is now ranked fourth. By the end of December, Chrome was up at 4.63% market share whereas Safari fell to about 4.46%. Of course, the big boost likely came from the fact that Chrome Beta became officially available for Mac and Linux. Top dogs are still Mozilla Firefox and Microsoft Internet Explorer, with IE8 still at the top but failing to see any real growth. So tell us, what browser are you currently using and why (speed, extensions, apps, etc)? More →

134 Comments

Google Chrome Beta becomes official for Mac

December 9th at 9:12 AM

Google Chrome Beta becomes official for Mac

Is Safari beginning to eat away at your patience? Firefox for Mac crashing and burning every time you’re in the middle of some important task? Well, you might want to give Google Chrome for Mac a shot now that it’s officially available for download. announced yesterday, it promises a lot of speed and efficiency, and if you’re a fan of all things Google, your digital life will be complete. Of course, it’s still in beta so it might be pretty rough around the edges and extensions are pretty limited, but these things will be smoothed out over time. It’s also only available for OS X 10.5 or later. Hit the jump for a video demonstration of the new browser. More →

22 Comments

Apple working on a touchscreen remote for upcoming Apple TV?

September 29th at 7:49 AM

Apple working on a touchscreen remote for upcoming Apple TV?

AppleRemote

Our Apple tipster (who accurately predicted organizable iPhone homescreens in iTunes as well as integrated social networking components) is back at it again! This time we’ve been sent an image that we’re told is a “product mockup that may coincide with the launch of a revised Apple TV.” It seems a little far-fetched that this unit’s only purpose would be to control an Apple TV, and you can even see a Safari option on the mockup. To be honest, it looks like a touch screen iPod nano, just longer. We’re going to dig a little bit and see what we can find, but we figured we’d run this with a high dose of caution for informational purposes.

Thanks, Lindsey!

35 Comments

Google Chrome finally available for Mac, but not recommended for download

June 6th at 7:40 AM

Google Chrome finally available for Mac, but not recommended for download

Lots of Google fans who are using Mac computers have been waiting for what feels like ages for Chrome. Well, it’s finally here. The only catch is that Google doesn’t recommend downloading it right now. Say what? That’s right, it’s still in very early stages and it’s actually not for general consumption just yet. So far, getting it installed is as simple as most Mac app installations are. The look mimics that of Safari 4 to keep the Apple feel, but reports are saying that some aspects of Chrome seem faster than Safari or Firefox 3. It’s available for download if you want to try it out, but pages like YouTube don’t work and editing settings is not entirely available, either. Just remember before you go crazy that it’s still in a pre-release stage and recommended for devs only.

Read

3 Comments

Omni Group sees the light, frees up four OS X apps

February 25th at 3:47 PM

Omni Group sees the light, frees up four OS X apps

In the age of the internet, it seems like the surest way to prevent people from trying out your browser would be to charge for it. Charge for a web browser? Why would anyone pay for a browser when the big boys such as Firefox, Internet Explorer, Safari, Opera and Chrome — and even the little guys like Flock and Camino — are free? The Omni Group however, has been charging for OmniWeb since the dawn of time (ok, since 1995) and its business model must have some logic behind it as its browser still has a sizable niche user base. But alas… Times they are a-changin’ and now that everything on the interwebs is free, the Omni Group’s hand was apparently forced. As of yesterday, four OmniGroup apps have moved from pay to free distribution models: OmniWeb, a Mac-only web browser – the company’s most notable offering perhaps; OmniDazzle, a collection of visual effects; OmniDiskSweeper, a disk cleanup utility; and OmniObjectMeter, a memory management and repair utility for developers. With this move the Omni Group hopes to gain a slightly wider audience and as heralded as its software is by many current users, we don’t doubt that the unshackling of these apps will pay off in the long run.

[Via Cult of Mac]

Read

No Comments

Apple releases Safari 4 beta

February 24th at 9:40 AM

Apple releases Safari 4 beta

Apple has finally released its much anticipated Safari update this morning along with a host of performance upgrades and feature additions. Tagged Safari 4 beta, the new version is available as a download from the Apple site only for the time being and will not update automatically via the Apple Software Update system. In terms of notable enhancements, here are some highlights:

  • Top Sites (pictured above) – A graphical representation of your most frequently-visited websites with one-click launching
  • Cover Flow – Browse bookmarks and history with Apple’s Cover Flow UI
  • Full History Search – Keyword history search with Cover Flow UI
  • Tabs – Tabs now appear above the address bar
  • “Nitro Engine” – Lame name, solid performance — Safari now executes JavaScript 4.2 times faster
  • Windows Native Look – Safari 4 beta for Windows now adopts the look and feel of a standard Windows program

So who’s excited? Are any non-Safari users going to give it another try with this release?

Read

53 Comments