Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari 3.1 For Windows Violates Its Own EULA, Vulnerable To Hacks

Posted by Zonk on from the you-have-chosen-poorly dept.

recoiledsnake writes "The new Safari 3.1 for Windows has been hit with two 'highly critical'(as rated by Secunia) vulnerabilities that can result in execution of arbitrary code. The first is due to an improper handling of the buffer for long filenames of files being downloaded, and the second can result in successful spoofing of websites and phishing. This comes close on the heels of criticism of Apple for offering Safari as a update for approximately 500 million users of iTunes on Windows by default, and reports of crashes. There are currently no patches or workarounds available except the advice to stay clear of 'untrusted' sites." Further, Wormfan writes "The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs." Update: 03/27 17:23 GMT by Z : Dave Schroeder writes with the note that the license has been updated to correct this mistake.

20 of 368 comments (clear)

  1. It has begun... by muffen · · Score: 4, Funny

    Guess this article was right!

    1. Re:It has begun... by Divebus · · Score: 5, Funny

      "The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs." Damn! Now, where did I put those Apple stickers?
      --

      Most of the stuff on /. won't survive first contact with facts.
    2. Re:It has begun... by grahamd0 · · Score: 5, Funny

      If Safari becomes the default browser on these systems, you end up with critical vulnerabilities in a browser installed on non-tech-savvy individuals' computers.

      Good god, man! We've got to get them back on Internet Explorer!

    3. Re:It has begun... by bpsbr_ernie · · Score: 3, Funny

      I was thinking the same thing. Perhaps, they will push OSX out in the next iTunes update.

    4. Re:It has begun... by swb · · Score: 3, Funny

      When the very first Blue & White PowerMacs came out, the print studio at the ad agency I worked for was totally pumped for their machines -- they had been sucking it up using beige G3s and even older PPC Macs.

      Since my job was prepping the machines for install in the studio, I decided to pimp the studio people by putting an "Intel Inside" logo over the Apple logo; of course the machine was for the Mac zealot in the group who was super pissed that the logo was there and that he couldn't figure out how to remove it.

      I caught hell for doing it, primarily because it took major surgery and a ton of time to put the stupid thing in there and I didn't get some other tasks accomplished.

    5. Re:It has begun... by erc · · Score: 4, Funny

      I used to work for Sun back in the early 90's, when Linux was first getting off the ground. We had finally gotten X to run under Linux, and so I figured I'd see what it would do on a 386SX/25 laptop with 16MB of RAM. It was pretty slow, but as long as I wasn't doing anything it was fine. When the screensaver kicked in, I saw the traditional Sun logo, and that gave me an idea for a prank.

      I went down to engineering and got one of the old metal Sun logos, the ones that used to be on the front of Sun-2 boxes, and put it over the logo of the laptop, fired it up in my office, and waited for the first victim to wander by. A while later, one of the senior software developers walked into my office to ask me something, and spied the laptop with the Sun logo and the screensaver running with the Sun logo on it. "How'd you get a Sparc laptop? I didn't think they were in production yet!" I have lots of friends ... [chuckle]...

      It didn't take long for the prank to be found out, but it sure was fun for a while... :)

      Reminds me of the time that I got Wine running under A/UX (Apple's version of UNIX, SVR4 flavor) - I was working for Apple at the time, and it was fun to see people's faces when they'd come by and see the Windows logo on the screen on what was obviously a Mac, but that's a story for another time. Sure was a fair bit of work, but it worth the prank value... :)

      --
      -- Ed Carp, N7EKG erc@pobox.com PGP KeyID: 0x0BD32C9B What I'm up to: http://intuitives.mine.nu
    6. Re:It has begun... by mrbluze · · Score: 5, Funny

      Anyways, going back to the article, I think the EULA is just a mistake and believe they will correct it. It does however bring up a valid point about the usefulness and legalities around EULA's.

      Any EULA is basically saying:

      • This software is mine, so piss off!
      • If you use it, it's your stupid fault, so piss off!
      • You can't sue me but I can sue you, so piss off!
      • Oh, and by the way, piss off!
      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    7. Re:It has begun... by flosofl · · Score: 4, Funny

      I had two, and I put them on a large stone block and my printer. Anyone know how to install safari on a printer?
      No, but I did manage to get it installed on a medium stone block. I'm sure the steps I used can be scaled up to your large one. Page renders are very crisp, but refresh takes forever.
      --
      "This calls for a very special blend of psychology and extreme violence" - Vyvyan "The Young Ones"
  2. Acidity by n3tcat · · Score: 5, Funny

    So Acid 4 will include security tests too now, right?

    1. Re:Acidity by MooseMuffin · · Score: 5, Funny

      Yes. You pass if the website renders correctly. You fail if the website owns your machine.

  3. I wonder... by Fenice · · Score: 5, Funny

    ...if Apple can sue itself for proposing illegal installs of safari on windows?

  4. Re:It was bound to happen by mwvdlee · · Score: 3, Funny

    Only if the firstborn is female, and you don't need to send any for the first 18 years.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  5. Fine by me by asc99c · · Score: 5, Funny

    My iPod came with a big Apple sticker which for some reason I did stick on my PC. Guess I'm OK to use Safari then.

  6. Switch? by blankoboy · · Score: 3, Funny
    Sheesh, I'm on the verge of finally switching from Microsoft to Apple (just been waiting on the new rev of the Mac Mini to appear) and they go and pull the funny business of trying to slip Safari on to Windows desktops that use Itunes. On top of that there is now this report of the security flaws found in Safari. So now Apple is carelessly pushing a security risk browser onto unsuspecting client PC's. This is really underhanded and has be getting cold feet. Ubuntu perhaps....then?

    Apple, these sort of tactics really are not necessary. Don't take the low road please...you can win it by going on the high way.

  7. Profit? by crt · · Score: 5, Funny

    Step 1: Install Safari on millions of unsuspecting Windows PCs
    Step 2: Sue non-Mac owning PC users for violating EULA
    Step 3: ???

  8. Yet more proof by an.echte.trilingue · · Score: 5, Funny

    Yes. You pass if the website renders correctly. You fail if the website owns your machine. Yet another "standards" test designed to make IE fail. This is just more proof that the W3 has it out for Microsoft.
    --
    weirdest thing I ever saw: scientology advertising on slashdot.
  9. Re:You keep saying that word.... by Daimanta · · Score: 4, Funny

    I am a naturalist and I don't wear any clothes you insensitive clod!!

    --
    Knowledge is power. Knowledge shared is power lost.
  10. Nobody reads them by Zelos · · Score: 3, Funny

    Proof that nobody reads EULA, not even the people that write them?

    More likely, some tired programmer just copied the string resource across from another project without checking it.

  11. Found 'em by GameboyRMH · · Score: 3, Funny

    They're all over the place:

    - Stuck to the back glass of pickups
    - Stuck to the back glass of poorly maintained econo-cars
    - Stuck to teenage girls' bedroom/dorm doors
    - Stuck to teenage girls' binders and backpacks

    Good luck getting them back...

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  12. Re:You keep saying that word.... by gstoddart · · Score: 3, Funny

    I am a naturalist and I don't wear any clothes you insensitive clod!!

    Chill, don't get your knickers in a twist.

    Err ... wait. :-P

    Cheers
    --
    Lost at C:>. Found at C.