Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Quietly Releases Safari 3.2

Posted by kdawson on from the new-shinies dept.

99BottlesOfBeerInMyF writes "Yesterday Apple quietly slipped out an update to their Safari Web browser to version 3.2. The notable feature is that it finally adds anti-phishing technology, an area where Safari has lagged behind competitors. Aside from that, it provides some security fixes, improved JavaScript performance, and a slightly newer version of Webkit, pulling their Acid3 score up to 77." Apple forums across the Net are reporting frequent crashes in Safari 3.2, some possibly caused by 3rd-party add-ons, others perhaps related to the anti-phishing feature.

129 comments

  1. Update of Windows version too? by vanilla_face · · Score: 1

    TFA doesn't call this out at all - does this update the Mac version only or is Windows also at 3.2?

    1. Re:Update of Windows version too? by BrokenHalo · · Score: 1, Interesting

      I didn't even know there was a Windows version of Safari.

      But for that matter, this would have passed me by in any case, since even on my MacBook I still prefer to use Firefox...

    2. Re:Update of Windows version too? by Ilgaz · · Score: 5, Informative

      Windows version is there too and it is a serious sounding security update.

      The actual release notes are at http://support.apple.com/kb/HT3298

      You should subscribe to Apple Security Updates mailing list for non PR infested update announcements.
      http://lists.apple.com/mailman/listinfo/security-announce

    3. Re:Update of Windows version too? by 99BottlesOfBeerInMyF · · Score: 3, Informative

      TFA doesn't call this out at all - does this update the Mac version only or is Windows also at 3.2?

      TFA provides a link to download the Windows version.

  2. And? by jrothwell97 · · Score: 2, Interesting

    New version of Safari. Does this mean /. is turning into a slightly more fleshed-out VersionTracker? I don't see how this is newsworthy: maybe the addition of anti-phishing capabilities would be worth mentioning in passing, but a minor update which causes a few crashes is nothing new.

    --
    Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
    1. Re:And? by InsurrctionConsltant · · Score: 1, Informative

      An update addressing one of the most important shortcomings of one of the most important web browsers; I fail to fail to find this noteworthy.

    2. Re:And? by neuromanc3r · · Score: 5, Funny

      An update addressing one of the most important shortcomings of one of the most important web browsers;

      We really need sarcasm tags.

    3. Re:And? by falcon5768 · · Score: 0, Flamebait

      shortcoming yes, important web browser? Dude Im a mac users, a claimed Apple zealot, and all that and even I dont see the importance in Safari.

      --

      "Slashdot, where telling the truth is overrated but lying is insightful."

    4. Re:And? by InsurrctionConsltant · · Score: 3, Insightful

      It's the most important for mac users. Mac users may not be the majority but I don't think it's contentious to say they're an important minority.

    5. Re:And? by lseltzer · · Score: 1

      Ditto. Safari is maybe a couple percent share, and it's not likely to grow much.

      The story does seem newsworthy to me though, at least by /. standards.

    6. Re:And? by Anonymous Coward · · Score: 0

      Ehm, he just said he *is* a mac user, and still didn't see the importance...

    7. Re:And? by InsurrctionConsltant · · Score: 5, Insightful

      What's more, Safari is playing a great role in creating an "arms race of web standards". All in all, I'd say Safari, though not as much as Firefox, is more *important* than IE.

    8. Re:And? by InsurrctionConsltant · · Score: 1

      Oh, well then, QED!

    9. Re:And? by Threni · · Score: 1

      > All in all, I'd say Safari, though not as much as Firefox, is more *important* than IE.

      Why? If a site doesn't work in IE then it doesn't matter if it works in Safari - unless it's a Mac only site. If there is stuff which only works in Safari then it doesn't make any difference. Likewise, if it only breaks in Safari it doesn't make any difference. There's not many people who pay web designers to do sites for them who say 'wait - it does work properly on Safari 3.2 on Macs, doesn't it?`.

    10. Re:And? by maxume · · Score: 1

      The first two things mean you are less likely to reach the third as a conclusion, not more.

      Someone who didn't like the way Apple operated would be much more likely to conclude that Safari needs anti-phishing features.

      --
      Nerd rage is the funniest rage.
    11. Re:And? by BrokenHalo · · Score: 1

      Why?

      I guess it doesn't really matter that much. [sarcasm] Does anyone actually use IE? OK, maybe a few Windows users do. [/sarcasm] And I guess things sort of work in Opera too. Big deal. If we disregard ideologies, in my experience, pretty much anything that works in one browser will more or less work in another, at least well enough to be understood. If it doesn't, it's probably not worth looking at at all.

    12. Re:And? by Anonymous Coward · · Score: 0, Insightful

      Apple certainly like to believe so, as they push it onto users with iTunes and QuickTime updates. Arms race? For eyeballs maybe but not for anything else.

    13. Re:And? by Anonymous Coward · · Score: 0

      If you don't like the news story, why do you click Read More, then click Reply, then type out a reply and submit it? Why not just scroll past the story?

    14. Re:And? by Phroggy · · Score: 3, Informative

      shortcoming yes, important web browser? Dude Im a mac users, a claimed Apple zealot, and all that and even I dont see the importance in Safari.

      There are four major HTML rendering engines right now, two of which are commercial (Microsoft's Trident and Opera's Presto) and two of which are open-source (Mozilla's Gecko and Apple's WebKit). Of these, only WebKit is really growing right now - more and more browsers are being built on it. Safari is the reference implementation for a WebKit-based browser. That's why Safari is important.

      In addition to Safari (and the mobile version of Safari used on the iPhone and iPod touch), WebKit is also used by Adobe AIR, Google Chrome, and Nokia's S60 browser. Also, Konqueror is still using their own KHTML, but they're working on switching over to Apple's fork, eventually.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
    15. Re:And? by vhogemann · · Score: 3, Insightful

      I have one word for you:

      iPhone

      See now how important Safari is? Oh, and WebKit is used on Nokia phones too, and it's becoming a major player on the embedded browser market.

      --
      ---- You know how some doctors have the Messiah complex - they need to save the world? You've got the "Rubik's" complex
    16. Re:And? by Ofenza · · Score: 1

      I believe the importance resides in WebKit and how Safari made it (KHTML) the new rendering engine. Chrome uses it, I.E. will probably start using it to... I ask other slashdotters to correct me if I'm wrong.

    17. Re:And? by dwarg · · Score: 3, Funny

      "iPhone Bitch!"

    18. Re:And? by babyrat · · Score: 1

      I use a mac. Two of them actually. Typing this on my macbook right now.

      I can't remember the last time I browsed the web with Safari...well maybe I can. I believe the first and only site I went to was getfirefox.com.

    19. Re:And? by Koiu+Lpoi · · Score: 1

      I want my 4:43 back.

    20. Re:And? by Fri13 · · Score: 2, Informative

      Apple pushED the Safari via iTunes and QuickTime updates, but Apple has not done it long time now.

      Safari is possible to install via Apple Update but you need to select it first from secondary downloads list to get it. It does not come automatically.

    21. Re:And? by shutdown+-p+now · · Score: 1

      WebKit importance is certainly growing rapidly, but a new release of Safari means absolutely nothing with regard to WebKit (except for the fact that new Safari uses a more recent version of WebKit).

    22. Re:And? by NeoSkandranon · · Score: 1

      the last time i upgraded iTunes it was on the list along with iTunes and Quicktime and checked by default. Apple is certainly still trying and seems to be hoping that people will install it by mistake by neglecting to uncheck it.

      --
      If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
    23. Re:And? by Swift2001 · · Score: 1

      And the Google phone, too, uses WebKit.

    24. Re:And? by Cow+Jones · · Score: 1

      Konqueror is still using their own KHTML, but they're working on switching over to Apple's fork, eventually.

      Very interesting, I hadn't heard of that before. The linked article is quite old, do you have any more recent information about the switch? Is it still on?

      CJ

      --

      Ah, arrogance and stupidity, all in the same package. How efficient of you. -- Londo Mollari
    25. Re:And? by Phroggy · · Score: 1

      Konqueror is still using their own KHTML, but they're working on switching over to Apple's fork, eventually.

      Very interesting, I hadn't heard of that before. The linked article is quite old, do you have any more recent information about the switch? Is it still on?

      CJ

      I know nothing; I found that with Google.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  3. Safari still has an annoying bug... by Gundamdriver · · Score: 3, Interesting

    A bit off-topic: Both Safari 3.1 and 3.2 (@ Tiger) freezes the loading progress randomly, but ping google.com still works. I have tried to reset Safari, but it didn't help.

    1. Re:Safari still has an annoying bug... by ColdWetDog · · Score: 1

      Not too surprising. Safari updates have often been problematic. Check out MacFixit. Or just stay with Firefox.

      --
      Faster! Faster! Faster would be better!
  4. Anto-phishing? Fuck that. by apathy+maybe · · Score: 4, Interesting

    Personally I don't use Safari (I don't have a Mac, nor do I use MS Windows). I just thought I would take the time to rant about "anti-phishing" things.

    I always turn such "features" off on my own computers, and would do so on any computer where I was the "tech support" (after appropriate consultation and education).

    Why? Because blacklists don't work. Want to not get phished? Simple instructions that even the most computerphobic person can understand:

    When you want to go to the website of your bank, credit union etc., type in what you see on the printed material you have in front of you! (Alternatively, for the more computer literate folks, create a bookmark/favourite after having typed in the address from the printed material from your bank. And only access it via that link.)

    Never trust a link via an email, never trust a link from another website, not even if the address looks the same. (Character encoding, bad eyes and other things can make two strings look the same, even when they aren't.)

    Simple advice and works for everyone whom I've told it to. (The same with, "don't download files from your email unless you were expecting them, which is a bit over the top, but the slightly more complicated, don't download executable files got reduced somehow.)

    End rant.

    I did have a look at the article, and to be frank, there isn't anything exciting in there. It seems that the only reason this got to the front page is that Safari crashes a lot. Umm..., I guess I don't care.

    --
    I wank in the shower.
    1. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 5, Insightful

      But anti-phishing is not about blacklists... Some might include that too but it is just a minor addon. Anti-phishing is about browser warning you when link with an anchor text "Your-Bank.com" is about to actually take you to "Your-Bank-fake.com".

      Educating users is important but having a backup feature like that is helpful.

      IF it was just anbout blacklists (blocking sites absolutely known to be scam) why would you turn it off? What harm would that do to you? :D

    2. Re:Anto-phishing? Fuck that. by DiegoBravo · · Score: 1

      >> create a bookmark/favourite after having typed in the address from the printed material from your bank. And only access it via that link.)

      Some thoughts:

      * Computer-phobics today don't know how to create a bookmark. Nor type a URL. They just type what they assume is some kind of address in a google bar and click the first or second result.
      * Even typing a correct URL you're not free from dns-poisoning
      * Sometimes I've tried to explain those issues to a couple of friends (anthropologists for reference) and the most difficult was related to the stupid act of giving your email password to every social network that gives you an invitation. And really they got a bit scared (because in their email accounts most people stores vital information) but in the end the thing is simply too complicated for non-geeks. And it is not their fault, the problem is the design of the security infrastructure (Schneider wrote a lot about that.)

      So we have this nasty anti-phishing thing, sadly necessary as antivirus are in Windows.

    3. Re:Anto-phishing? Fuck that. by shitzu · · Score: 2, Interesting

      * Even typing a correct URL you're not free from dns-poisoning

      How does a blacklist of urls address that?

    4. Re:Anto-phishing? Fuck that. by apathy+maybe · · Score: 2, Interesting

      Yourbank.com...

      command.com...

      Umm, and I seeing a problem with that idea? Yes I am.

      And the reason to turn it off, it doesn't always work (false positives, and false negatives), and it leads to a false sense of security. Like running a virus checker and then not caring about downloading random shit from the web. Better to just not download random shit from the web.

      --
      I wank in the shower.
    5. Re:Anto-phishing? Fuck that. by apathy+maybe · · Score: 1

      * Computer-phobics today don't know how to create a bookmark. Nor type a URL. They just type what they assume is some kind of address in a google bar and click the first or second result.

      There were two parts, the bookmark was for the slightly more literate types. As to Google, you've interviewed a random sampling of computer-phobes have you? You know what they do do you? You're making shit up aren't you.

      * Even typing a correct URL you're not free from dns-poisoning
      Yeah, that's why I just type in the IP address...

      Etc.

      It isn't the person's fault that computers are complicated, but it sure as hell isn't that hard to understand.

      --
      I wank in the shower.
    6. Re:Anto-phishing? Fuck that. by DiegoBravo · · Score: 1

      Maybe blocking the url at start, so the browser never asks anything to the dns server.

    7. Re:Anto-phishing? Fuck that. by Ilgaz · · Score: 1

      What bugs me is the lack of documentation. Where is the data coming from? Is it offline or online (e.g. every URL submitted), how is the data secured?

      1 Password added phishing protection to Safari long before Apple did and while being just a shareware developer, they gave all the details. It is powered by community powered phishtank (opendns).

      Now, we gotta run Wireshark here to see where the data comes from, how it acts etc. The "live" online phishing check is a horrible privacy risk since every URL you visit must be sent to a third party for verification. That is why I hate anti phishing and telling non tech users to use 2 step login/ dynamic password generators (even J2ME versions exist) with their bank accounts. If their bank doesn't support it in age of 2008? Well, can move out to another bank.

    8. Re:Anto-phishing? Fuck that. by Angostura · · Score: 1

      Yes, simple advice and education works, you should not rely on anti-phishing tools. However people make mistakes.

      It is, in my opinion extremely foolish to turn off the advisories, or tell other people to do so. You don't rely on the crumple zones in your car to stop you in traffic lights either, do you? But do you argue against cars with crumple zones?

    9. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 0

      Same AC here again (got to recover my password some day...).

      False positives is a valid concern, I admit. But if users have been trained to write their address into the bar instead of clicking the links and follow those instructions this should literally never come up!

      False negatives happen only in the case that user is already not following your instructions and nothing worse happens than if the feature didn't exist.

      So this feature comes up when user is already not following the instructions and with false positives he just has to write the address by himself (as he should have done in the first place).

      In actual risk cases the feature MIGHT save the user or then not. It can't turn anything worse.

      So I think I have to go with still disagreeing with you that it should be turned off and user training is better because it comes to play only when users don't do things like they should have. In my experience this happens often and I doubt that added false sense of security does much to increase the rate.

    10. Re:Anto-phishing? Fuck that. by Lost+Race · · Score: 1

      Blocking what URL, "http://www.citibank.com/"? DNS cache poisoning attacks valid domains.

    11. Re:Anto-phishing? Fuck that. by TriezGamer · · Score: 2, Insightful

      If users could be trained, we could solve a lot of problems. Users don't care about learning, only about function.

    12. Re:Anto-phishing? Fuck that. by DiegoBravo · · Score: 1

      Of course a single URL has not enough information. But (for example) if you're in China and the government poisoned the records of citibank, at least in China it is better the browser to deny access to a fake "citibank". BTW I don't imply that it is easy to implement with the current infrastructure.

    13. Re:Anto-phishing? Fuck that. by robo_mojo · · Score: 1

      * Even typing a correct URL you're not free from dns-poisoning

      Anti-phishing techniques do not make you safe from dns-poisoning, either.

      But that's why you have SSL certificates. Unless one of your CAs has gone bad, nobody will have a certificate for that domain except for the person that owns the domain.

      Even if (like me) you don't trust your CAs, you can keep track of certificates by their fingerprints. There are some extensions that will keep track of certificates for you so you can be alerted if your bank's certificate changes. Then you call the bank and ask if they changed their certificate.

      but in the end the thing is simply too complicated for non-geeks. And it is not their fault, the problem is the design of the security infrastructure

      Then make it easy for them. If you know someone who has trouble with it, set up their browser for them. Make the bookmarks and put them somewhere that can be accessed easily (like the "personal bar" or whatever your browser uses) and tell them they should only use that bookmark to access the site and nothing else. That kind of help will go a lot farther than any anti-* gimmicks will.

    14. Re:Anto-phishing? Fuck that. by DiegoBravo · · Score: 1

      >> Anti-phishing techniques do not make you safe from dns-poisoning, either.

      Totally agreed. The point (bad expressed by me) was that writing literally an URL don't make you safe. Besides, *maybe* a strong anti-phising infrastructure can help when you don't have https, if we could have a list of compromised dns servers, or zones, additionally to suspected domains...

      >>But that's why you have SSL certificates. Unless one of your CAs has gone bad, nobody will have a certificate for that domain except for the person that owns the domain.

      Bad sadly when the user is redirected to http://www.fake-bank.com/ he is "informed" that is currently in a "secured connection". The user was never trained to check for the ridiculously little lock, nor the weird "https" in the address.

      >> Then make it easy for them. If you know someone who has trouble with it, set up their browser for them.

      Hey, that means setting the browser from time to time to 99% of my friends/colleagues... I think the overall PC-network security design (if exists) is simply too complicated to people that simply does not have the time to understand software and networks, just need to use them. It is like using little TNT explosions for daily transport power, instead of oil ones... with the adequate care, you can handle the TNT, but...

    15. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 1, Insightful

      When you want to go to the website of your bank, credit union etc., type in what you see on the printed material you have in front of you!

      Fails to protect against DNS poisoning. Next!

    16. Re:Anto-phishing? Fuck that. by martinX · · Score: 1

      Want to get rid of spam? Hit the delete key.

      Or get a spam filter (like the nice one in Mail) which trashes 99% of the spam I get, leaving me to delete one every now and then.

      This phishing filter will work for users on the same principle: protect users from a lot of phishing expeditions, leaving them to deal with the few that slip through. This also helps stop people from getting "security fatigue" that comes from being hit by crap every time they log on. Same with spam - if spam filters weren't in place, a lot of people would give up on email altogether.

      Anti-phishing tech isn't the be-all and end-all. Education is the key to making it all work.

      --
      When they came for the communists, I said "He's next door. Take him away. Goddam commies."
    17. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 0

      It's coming from Google. I downloaded Safari 3.2 the other day, then went to PhishTank, found a phising site, clicked on the more info button, and was directed to Google's safe-browsing API. Actually, where the information comes from does not really matter for most end users, though it may interest people like you or me. Of course, if you don't like the idea of using Google's safe-browsing API, then you could use Google Chrome or Firefox, oh wait...

      Also, I see one problem with using 1Password. 1Password relies on an Input Manager. As a result, it's injecting executable code into Safari's memory. Do you realize how bad of an idea that is? Using Input Managers, its incredibly simple to write a "plugin" that could turn even a signed app into a malicious one. Leap-A did just that, actually (though without the signed code part, as Tiger doesn't support signed code).

    18. Re:Anto-phishing? Fuck that. by Koiu+Lpoi · · Score: 1

      Better to just not download random shit from the web.

      And then you'll get hit with every single virus that doesn't rely on user intervention (and there's been plenty of those on the win32 platform, let me tell you). And if somebody gets infected with, say, Sality (wraps EXE files) and sends you something, bam, you're infected, even though it came from a ``trusted'' source. Better to run a Virus Scanner AND not download random shit. It's almost like complacency will bite you, but so will ignoring the safeguards already there. I believe the correct answer is somewhere in the middle.

    19. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 0

      But anti-phishing is not about blacklists... Some might include that too but it is just a minor addon. Anti-phishing is about browser warning you when link with an anchor text "Your-Bank.com" is about to actually take you to "Your-Bank-fake.com".

      Educating users is important but having a backup feature like that is helpful.

      IF it was just anbout blacklists (blocking sites absolutely known to be scam) why would you turn it off? What harm would that do to you? :D

      Yes, and the way it does that is by checking every URL you attempt to visit against a blacklist run by the browser people.

      You seem to be confusing a blacklist with a site certificate validation, which browsers already have.

    20. Re:Anto-phishing? Fuck that. by Anonymous Coward · · Score: 0

      So clicking google.com will get caught by a filter because this anchor text doesn't match the link?

      Sorry, that's a fail for you. Anti-phishing filters are 100% blacklist based. I also disable that garbage- if you try to go to visa.com and end up at 1.2.3.4/hacked/phish/getyourpassword.html then be a little suspicious. Or to sum it up, pay attention to where a link takes you, and just don't follow ones that go to odd places.

    21. Re:Anto-phishing? Fuck that. by Paradise+Pete · · Score: 1

      What bugs me is the lack of documentation. Where is the data coming from? Is it offline or online (e.g. every URL submitted), how is the data secured?

      It comes from Google. It is their "Safe Browsing" technology. Safari gets a list of hashes of known bad URLs. The list is continuously updated by Google, and Safari periodically fetches an update. By Google's rules the browser can only put up the warning if its list has been updated in the last 30 minutes. Presumably that means that if Safari finds a suspect it does a special refresh.

      Safari stores the hashes in a SQLite database in its cache folder. You can browse it if you want to, though it's only hashes.
      The warning itself is located at /Applications/Safari.app/Contents/Resources/PhishingAlert.html, so you can change it if you want to. All of this info is courtesy of MDJ.

  5. webkit project by thanasakis · · Score: 3, Informative

    Safari is based on Webkit, which can achieve an almost perfect acid3 score. Anyone using windows or macosx can easilly try it.

    1. Re:webkit project by Tubal-Cain · · Score: 2, Informative

      Anyone using windows can easily try it.

      By downloading Chrome (or the open source version Chromium)

    2. Re:webkit project by Anonymous Coward · · Score: 0

      Yes, or Safari.

      Can't just let you steal this thunder. I myself prefer Safari on Windows to Chromium nightlies, as a regular user of both. For starters, Chrome/Chromium's installation directory madness is far from ideal for multi-user systems. And, HAHAHAHA, GoogleUpdate.exe is just the greatest thing in the world, isn't it, mainline Chrome users? Stick me on the Quartz side of the Quartz vs. ClearType debate, and you'll begin to see why I might prefer Safari by *far*.

      Posted using K-Meleon 1.5.1, my second-favorite Windows web browser behind Safari.

    3. Re:webkit project by Anonymous Coward · · Score: 0

      Yeah. I'd rather not use software from a company who install a web browser as a recommended update for a music player, but that's just me.

  6. Crashes by Rick+Zeman · · Score: 4, Informative

    Apple forums across the Net are reporting frequent crashes in Safari 3.2, some possibly caused by 3rd-party add-on

    Yep, PithHelmet (anti-ad plug-in) causes 3.2 (Mac, of course) to blow up every time when using multiple tabs. Removing its bundle from /Library/Application Support/SIMBL/Plugins/ made it stable as a rock again (no problems at with about 15 tabs open, with varying kinds of embedded content), but, sadly, I'm buried with ads again.

    1. Re:Crashes by frdmfghtr · · Score: 5, Informative

      Yep, PithHelmet (anti-ad plug-in) causes 3.2 (Mac, of course) to blow up every time when using multiple tabs. Removing its bundle from /Library/Application Support/SIMBL/Plugins/ made it stable as a rock again (no problems at with about 15 tabs open, with varying kinds of embedded content), but, sadly, I'm buried with ads again.

      Try this: Adblock for Safari

      --
      Government's idea of a balanced budget: take money from the right pocket to balance...oh who am I kidding?
    2. Re:Crashes by DavidDK · · Score: 4, Informative

      GlimmerBlocker is a more stable ad-blocker. It's an http proxy and not an awful InputManager hack, so you can freely upgrade Safari without having Safari going into crash me mode.

    3. Re:Crashes by Rick+Zeman · · Score: 1

      Adblock for Safari

      Cool dat. I use Adblock on my Firefox at work; last time I looked around this didn't exist for Safari. Wow...really helpful info on /.--what a concept! :-)

    4. Re:Crashes by Anonymous Coward · · Score: 0

      I think you meant Privoxy.

    5. Re:Crashes by Lars+T. · · Score: 1

      Try this: Adblock for Safari

      Hey, great, a OSS Adblock software that requires you have the latest OS. Yeah, I'd pay to use that.

      --

      Lars T.

      To the guy who modded me down from perfect to terrible Karma - Apple haters still suck

    6. Re:Crashes by earthbound+kid · · Score: 2, Informative

      It looks like another input manager though. You can't really trust "plugins" (they're not really plugins but elaborate memory hacks) like those to work when a new version of Safari comes out. The simple solution is just to use a custom CSS file that blocks ads, like the one on http://www.floppymoose.com/.

    7. Re:Crashes by Phroggy · · Score: 1

      Try this: Adblock for Safari

      Hey, great, a OSS Adblock software that requires you have the latest OS. Yeah, I'd pay to use that.

      It's GPL. If you want to make it work on older operating systems, you're welcome to download the code, figure out why it doesn't work, and submit a patch. If they don't like your patch, you can fork it. Don't complain that the work other people are willing to share with you isn't good enough; they don't owe you anything.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
    8. Re:Crashes by Lars+T. · · Score: 1

      Hey, great, a OSS Adblock software that requires you have the latest OS. Yeah, I'd pay to use that.

      It's GPL. If you want to make it work on older operating systems, you're welcome to download the code, figure out why it doesn't work, and submit a patch. If they don't like your patch, you can fork it. Don't complain that the work other people are willing to share with you isn't good enough; they don't owe you anything.

      No thanks - in a world where you can freely download music and videos of the internet, "free" software better be perfect without me having to do anything.

      --

      Lars T.

      To the guy who modded me down from perfect to terrible Karma - Apple haters still suck

  7. Someone at Apple is getting Lazy by Anonymous Coward · · Score: 0

    I thought that updates to browsers that required reboots were the preserve of Microsoft.

    Yet this Safari update requires a reboot.
    I don't use Safari on my Mac but have to install the b****y thing otherise I'll get nagged from here to kingdom come about installing it...
    Sigh.

  8. Quietly? by Anonymous Coward · · Score: 0

    I'm sure they attempted to force it on every user with iTunes... hardly quiet.

    1. Re:Quietly? by ZarathustraDK · · Score: 5, Funny

      I'm sure they attempted to force it on every user with iTunes... hardly quiet.

      I hear they're working on iLube to adress this problem.

      --
      If you quote this signature there'll be 72 copies of Windows ME waiting for you in Heaven.
    2. Re:Quietly? by deniable · · Score: 3, Informative

      Worse, I downloaded Safari for Windows for testing and they tried to force iTunes on me. They said it was a security update. I've since removed their update 'service' (like servicing a cow) and I guess I'll have to update Safari manually.

      Admittedly, this was a while back and maybe they've cleaned up their act. Then again, Firefox 3.0.4 refuses to install because I need to run as an account with more rights than a full administrator. All I need now is Opera to give me grief.

    3. Re:Quietly? by moderatorrater · · Score: 1

      Admittedly, this was a while back and maybe they've cleaned up their act

      They haven't. Their updater for a few programs I barely use is more intrusive than any other updater on my computer. How does that make any sense?

    4. Re:Quietly? by Ilgaz · · Score: 1

      They seperated "Updates" with "New Software" now so you won't be pushed iTunes or other kind of software. So you better re install Apple software update (Safari installer should do it)

      This one is indeed a serious security update on Windows (and OS X), check http://support.apple.com/kb/HT3298 for reference.

    5. Re:Quietly? by Phroggy · · Score: 1

      There was an older version of Apple Software Update that tried to install new applications as if they were updates. People (rightly) bitched, and Apple quickly fixed it.

      If you're using a recent version of Apple Software Update, and it tries to download an update to iTunes (rather than just offering it as an optional download if you want), it's because you already have an old version of iTunes installed.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  9. What about WebKit? by oreaq · · Score: 2, Insightful

    The WebKit nightly builds have been passing the ACID3 test for months and are still 4 times faster than Safari 3.2 according to the SunSpider Javascript Benchmark. Why is Safari so far behind?

    1. Re:What about WebKit? by 99BottlesOfBeerInMyF · · Score: 2, Informative

      The WebKit nightly builds have been passing the ACID3 test for months and are still 4 times faster than Safari 3.2 according to the SunSpider Javascript Benchmark. Why is Safari so far behind?

      They're probably still working out bugs between Webkit and the applications they have that use it. As I mentioned in the summary, however, most of the javascript improvements seem to have made it in this time. On my machine Safari was getting about 11 on the sunspider test, before this update and is now getting about 3. The nightly of Webkit on the same machine comes in at 1, which is better yet, but not that significantly.

    2. Re:What about WebKit? by gsnedders · · Score: 1

      WebKit ToT is nowhere near as stable as the Saf3.2 branch. It crashes a bit more, and there are a lot of regressions (of websites breaking). Currently, there are 225 P1 (priority 1, i.e., top priority) bugs. It's nowhere near shippable.

    3. Re:What about WebKit? by richien6 · · Score: 1

      Is it possible that Apple actually hijacked TraceMonkey from Firefox? Yes I know Firefox is open source and that TraceMonkey is too, but still--any chances of it happening?
      Here's the link to a Lifehacker article I saw a while ago...

      --
      Slashdot user since
  10. Apple loudly released Safari 3.1 by toupsie · · Score: 4, Funny

    Its odd that Apple released this version quietly. Last time a major point release was available, Steve Jobs was walking down the streets of Cupertino firing a shotgun into the air screaming, "Time to download the next motherf*cking version of Safari!" followed by USC Trojan band playing John Philip Sousa marches.

    --
    Strange women lying in ponds distributing swords is no basis for a system of government.
    1. Re:Apple loudly released Safari 3.1 by Rogue+Pat · · Score: 5, Funny

      Its odd that Apple released this version quietly. Last time a major point release was available, Steve Jobs was walking down the streets of Cupertino firing a shotgun into the air screaming, [..] followed by USC Trojan band

      I guess the anti-phishing feature filtered out the Trojans this time then? ;-)

    2. Re:Apple loudly released Safari 3.1 by deniable · · Score: 1

      You can have a lot of fun with a pack of Trojans, but this is Slashdot.

    3. Re:Apple loudly released Safari 3.1 by AceofSpades19 · · Score: 1

      no, THIS IS SPARTA

  11. Great. by danwesnor · · Score: 3, Funny

    Apple Quietly Releases Safari 3.2

    Great, now you've gone and blabbed their secret to everybody.

  12. EV-SSL by lseltzer · · Score: 4, Informative

    It also now supports EV-SSL. That and the anti-phishing were two major beefs of companies like PayPal.

  13. Re:APPLE STOP HURTING INNOCENT ANIMALS by dreamchaser · · Score: 1

    I would rather take a nice walk in the park and feed sqiuirrels

    But 'Safari' sounds a lot cooler than 'Bag of Peanuts' as a name for a browser.

  14. Crashes? Did they port the iPhone Safari to OSX? by teshuvah · · Score: 0, Flamebait

    Hopefully next they will port the iPhone draconian DRM and locked down app store to OSX too!

  15. Re:APPLE STOP HURTING INNOCENT ANIMALS by dosun88888 · · Score: 1

    And what better way is there to go meet Nelson Malambe or Chief John Aka Bamba, than on a Safari to their homeland?

  16. I wonder what really got fixed... by ItalianScallion · · Score: 2, Insightful

    There is something a little odd about this particular update-- Safari on my Mac had been acting very strangely lately-sucking up lots of processor, computer acting a bit odd. This is unusual. This seems to have been fixed by the update. Maybe just a coincidence?

    The question is: why is Apple so quiet about rolling this update out and what it fixes, and since when does a minor Safari update require a reboot?!!

    1. Re:I wonder what really got fixed... by zaajats · · Score: 1

      The question is: why is Apple so quiet about rolling this update out and what it fixes, and since when does a minor Safari update require a reboot?!!

      I'm not sure (lousy memory etc), but I believe (some) previous Safari updates have required a reboot too. It might have something to do with the Webkit engine being used by apps other than Safari

    2. Re:I wonder what really got fixed... by 99BottlesOfBeerInMyF · · Score: 2, Informative

      The question is: why is Apple so quiet about rolling this update out and what it fixes, and since when does a minor Safari update require a reboot?!!

      It replaces more than the Safari application. It also, slightly, updates Webkit, which is a core library that numerous programs use. You can get by without rebooting if you just kill the update at the end then restart all the programs that use Webkit... but that's a bit advanced for most people and a reboot is easy.

      The erratic behavior of Safari could be caused by damaged resources which were replaced in this update, making it more useful to you than the average bloke.

  17. perfect score by edalytical · · Score: 2, Informative

    I thought it was a perfect score. Not a almost perfect score.

    What I really want is some screenshots of what the anti-phishing behavior looks like. For all this talk about Safari 3.2 no one has bothered to try out the new features.

    --
    Win a signed Stephen Carpenter ESP Guitar from the Deftones: http://def-tag.com/?r=0008781
    1. Re:perfect score by 99BottlesOfBeerInMyF · · Score: 1

      What I really want is some screenshots of what the anti-phishing behavior looks like. For all this talk about Safari 3.2 no one has bothered to try out the new features.

      The hard part is finding known phishing sites that are still up and detected by the phishing detection. I think I did get it to work for one page (http://chaseonline.chase.com.ssl.com.kg/) and it was a simple dialogue box, but I haven't been able to repeat it with any other page to confirm. Using Google to look for a test suite comes up with dozens of links to the same whitepaper about testing Firefox, but without any links to the actual test pages used. Aside from that, lots of commercial products with no verifiable results.

    2. Re:perfect score by gyrogeerloose · · Score: 1

      Just FYI, I can confirm that Safari 3.2 (Mac) does put up a dialog box when I clicked on the link included in the above post.

      --
      This ain't rocket surgery.
  18. Re:APPLE STOP HURTING INNOCENT ANIMALS by Jerry+Smith · · Score: 1

    I would rather take a nice walk in the park and feed sqiuirrels

    But 'Safari' sounds a lot cooler than 'Bag of Peanuts' as a name for a browser.

    Their former browser was called "CyberDog", and it referred to a dog just strawling around the cyberspace. "Safari" also feels like a nice trip, but in less comfortable places. Just fyi'ing. Back on topic: the anti-phishing thingy was something I was waiting for: Mac-users aren't immune to phishing, whatever they say. I did the Sonicwall Phishing Test http://www.sonicwall.com/phishing/ with my class and none of my students passed. Most of them too gullible. Something Mac-users might or might not recognise. Good test though, absolutely worth taking!

    --
    All those moments will be lost in time, like tears in rain. Time to die.
  19. Want to re-login 250 sites? by Ilgaz · · Score: 3, Informative

    I tell you the real annoying bug. It erases cookies sometimes. Yes, the file itself (~Library/Cookies/Cookies.plist). It was documented by unsanity and said to be fixed at least on Intel but we, poor PPC users who made the mistake of jumping to Leopard still suffer from it.

    http://www.unsanity.org/archives/apple/apple_hates_bug_filers.php

    Ironically, it generally hits you when you report a bug to Apple, that is where the title comes from.

    I had to restore 2.2 MB of cookies from Time Machine today.

  20. That's a lie by donutello · · Score: 2, Funny

    The Trojan marching band only knows how to play one song.

    --
    Mmmm.. Donuts
  21. "Quietly"? by realinvalidname · · Score: 4, Insightful

    How does putting Safari 3.2 on Software Update, where by default it will be received by every internet-connected Mac OS X user in the world, count as a release that was "quietly slipped out"?

    Granted, they're the new Bad Guy on /., but can we be a little less lazy and more accurate in our snide characterization of Apple's activities?

    1. Re:"Quietly"? by Anonymous Coward · · Score: 0
      It's kdawson. That's just how he rolls man.

      He's out there fighting the good fight. For pageviews.

    2. Re:"Quietly"? by Cro+Magnon · · Score: 1

      How does putting Safari 3.2 on Software Update, where by default it will be received by every internet-connected Mac OS X user in the world, count as a release that was "quietly slipped out"?

      Well, if they announced it weeks in advance, over a bullhorn, with a marching band, it would have been released loudly.

      --
      Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
    3. Re:"Quietly"? by bill_mcgonigle · · Score: 1

      Granted, they're the new Bad Guy on /., but can we be a little less lazy and more accurate in our snide characterization of Apple's activities?

      We're going to be snarky until they bring back anti-glare screens.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  22. They released it QUIETLY for a reason... by mr_lizard13 · · Score: 1

    ...now it's been posted on /. everyone's gonna hear about it

    *sigh*

    --
    "We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman
  23. Don't pay so much attention to the Acid3 score by Anonymous Coward · · Score: 1, Informative

    pulling their Acid3 score up to 77.

    If a browser doesn't score a 100 on the Acid3 test, it fails. Period. A browser that scores an 18 doesn't fail any more (at least officially) than one that scores an 88. They both fail, and that's it. What's more, a browser could theoretically get a 100 and still fail the test. In order to pass, you need a score of 100 and the test page needs to look pixel-for-pixel like the reference rendering (which is a little redundant, but that's what it says on the test page itself). The higher score should raise a footnote perhaps, but you shouldn't be too concerned about it.

    1. Re:Don't pay so much attention to the Acid3 score by Anonymous Coward · · Score: 0

      Not only that, but you have to use the default settings, and the animation has be "smooth". When does an animation stop being "smooth", anyway? That seems awfully vague for it to be a condition to pass to the test.

    2. Re:Don't pay so much attention to the Acid3 score by 99BottlesOfBeerInMyF · · Score: 2, Informative

      If a browser doesn't score a 100 on the Acid3 test, it fails. Period. A browser that scores an 18 doesn't fail any more (at least officially) than one that scores an 88.

      Then why do they bother with scores instead of just putting up the word "pass" or "fail"? Each part of the test hits a problem area of rendering and the more points a browser gets, the more of those cases they are compliant for. Higher scores do translate into greater standards compliance for the tested set.

      In order to pass, you need a score of 100 and the test page needs to look pixel-for-pixel like the reference rendering (which is a little redundant, but that's what it says on the test page itself).

      More than that, it has to run the animation smoothly using the specified reference hardware... at least according to the authors of the test.

      The higher score should raise a footnote perhaps, but you shouldn't be too concerned about it.

      It's more abut how current the version of Webkit they're including is. From the fact that it scores a 77 means htmlcore is likely a version from sometime last summer. Likewise the javascript performance tells you the javascriptcore is probably more recent.

    3. Re:Don't pay so much attention to the Acid3 score by cleatsupkeep · · Score: 1

      The latest nightlies are at 100 on Acid3, so, yeah.

    4. Re:Don't pay so much attention to the Acid3 score by MacDork · · Score: 1

      Not only that, but the animation has to render smoothly as well. The browser can be capable of passing, but fail because the hardware is old and slow. Anyway, you aren't going to get a 100 with 3.2, but that's why there's webkit nightlies. It's basically the latest version of Safari if you don't want to wait for Apple's official release.

    5. Re:Don't pay so much attention to the Acid3 score by Anonymous Coward · · Score: 0

      You would have loved taking classes from the late Edsger W. Dijkstra.

      He used to put two programming exercises in his exams, both of which could earn you 5 points. Here in The Netherlands, scoring is on a 0-10 scale (sometimes starting at 1 "for effort") and you need a grade >5 (i.e. not a 5!) to pass.

      Of course, according to Dijkstra, a program is either "good" or "not good", so each assignment would be awarded either 5 or 0 points. His students had to re-take the exam until they got both exercises _exactly_ right, scoring a perfect 10.

    6. Re:Don't pay so much attention to the Acid3 score by gsnedders · · Score: 1

      http://trac.webkit.org/log/branches/Safari-3-2-branch shows it's a fork of the Saf 3.1 branch with selected patches.

  24. Reboot by saunabad · · Score: 2, Informative

    And it looks like once again I'll have to reboot my Leopard macbook because of an update in a fucking web browser application. I've been really quite happy with OS X for last five years but lately this all has become really rather pointless. Too many lock-ups, too many bugs, too many reboots. Didn't see any of that with my iBook running Panther before. Looks like Apple tries to compete with price and the quality is gone.

    1. Re:Reboot by prockcore · · Score: 1

      Could be worse, you could have to reboot your *server* because of a browser update. I hate that OSX server forces you to update iTunes and Safari and other crap just to get updates for other things.

    2. Re:Reboot by ista · · Score: 1

      Simply uninstall safari and iTunes on your server, depending on your mileage for "server", they're useless anyway and shouldn't be installed on the box.

      Yes, the Apple gui installer doesn't give you a way to do so, but there are tons of free 3rd party tools to accomplish this.

    3. Re:Reboot by ista · · Score: 1

      Well, the reasoning is simply that the update swapped some shared libraries, which are in use by more than a few known applications.
      Of course, Apple might say "Please restart at least your browser after updating and any other open application which somehow misbehaves", but many people do fail to do so ("well, I'll do it later" - and suddenly remember that thought once their browser plugins break down). And the fail-safe enduser-doable "solution" to this is simply to reboot their box. The default button in that dialog to do the reboot immediately, but you may also choose "later" (which merely exits the installer).

      This behaviour is not that much different from many linux boxes, it's merely a different default button selected. When you upgrade a Debian Linux box from Etch to Lenny, the libc-upgrade also restarts a few services who are known to rely on the nss-functions of libc, but also gives this recommendation:

      If other services have begun to fail mysteriously after this upgrade, it is probably necessary to restart them too. We recommend that you reboot your machine after the upgrade to avoid NSS-related troubles.

      Of course, if you know what you're doing and the guts of your OS inside out, you can work around the reboot, but most MacOS X users don't do so (and often have choosen the Mac exactly for the reason that they don't have to mess around with their computer more then necessary in order to make it work).

      So in case to be sure, you'll do the reboot sooner or later anyway.

    4. Re:Reboot by Anonymous Coward · · Score: 0

      I bought one of the first Intel based Macs. The first thing I noticed was a few examples of Windows like behaviour: the desktop coming up in fits and starts; crashing during suspend; and occasional random crashes. I've been watching the forums since and the problems still seem to be occurring. I gave the new Mac to my girlfriend and went back to my PowerBook.

    5. Re:Reboot by Pope · · Score: 1

      Bollocks. You can choose to ignore any update that comes down the pipe from Software Update. Uninstall iTunes and ignore all subsequent updates to it, it's not needed on a server. Maybe you should be a better admin! :)

      --
      It doesn't mean much now, it's built for the future.
  25. About 25% faster at jsBalls fight demo benchmark by Anonymous Coward · · Score: 0

    Looks good. Seems to be about 25% faster than Safari 3.1 at the jsBalls fight demo bechmark. See here for results: http://www.jsballs.com/benchmark.html. Puts Safari back ahead of Firefox as far a release versions go.

  26. It's still better than Firefox... by Anonymous Coward · · Score: 0

    Granted, I'm using Safari on Windows, but I'm not noticing anything weird. But even if it does have its problems, the last update for Firefox made it impossible to run it because the update keeps failing to apply, causing Firefox to restart, after which it tries again to reapply the update, etc... I tried removing it alltogether, but that didn't help - after installing it wanted to update and presto, same problem. I guess I can't test webpages in Firefox anymore. Not trying to make excuses for Safari, I really think Apple shouldn't ship a buggy product, just trying to put things in perspective.

  27. Twitter? by cleatsupkeep · · Score: 1

    Did they really link to a twitter post? Wow.

  28. Anti-Phishing by eniacfoa · · Score: 1

    Anti phishing software is a travesty. it slows your browsing significantly and really....who needs it? complete fkn idiots. Let the complete fkn idiots get scammed for all I care...

  29. What's next, and how do you turn it off? by argent · · Score: 1

    I really wish that instead of copying failed technology from Microsoft (like the whole travesty of their 'you downloaded this file from the interwebs, oh noes!' security dialogs) they would recognize when something is "security theatre" and NOT follow the crowd. What's next, antivirus?

    How do you turn their "anti phishing" bloatware off?

  30. More WebKit browsers.... by Osvaldo+Doederlein · · Score: 1

    Google's Android, and Sun's Java FX (FCS expected by Dec 02) and Java FX Mobile (expected sometime in late Q2'2009).

  31. Don't turn it off by Swift2001 · · Score: 1

    It earned its keep when I signed onto my bank. I got through the the first layer of security, and the lock appeared. When my password was validated, and I went to the main page, there was the name of the Bank, outlined in green. If I'm stupid, and get fooled by a phishing scam, I'll remember to look in the upper right corner. About time, really. Apple should have done this much sooner, like Firefox and IE.