Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari Privacy Bug May Be Leaking Your Data

Posted by timothy on from the problem-with-software-is-that-it-sucks dept.

richi writes "If you use Safari, your browser may be leaking your private information to any website you visit. Jeremiah Grossman, the CTO of WhiteHat Security, has discovered some Very Bad News. I have some analysis and other reactions over at my Computerworld blog. The potential for spam and phishing is huge. A determined attacker might even be able to steal previously-entered customer data." In short, autofill for Web forms is enabled by default in Safari 4 / 5 (and remotely exploitable), and the data that this feature has access to includes the user's local address book — even if the information has never been entered into a Web form.

7 of 152 comments (clear)

  1. "If you use Safari, by mark72005 · · Score: 4, Funny

    "If you use Safari,..."

    Phew. That takes care of everyone.

    1. Re:"If you use Safari, by Monkeedude1212 · · Score: 2, Funny

      Well, everyone worth taking care of, at least.

    2. Re:"If you use Safari, by SchroedingersCat · · Score: 1, Funny

      I use Safari in Windows (gasp!)

      There, fixed it for you

  2. Bug? by Anonymous Coward · · Score: 3, Funny

    Just don't hold it like that.

  3. Only a few users' privacy was violated by aapold · · Score: 2, Funny

    and they are: Alan Jones, 9112 Tarquin Drive Luton New Hampshire, Bday Nov 3, 1970, SSN# 867-53-0909...
    Arthur J. Smith, 30612 Jethro Lane, Biscuitbarrelville Connecticut,
    James Walker, 26318 Adrian Telescope Road, Harpenden Maine

    --
    "Waste not one watt!" - CZ
  4. Re:Bad Headline by Anonymous Coward · · Score: 2, Funny

    No need to hit Submit-- I've already got it.

  5. Wonder when the video is released by Anonymous Coward · · Score: 1, Funny

    Wonder when they will release a video of showing that all other browsers are also vulnerable (although different vulnerabilities).