Slashdot Mirror
Safari 3.1 For Windows Violates Its Own EULA, Vulnerable To Hacks
recoiledsnake writes "The new Safari 3.1 for Windows has been hit with two 'highly critical'(as rated by Secunia) vulnerabilities that can result in execution of arbitrary code. The first is due to an improper handling of the buffer for long filenames of files being downloaded, and the second can result in successful spoofing of websites and phishing. This comes close on the heels of criticism of Apple for offering Safari as a update for approximately 500 million users of iTunes on Windows by default, and reports of crashes. There are currently no patches or workarounds available except the advice to stay clear of 'untrusted' sites." Further, Wormfan writes "The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs." Update: 03/27 17:23 GMT by Z : Dave Schroeder writes with the note that the license has been updated to correct this mistake.
If you say so, but Apple doesn't make you download iTunes or Safari. You don't have to buy an iPod.
This is a different situation to Windows and IE.
Apple is the new Microsoft. Even the Apple zealots agree. Point out some flaw with Apple products, and they will invariably link to a similar example by Microsoft. I don't know why they are so quick to make the association, but I think it is similar to how Republicans like to ingratiate themselves to the public by showing how similar they are to Bill Clinton.
Windows was in desperate need of a WebKit-based browser as it has pretty much become the de-facto standard for rendering engines. Since nobody else was stepping up to the plate, Apple did it themselves.
I agree that the situation is quite ridiculous and stupid. My point is however, that the headline of this story "does not compute".
An End User License Agreement can only be accepted, rejected, or violated by...guess what, "End Users". The one way in which software could possibly violate its own EULA, is, quite logically, if the software is its own "End User".
So, when is the last time you watched your browser browsing the internet on its own?
Every expression is true, for a given value of 'true'
Can you imagine the shitstorm of a comment thread that would result from this exact same thing being the result of MS's doing?
So what. Why would I care about a shitstrom of comments on slashdot.
My point was that there would be no security hole on these computers if Apple didn't go to great lengths to install Safari on them in the first place. And thats the big issue here. I consider all software insecure, if you don't need it you shouldn't have it on your computer.
You mean like, MS should give you guidelines on what you should and should not do with your PC?
No, I was talking about developer guidelines. I thought that was pretty clear, but apparently not.
If you owned a copy of the software, you would have full redistribution rights, among other things. Therefore, according to what you are telling us, piracy is pretty much impossible. I wonder why the RIAA is still around?
You own the physical media on which the licensed work is distributed. You own a license to use the licensed work, assuming you don't break the terms of the agreement, such as running the software on non-Apple-labeled hardware in this case. You do not, however, own a copy of the software itself. For that, you would have to own the copyright on it.