Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari 3.1 For Windows Violates Its Own EULA, Vulnerable To Hacks

Posted by Zonk on from the you-have-chosen-poorly dept.

recoiledsnake writes "The new Safari 3.1 for Windows has been hit with two 'highly critical'(as rated by Secunia) vulnerabilities that can result in execution of arbitrary code. The first is due to an improper handling of the buffer for long filenames of files being downloaded, and the second can result in successful spoofing of websites and phishing. This comes close on the heels of criticism of Apple for offering Safari as a update for approximately 500 million users of iTunes on Windows by default, and reports of crashes. There are currently no patches or workarounds available except the advice to stay clear of 'untrusted' sites." Further, Wormfan writes "The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs." Update: 03/27 17:23 GMT by Z : Dave Schroeder writes with the note that the license has been updated to correct this mistake.

13 of 368 comments (clear)

  1. It has begun... by muffen · · Score: 4, Funny

    Guess this article was right!

    1. Re:It has begun... by Divebus · · Score: 5, Funny

      "The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs." Damn! Now, where did I put those Apple stickers?
      --

      Most of the stuff on /. won't survive first contact with facts.
    2. Re:It has begun... by grahamd0 · · Score: 5, Funny

      If Safari becomes the default browser on these systems, you end up with critical vulnerabilities in a browser installed on non-tech-savvy individuals' computers.

      Good god, man! We've got to get them back on Internet Explorer!

    3. Re:It has begun... by erc · · Score: 4, Funny

      I used to work for Sun back in the early 90's, when Linux was first getting off the ground. We had finally gotten X to run under Linux, and so I figured I'd see what it would do on a 386SX/25 laptop with 16MB of RAM. It was pretty slow, but as long as I wasn't doing anything it was fine. When the screensaver kicked in, I saw the traditional Sun logo, and that gave me an idea for a prank.

      I went down to engineering and got one of the old metal Sun logos, the ones that used to be on the front of Sun-2 boxes, and put it over the logo of the laptop, fired it up in my office, and waited for the first victim to wander by. A while later, one of the senior software developers walked into my office to ask me something, and spied the laptop with the Sun logo and the screensaver running with the Sun logo on it. "How'd you get a Sparc laptop? I didn't think they were in production yet!" I have lots of friends ... [chuckle]...

      It didn't take long for the prank to be found out, but it sure was fun for a while... :)

      Reminds me of the time that I got Wine running under A/UX (Apple's version of UNIX, SVR4 flavor) - I was working for Apple at the time, and it was fun to see people's faces when they'd come by and see the Windows logo on the screen on what was obviously a Mac, but that's a story for another time. Sure was a fair bit of work, but it worth the prank value... :)

      --
      -- Ed Carp, N7EKG erc@pobox.com PGP KeyID: 0x0BD32C9B What I'm up to: http://intuitives.mine.nu
    4. Re:It has begun... by mrbluze · · Score: 5, Funny

      Anyways, going back to the article, I think the EULA is just a mistake and believe they will correct it. It does however bring up a valid point about the usefulness and legalities around EULA's.

      Any EULA is basically saying:

      • This software is mine, so piss off!
      • If you use it, it's your stupid fault, so piss off!
      • You can't sue me but I can sue you, so piss off!
      • Oh, and by the way, piss off!
      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    5. Re:It has begun... by flosofl · · Score: 4, Funny

      I had two, and I put them on a large stone block and my printer. Anyone know how to install safari on a printer?
      No, but I did manage to get it installed on a medium stone block. I'm sure the steps I used can be scaled up to your large one. Page renders are very crisp, but refresh takes forever.
      --
      "This calls for a very special blend of psychology and extreme violence" - Vyvyan "The Young Ones"
  2. Acidity by n3tcat · · Score: 5, Funny

    So Acid 4 will include security tests too now, right?

    1. Re:Acidity by MooseMuffin · · Score: 5, Funny

      Yes. You pass if the website renders correctly. You fail if the website owns your machine.

  3. I wonder... by Fenice · · Score: 5, Funny

    ...if Apple can sue itself for proposing illegal installs of safari on windows?

  4. Fine by me by asc99c · · Score: 5, Funny

    My iPod came with a big Apple sticker which for some reason I did stick on my PC. Guess I'm OK to use Safari then.

  5. Profit? by crt · · Score: 5, Funny

    Step 1: Install Safari on millions of unsuspecting Windows PCs
    Step 2: Sue non-Mac owning PC users for violating EULA
    Step 3: ???

  6. Yet more proof by an.echte.trilingue · · Score: 5, Funny

    Yes. You pass if the website renders correctly. You fail if the website owns your machine. Yet another "standards" test designed to make IE fail. This is just more proof that the W3 has it out for Microsoft.
    --
    weirdest thing I ever saw: scientology advertising on slashdot.
  7. Re:You keep saying that word.... by Daimanta · · Score: 4, Funny

    I am a naturalist and I don't wear any clothes you insensitive clod!!

    --
    Knowledge is power. Knowledge shared is power lost.