Safari Privacy Bug May Be Leaking Your Data
richi writes "If you use Safari, your browser may be leaking your private information to any website you visit. Jeremiah Grossman, the CTO of WhiteHat Security, has discovered some Very Bad News. I have some analysis and other reactions over at my Computerworld blog. The potential for spam and phishing is huge. A determined attacker might even be able to steal previously-entered customer data." In short, autofill for Web forms is enabled by default in Safari 4 / 5 (and remotely exploitable), and the data that this feature has access to includes the user's local address book — even if the information has never been entered into a Web form.
When a Safari user comes to my site, I automatically know:
1) They make poor purchasing decisions. They'll waste many thousands of dollars on hardware that's four or five years out of date, but sports the "correct" logo.
2) They are homosexuals, or have strong homosexual tendencies. They are Apple users, after all.
3) They don't have a real job, but rather a sugardaddy or a trust fund.
4) They like fancy coffee blends.
5) They're likely hipsters (or rarely, an old fat neckbeard who's trying to relive his NeXT glory days).
It's not a bug, it's a feature!
http://CryoLANparty.com/ A lan I'm staff on!