Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Denies It Will Block Safari

Posted by kdawson on from the phishing-for-apples dept.

Despite reports that PayPal may drop support for Apple's Safari browser because it lacks anti-phishing features, PayPal now says it ain't so. Though PayPal telegraphed displeasure with Safari last January, they're now unambiguous about their position: "We have absolutely no intention of blocking current versions of any browsers, including Apple's Safari, from our website."

11 of 98 comments (clear)

  1. Are you sure? by TheRealMindChild · · Score: 2, Insightful

    they're now unambiguous about their position "We have absolutely no intention of blocking current versions of any browsers, including Apple's Safari, from our website."

    It still sounds ambiguous to me. They could certainly mean "We will not target Safari by name, but we will just make you install a plugin that we know Safari can't use".

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    1. Re:Are you sure? by Admiral+Ag · · Score: 5, Insightful

      They can't afford to block Safari, not because of the Macintosh or Windows version, but because of the iPhone/iPod Touch version. The latter is rapidly becoming the standard for mobile browsing (or at least has such a large share that it cannot be ignored).

      The increasing popularity of mobile browsing is an opportunity for Paypal to act as a mobile digital wallet. There's certainly no point in carrying a debit card if you can just use your phone. I'm guessing that is Paypal's aim. Whether or not they can beat the banks to direct money transfer is debatable though.

      --
      "by that I mean people who don't sit on slashdot all day wondering why everyone else isn't building robots" DECS
    2. Re:Are you sure? by Hal_Porter · · Score: 5, Insightful

      Yeah, Safari is great on the iPod touch. I can browse to a web page to jailbreak the machine.

      I can't imagine why anyone would think it was insecure.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    3. Re:Are you sure? by Admiral+Ag · · Score: 4, Insightful

      Then it is in Apple's interest to work with companies like Paypal to improve security. This is a case where market incentives can provide a solution. Of course it ought to be done in such a way that doesn't prevent people from jailbreaking their units if they want to.

      --
      "by that I mean people who don't sit on slashdot all day wondering why everyone else isn't building robots" DECS
    4. Re:Are you sure? by mr100percent · · Score: 3, Insightful

      That was in the 1.1.1 version, last year. Apple patched it up pretty quickly and the mobile apps are also running as a different, non-root user.

  2. Re:Current versions? by menace3society · · Score: 4, Insightful

    I think the point is that they won't specifically block them. They will block browser programs that are known to be unsuitable, like the Netscape 2, or IE 4, or Mosaic.

    However, if you use browsers don't support plug-ins/protocols/captchas/whatever that paypal demands of the browser, you may still be SOL.

    In short: I expect there will be a black-list of unacceptable browser versions, rather than a white-list of accepted browser versions.

  3. Re:Backpedaling faster tha you can say... by gmack · · Score: 4, Insightful

    This has the fun advantage of making life easier for people designing websites. Fewer old browsers out there means you don't need as many stupid hacks to make it all work.

  4. Business reason is ruling this world by unrealmp3 · · Score: 2, Insightful

    Common sense would say Why should we not block Safari ? It's up to the Safari developers to make it more secure, not PayPal to make exceptions because it's for "Mac" users.

    1. Re:Business reason is ruling this world by danielsfca2 · · Score: 2, Insightful

      Oh stuff it.

      I don't need a phishing filter and I don't WANT a phishing filter. I'm a big boy who can read URLs just fine, thanks. I don't get to sensitive sites by untrusted links. I use my fingers to type the URL or I use a bookmark.

      I also don't need Norton Internet Security, or anti-spyware apps, on my Mac OR on my PC--because I don't install trash downloaded from the Internet willy-nilly.

      Aside from this worthless argument, no one has explained how Safari is any less secure than Firefox or MSIE.

  5. Missed Phishing Opportunity by edalytical · · Score: 2, Insightful

    Perhaps PayPal realized what a phisherman's dream this would be: "Can't access your PayPal with Safari? Signup for PhishPal to get instant unrestricted access. We only need your email address, ssn, bank account number, credit card numbers and drivers license."

    Joking aside, just teach people to type addresses in the address bar, and to check the address bar and status bar when they are entering sensitive information. Problem solved.

    --
    Win a signed Stephen Carpenter ESP Guitar from the Deftones: http://def-tag.com/?r=0008781
  6. Just curious... by keysersoze_sec · · Score: 2, Insightful

    I'm wondering... how those Paypal folks could "block" your browser? Do they rely on your UserAgent? There must be some UASwitcher plugin for every browser out there, so you can easily bypass their filter... Any idea about how they filter you out?