Apple dismisses Safari vulnerability


	June 24, 2008 New version of All In One Keylogger added more Free monitoring and anti-keylogging Software! more


	July 03, 2008 Information Security Management: The Basics more Industry View: Web Application Security Today - Are We All Insane? more Ignore Malware? Some Leaders Imply Yes more Chinese bloggers evade great firewall more HMRC blunder leads to further private data leak more Reports reveal poor security practices behind data losses more Thieves steal millions from Citibank customers more Trojans stop play for web gamers more Google open sources RatProxy security tool more IBM Develops Audio-masking Technology more ATO admits callers are 'chopped off' more E-security review to probe broadband network more Stolen: Google's employee records more Microsoft trumpets security additions in upcoming IE8 more Mozilla patches 13 bugs in Firefox 2 more

E-mail:

E-mail:

DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

May 16, 2008

Apple dismisses Safari vulnerability

In a blog post titled "Safari Carpet Bomb," Nitesh Dhanjani describes how a rogue Web site can easily download resources to the Windows desktop or downloads directory on the Mac.

"Apple does not feel this is an issue they want to tackle at this time," he writes.

An Apple representative told Dhanjani that an "enhancement request" for an "Ask me before downloading anything" preference would be filed with the Safari team. "Please note that we are not treating this as a security issue, but a further measure to raise the bar against unwanted downloads," the Apple representative wrote in an e-mail to Dhanjani.

That issue, coupled with the fact that Safari doesn't warn users when a local resource, such as an HTML file, attempts to invoke client-side scripting, creates a risky situation for most browser users, Dhanjani said in an interview. "People are starting to expect more from browsers today," he said.

The Apple representative told him that the company has been "investigating the potential for a 'safe' mode for local HTML."

Meanwhile, Apple does plan to fix a high-risk security vulnerability that Dhanjani discovered. It could be used to remotely steal local files from a user's file system.

An Apple spokesman did not return a phone call and e-mail seeking comment.

Source: ZDNet Australia

	All news for July 03, 2008:
	14:06	Information Security Management: The Basics
	14:06	Industry View: Web Application Security Today - Are We All Insane?
	14:04	Ignore Malware? Some Leaders Imply Yes
	14:02	Chinese bloggers evade great firewall
	13:01	HMRC blunder leads to further private data leak
	12:54	Reports reveal poor security practices behind data losses
	12:53	Thieves steal millions from Citibank customers
	12:51	Trojans stop play for web gamers
	12:50	Google open sources RatProxy security tool
	12:48	IBM Develops Audio-masking Technology
	12:40	ATO admits callers are 'chopped off'
	12:39	E-security review to probe broadband network
	12:37	Stolen: Google's employee records
	12:33	Microsoft trumpets security additions in upcoming IE8
	12:32	Mozilla patches 13 bugs in Firefox 2
	All news for July 02, 2008:
	16:50	Start-up nexTier debuts data-leak prevention appliance
	16:49	ACLU, EFF sue US gov't over mobile phone tracking
	16:47	UK scientists demo graphic passwords
	16:46	SecureWorks unmasks the Coreflood Trojan
	16:45	Web threats hit 12-month high
	16:43	Malware growth slowing, say experts
	16:42	World of Warcraft Trojan spreads from Asia
	16:42	Hackers hit Sony PS3 website
	16:41	SMEs failing at IT security
	16:37	Hacking Tools: A New Version of BackTrack Helps Ethical Hackers
	16:36	Hands On: 12 Quick Hacks for Firefox 3
	16:35	Swedish Data Inspection Protects Messy Apartment Dwellers
	16:06	DIAC security threatened by flood of contractors
	16:02	Lords questions gov't over web-data retention laws
	16:00	Barclays gives online users free Kaspersky software
	16:00	Report: Outdated browsers put 637m users at risk
	15:57	Trojan lurks, waiting to steal admin passwords
	15:57	Unstructured data at risk in most firms, survey finds
	15:55	Microsoft scrutinizes WSUS patch snafu
	15:53	Apple OS update fixes Adobe corruption bug

All news for July, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!

	\| home \| testing and reviews \| testing policy \| press_releases \| developers \| \| articles \| contest \| chat \| forum \| sponsorship & services \| contacts \| links \|
	Copyright © 2003-2008, Keylogger.Org Team. All Rights Reserved. Use of any information from this website is permitted only with hypertext link to www.keylogger.org.