Apple releases Safari 5.1.4 update with improved JavaScript performance and bug fixes
Apple has released an update to its Safari web browser, bringing the version to 5.1.4. The update addresses a variety of bugs and issues and claims to improve JavaScript performance.
Safari 5.1.4 contains improvements to performance, stability, compatibility, and security, including changes that:
- Improve JavaScript performance
- Improve responsiveness when typing into the search field after changing network configurations or with an intermittent network connection
- Address an issue that could cause webpages to flash white when switching between Safari windows Read more...
FTC urged to probe Google’s Safari-tracking gaffe
Google is once again under fire after a Stanford researcher discovered that the search giant and other advertising outfits have circumnavigated the privacy settings of millions of Apple Safari users.
According to the Wall Street Journal, Google, Vibrant Media Inc, WPP PLC's Media Innovation Group LLC and Gannett Co.'s PointRoll Inc used code that "tricked" Safari into allowing users to have their online browsing habits tracked.
Apple's browser blocks most tracking by default with exceptions for websites that, for example, require interaction from a user – such as the filling in of an online form. Google claimed in a statement that the WSJ had "mischaraterised" the code used by the ad companies. Read more...
Did Google handicap malware defenses in Firefox and Safari?
In December a Google-funded security study slammed Firefox, putting Mozilla’s browser at the bottom of the heap when it came to protecting users as they surf. NSS labs quickly entered the fray to clarify some inconsistencies in the report and defend Firefox’s good name in the process.
NSS indicated that Chrome’s malware block rate had suddenly jumped to more than 50% right around the time that the original report was issued. Despite the fact that Firefox and Safari also rely on Google’s Safe Browsing API, their block rate remained stagnant at about 2 or 3%. Then, inexplicably, there was a dramatic swing in the days that followed the NSS Labs’ rebuttal. Chrome’s block rate dropped off a cliff, falling to just 20% — while Firefox and Safari’s rates more than doubled. Read more...
Facebook porn storm used same tactics as May’s Bin Laden spam
IE8, IE9, Opera and Safari vulnerable to 'self-XSS' attacks
The attacks against Facebook that planted pornography on users' news feeds relied on the same trickery as a campaign last spring that touted the death of Osama Bin Laden, a security researcher said today.
On Tuesday, Facebook confirmed what it called "a coordinated spam attack" that resulted in sexually explicit images, as well as photos of animal abuse, spreading on member's pages.
Facebook identified the hacker tactic used to hijack pages and bombard friends with the photos as an exploit of what it called a "self-XSS browser vulnerability."
That label -- self-XSS -- has been used by other researchers, including those at Commtouch, to describe a ploy where spam messages tell recipients to copy and paste JavaScript into their browser's address bar. The script, however, is in fact malicious and exploits a bug in the browser. Read more...