Apple Updates Safari for Improved SSL Authentication

← Back to Stories (view on slashdot.org)

Apple Updates Safari for Improved SSL Authentication

Posted by pudge on Thursday May 15, 2003 @08:48AM from the i-am-gonna-take-you-surfin-with-me dept.

An anonymous reader writes "Safari upate is available from Apple on Software Update. This updates to Safari 1.0 Beta 2 (v74)." Says Apple, "This update is recommended for all Safari users and improves how Safari validates the authenticity of websites that use SSL certificates."

7 of 61 comments (clear)

Thanks /.! by MikeXpop · 2003-05-15 08:51 · Score: 5, Funny

There's nothing like seeing "2 minutes remaining" turning into "20 minutes remaining" that brings a smile to my face.

--
Etiquette is etiquette. He kills his mother but he can't wear grey trousers.
At least Apple is up on these things... by MrTangent · 2003-05-15 08:53 · Score: 5, Insightful

Microsoft seems to twiddle their thumbs when security issues are found. Apple has been pretty good with security issues, even in their beta software like Safari.
1. Re:At least Apple is up on these things... by sabNetwork · 2003-05-15 10:33 · Score: 5, Informative
  
  Exactly. I use WinXP Pro, and these security updates are SCARY. The security holes which Apple patches are usually innocuous, minor bugs which would require significant effort to exploit. On the other hand, 75% of Microsoft's WinXP patches are described as "... allows attacker to gain control of computer, access to an administration account..."
2. Re:At least Apple is up on these things... by Smurf · 2003-05-15 16:17 · Score: 5, Insightful
  
  Let's see. The original post from MrTangent says:
  Microsoft seems to twiddle their thumbs when security issues are found. Apple has been pretty good with security issues, even in their beta software like Safari.
  His second post says:
  However, it's refreshing that Apple doesn't release security updates every week like Microsoft. That shows that their products are generally more secure.
  I don't see why you imply that he said:
  "It's good that Apple releases more security updates than Microsoft."
  Therefore I don't see the "whoosh". The first post says that Apple's security bug fixes are fast. The second one, that they are not needed as frequently as for Windows. Those are two separate but non-exclusive ideas. You may not agree with him, but he doesn't contradict himself.
Re:Whoo hoo! by Virus1984 · 2003-05-15 09:38 · Score: 5, Insightful

Actually for the fraction of users who load apple.slashdot.org this is "stuff that matters". It's a section meant to be read by Mac users (read: potential Safari users)...see ?

--
Don't forget to think different.
What this update fixes by aberkvam · 2003-05-15 10:42 · Score: 5, Informative

One May 9, Secunia released an advisory entitled Apple Safari and Konqueror Embedded Common Name Verification Vulnerability. The summary is, "Apple Safari and Konqueror Embedded fails to validate the Common Name of a SSL certificate. This makes it possible to spoof SSL sites, so that users can't trust the authenticity of a SSL website." They also add, "NOTE: This does not affect the ordinary version of Konqueror."
Now if I could just stop my manager... by rubicon7 · 2003-05-15 15:54 · Score: 5, Funny

...from using the term authentification.

--
--- We are not in the 8th dimension. We are over New Jersey.