Safari 5 fixes whopping 47 vulnerabilities in Safari 4.1

Your hair is not on fire so there is no need to act like it is. MacOS X has been out for nearly a decade depending on how you count. Suffice it to say that the OS has been around for a long time. It has certainly been around long enough for you to have learned that there is a difference between a vulnerability and an exploit. There have been exactly zero exploits of the 47 vulnerabilities fixed in this most recent update of Safari. Now that they have been fixed, these vulnerabilities will never be exploited.


How exactly will sandboxing do better than zero exploits?

I don't have to spin "0." It looks the same at every angle.

You can be as smart as you want to be. You still can't print perpendicular to the page. And even if you could, then there would still be zero exploits of the fixed vulnerabilities.

Safari for Windows is the most insecure browser in the world. Apple just doesn't code secure software for Mac OS or Windows, period. Chrome is the most secure Windows browser with IE a close second. Rather than securing their software Apple is choosing to invest in a new platform, iOS. iOS doesn't allows any code not reviewed by apple to even run. Great way to keep you're stuff safe but there's a lot of overhead. Not to mention the new multitasking capabilities which essentially eliminate brackgrond processes i.e viruses, Trojans... But application virtualization which let's you pause, stop, start applcations on the fly could prove very useful; and it has as shown by Steve Jobs keynote.

But, if ur on Windows use Chrome. Safari could still be safe to use due to obscurity but I wouldn't deploy it. Safari is not secure, but safe because no one targets it (make sense?). Switch to Chrome with top notch security on Windows and good overall HTML5 support

I'm not sure if Chrome has as much advanced security on Mac that it does on Windows but none the less, Google is fighting an uphill battle with cloud computing so having better security on ALL platforms is beneficial, which Chrome is the leader in browser security

Bunk. Double-bunk, in fact. Exactly where do you get this notion that Safari for Windows is so insecure? How many vulnerabilities does Safari for Windows have? How many does Internet Explorer have?

Look. Safari sits on top of a substantial number of MacOS X frameworks that were ported to Windows for the specific purpose of supporting the browser. Safari for MacOS X has no exploits. It is supported by the same frameworks as Safari for Windows. Furthermore, Safari and Chrome are both built on the WebKit frameworks. You claim that one WebKit-based browser is extremely insecure but that another is extremely secure. That is impossible.

In my professional life, I deal with a lot of engineers--Windows-using engineers. My Windows-using engineer friends dropped IE in favor of Safari because Safari is so much more secure. What do you know that my engineer friends don't know?

I'm a windows admin. I use Safari. Safari is safer than IE but not more secure. Chrome is the most secure because it lives in a sandbox

OK windows admin, three questions:

• How do you distinguish between safe and secure?
• How many Safari for Windows exploits are there?
• How many Chrome for Windows exploits are there?

Safe meaning fewer exploits.

This is not a good metric because the major reason to create exploits is for money. Sine Safari has next to no market share there's no money. IE has tremendous market share which means major moneys exploiting it.

Since you're not understanding I'll explain it further. You first need a vulnerability. Then you need to exploit it. The key metric you're looking at in regards to security is number of vulnerabilities not exploits. The number of vulnerabilities correlates to how secure your code is, hence your browser. The number of exploits correlates to how safe your browser is.

Now, Chrome is also sanboxed which Safari isn't. Why does this matter? Because an exploit on Safari has access to system resources i.e files, folders, services, printing, etc... Chrome does not allow this access, it's sandboxed. In order exploit Chrome you need to first find a vulnerability, then find a vulnerability in Chrome's sandbox to exploit it. So it's multiple loop holes. Additionally, Windows Vista/7 implements ASLR in a superior fashion than OS X. So not only do hackers need to write multiple vulnerabilities and/or exploits but they also need to figure out a way to find them. Not to mention that in Chrome each tab is isolated in it's own process as well

Safari and Apple have annonced that they are striving to achieve the same architechure that Chrome has by sandboxing Safari and including in webkit isolated processes.

FYI, educate yourself and read up on Charlie Miller and how he's been able to win PWN2OWN several years in a row based on what I've just outlined

In other words, you don't have a clue.

http://www.kb.cert.org/vuls/html/search

I don't think one company is better than the other.

Here is the list of security fixes and patches to Google chrome + the fact that you expose your location and browsing data to Google.

http://googlechromereleases.blogspot.com/

You misrepresent your links.

hold the phone here. You mean to tell me, that some internet software, has security holes?

O...M....GOD.

I wish they would remove this dam load bar they put in or at least let me change the color. I wear everything loads now twice as slow.