And here is the icing on the cake. It turns out Internet Explorer, the butt of many internet jokes, is actually MORE secure than Safari.The IT security reputation of the Apple Mac as being impervious to malware/hacker attacks ratcheted down a few more notches this week after Kaspersky Lab revealed that a potentially serious loophole has been discovered in the Safari Web browser.According to Vyacheslav Zakorzhevsky, head of vulnerability research with Kaspersky, an unencrypted file used to restore a previous browsing session in the Web browser client gives attackers direct access to the sites that the Internet user has visited.This is particularly important when users are visiting a secure Web site - such as online banking logins or making an online payment - an `https' Web page is not normally accessible using the `browser back' button, and for good reason, SCMagazineUK.com notes.Zakorzhevsky, who has been with Kaspersky since 2007, says that Safari does not encrypt previous sessions and stores them in a standard plist file that is freely accessible."As a result, it's easy to find a user's login credentials," he said, adding that, because a complete Web session on a given site is saved in the plist file, it becomes accessible, despite the use of `https' technology.
In July of this year, a report from NSS Labs rated Apple's Safari browser as inferior to Google Chrome and Internet Explorer in terms of blocking malware.Apple really need to stop pocketing all the money they gouge from customers and start spending it on making their products better.
You can read more here.
No comments:
Post a Comment