or Connect
AppleInsider › Forums › Software › Mac Software › Apple to release Safari browser for Windows
New Posts  All Forums:Forum Nav:

Apple to release Safari browser for Windows - Page 4

post #121 of 128
Quote:
Originally Posted by aegisdesign View Post

J
That would be David Maynor. Nobody takes him seriously. How can you take any security expert seriously if they refuse to demo the bugs they've found never mind tell the application developer about them.

Not just Maynor.
They spoke of the sayings and doings of their commander, the grand duke, and told stories of his kindness and irascibility.
Reply
They spoke of the sayings and doings of their commander, the grand duke, and told stories of his kindness and irascibility.
Reply
post #122 of 128
Quote:
Originally Posted by addabox View Post

Not just Maynor.

Yes, I've just read that and personally I think the jury is out still.

Thor's research does show an exploit but there's a number of reasons why it's possible. The exploit is an old one where you pass off a command line to a URL helper for things like gopher: or telnet:

On OSX, URL helpers run through Launch Services which is where I suspect Apple places it's security checks. Safari I'd think itself isn't responsible for the security.

On Windows there's no such thing so the program that passes off the URL or gets the URL has to filter it. It would seem that the Safari team overlooked the fact that Windows sucks ass for security and will have to do their own filtering. Also implicated is Firefox I'd say since it appears you can pass it an exploit on the command line and it'll happily suck it right up.

Perhaps I'm wrong here but the upshot is that browsers on Windows need to do a lot more checking than they'd do on MacOSX.
post #123 of 128
Quote:
Originally Posted by aegisdesign View Post

Yes, I've just read that and personally I think the jury is out still.

Thor's research does show an exploit but there's a number of reasons why it's possible. The exploit is an old one where you pass off a command line to a URL helper for things like gopher: or telnet:

On OSX, URL helpers run through Launch Services which is where I suspect Apple places it's security checks. Safari I'd think itself isn't responsible for the security.

On Windows there's no such thing so the program that passes off the URL or gets the URL has to filter it. It would seem that the Safari team overlooked the fact that Windows sucks ass for security and will have to do their own filtering. Also implicated is Firefox I'd say since it appears you can pass it an exploit on the command line and it'll happily suck it right up.

Perhaps I'm wrong here but the upshot is that browsers on Windows need to do a lot more checking than they'd do on MacOSX.

That's my impression as well; still, it doesn't change the fact that Safari for Windows is getting hit with the "not very secure" hammer right out of the gate, and that's bad for mind share.

Surely the team that ported Safari didn't just make assumptions about Windows security routines?
They spoke of the sayings and doings of their commander, the grand duke, and told stories of his kindness and irascibility.
Reply
They spoke of the sayings and doings of their commander, the grand duke, and told stories of his kindness and irascibility.
Reply
post #124 of 128
Quote:
Originally Posted by addabox View Post

That's my impression as well; still, it doesn't change the fact that Safari for Windows is getting hit with the "not very secure" hammer right out of the gate, and that's bad for mind share.

Surely the team that ported Safari didn't just make assumptions about Windows security routines?

I don't know Windows' security architecture well enough to presume they assumed but I'm pretty sure the excuse of 'but Windows should be looking after url helpers like we do on OSX with a central secure method at a deeper OS level' isn't going to wash with the security guys.

It also shows you why Windows has so many exploits if it's up to the apps themselves to filter command lines and URLs.
post #125 of 128
Quote:
Originally Posted by whiskerlickins View Post

I'm having the most bizarre problem and I've searched everywhere and found no solution.

This isn't my screenshot, but I'm having the same problem in XP:

http://www.imagespar.com/img/40bf6c9...8cd669/wtf.PNG

Anyone know how to remedy this? It looks to be a font issue. Thanks!

http://www.digi-comic.com/index.php?...d=133#news_294

In regards to font smoothing see

http://joelonsoftware.com/items/2007/06/12.html
(also Joel had the "slow Safari" issue, see past entries)
-- Denis.
Reply
-- Denis.
Reply
post #126 of 128
I am using Safari under Windows 2000 and OS 10.4. So far, I haven't had any crashes or weird rendering.

Edit: I did get one Safari 3 lock-up, after I resized a text box in PayPal when trying to make a shipping label. Text box resizing seems to work for AppleInsider's forums. It might be a nice feature, though I think it may only be a fix for poor form design.

It still has a little seemingly inconsistent behavior about new tab generation, and Safari 2 was the same way. If I middle click a link, it opens the link in a new tab. If I middle click a bookmark on the bookmark bar, it opens the bookmark in a new tab. If I middle click a bookmark in a folder on the bookmark bar, it opens the bookmark in the current tab.
post #127 of 128
Safari 3.0.1 for Windows just released btw to fix the vulnerabilities above, or at least the ones that have been reported to Apple (ie. not David 'spoilt brat' Maynor's vulnerabilities)

http://www.apple.com/safari/
post #128 of 128
Quote:
Originally Posted by aegisdesign View Post

I'm not sure those are bugs. Some of them are just things you don't like working that way whereas I'm quite fine with them working that way and others I don't have (like issues with urls beginning irc...)

Perhaps you've a corrupt prefs file for your internet helpers. John Gruber had a similar problem...

http://daringfireball.net/2004/05/internet_helper

That doesn't seem to be the problem. I also don't use helpers. The plug-ins I do use are for video, and image file showing, but nothing for internet settings, etc.

The bugs are certainly bugs in the way Apple implemented drawing and frames. I don't have those problems with other browsers, and it works the same on all of the machines here. Improper page display isn' something that was intentional. But Apple sometimes ignore problems for years.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac Software
AppleInsider › Forums › Software › Mac Software › Apple to release Safari browser for Windows