electro-music.com   Dedicated to experimental electro-acoustic
and electronic music
 
    Front Page  |  Radio
 |  Media  |  Forum  |  Wiki  |  Links
Forum with support of Syndicator RSS
 FAQFAQ   CalendarCalendar   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   LinksLinks
 RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in  Chat RoomChat Room 
go to the radio page Live at electro-music.com radio 1 Please visit the chat
poster
 Forum index » News... » Apple Computers
Safari update patches $10,000 vulnerability
Post new topic   Reply to topic
Page 1 of 1 [15 Posts]
View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
Author Message
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Thu Apr 17, 2008 2:12 am    Post subject: Safari update patches $10,000 vulnerability Reply with quote  Mark this post and the followings unread

http://electro-music.com/forum/topic-25170.html

Sorted!;

MacUser wrote:
Safari update patches $10,000 vulnerability 8:24AM, Thursday 17th April 2008

Apple has released a Safari update, providing improvements to stability and compatibility as well as a number of security fixes.
The most notable among those addresses the vulnerability highlighted in a recent hacking contest. The flaw meant that viewing a maliciously crafted web page could lead to an unexpected application termination or arbitrary code execution. The update addresses this by performing additional validation of JavaScript regular expressions.
Also addressed are vulnerabilities where visiting a malicious website could result in cross-site scripting, unexpected application termination or arbitrary code execution or take control the contents of the address bar.
Safari 3.1.1 is available via Software Update or from apple.com/support/downloads and requires a restart. For details of the security issues addressed see About the security content of Safari 3.1.1.

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
Inventor
Stream Operator


Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267

PostPosted: Thu Apr 17, 2008 2:55 am    Post subject: Reply with quote  Mark this post and the followings unread

Unfortunately I did not buy the OSX update, so I no longer get Safari updates, and my Software Update window shows no update available. So now I have a very good reason to use Firefox instead of Safari. Apple has left me with a hackable version of Safari.
_________________
"Let's make noise for peace." - Kijjaz
Back to top
View user's profile Send private message Send e-mail
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Thu Apr 17, 2008 3:11 am    Post subject: Reply with quote  Mark this post and the followings unread

Firefox is okay. Seamonkey however is better imo.

However, unlike Safari, neither of the above are Cocoa native and so therefore you will be unable to use Apple services (one of the reasons Mac OS X is so great!)

You may however like to try these following browser apps which are also Cocoa native;

Shira
Demeter
iCab

But be warned, all of the above applications are open to vulnerabilities, and the only way to be sure that you are safe is to upgrade to 10.5.3.

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Thu Apr 17, 2008 3:13 am    Post subject: Reply with quote  Mark this post and the followings unread

Inventor wrote:
Apple has left me with a hackable version of Safari.


Do you actually know that? Have you asked on the Apple forum to see if this is a Safari issue which also includes previous operating systems?

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
Inventor
Stream Operator


Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267

PostPosted: Thu Apr 17, 2008 3:56 am    Post subject: Reply with quote  Mark this post and the followings unread

v-un-v wrote:
Inventor wrote:
Apple has left me with a hackable version of Safari.


Do you actually know that? Have you asked on the Apple forum to see if this is a Safari issue which also includes previous operating systems?


Nah, it just seems unlikely that only the latest version has the flaw. So I should add "probably" or "likely" to that statement, being precise about it.

_________________
"Let's make noise for peace." - Kijjaz
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Thu Apr 17, 2008 4:41 am    Post subject: Reply with quote  Mark this post and the followings unread

Inventor wrote:
Unfortunately I did not buy the OSX update, so I no longer get Safari updates, and my Software Update window shows no update available. So now I have a very good reason to use Firefox instead of Safari. Apple has left me with a hackable version of Safari.



But..? Ahh.. you have 10.3.X? Apple is still patching the 10.4.X series.

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Thu Apr 17, 2008 4:43 am    Post subject: Reply with quote  Mark this post and the followings unread

Inventor wrote:
v-un-v wrote:

Do you actually know that?


Nah, it just seems unlikely that only the latest version has the flaw. So I should add "probably" or "likely" to that statement, being precise about it.


Does it? Do you think that there is some big conspiracy out there to get you to buy Leopard and that Tiger owners are basically stuffed?

What really confuses me though is if you really don't like Apple that much, why do you use their products?

I understand that Chuck runs well in Linux. You could easily sell your Mac and buy a PC running Ubuntu. You would even have enough change left over for the bus! Idea

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Thu Apr 17, 2008 5:10 am    Post subject: Reply with quote  Mark this post and the followings unread

That Safari patch also involves patching Webkit, the web rendering toolbox in OS X. This means that all applications that rely on WebKit will be affected. Shocked Very Happy Good thinking!
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Thu Apr 17, 2008 5:26 am    Post subject: Reply with quote  Mark this post and the followings unread

v-un-v wrote:

Does it? Do you think that there is some big conspiracy out there to get you to buy Leopard and that Tiger owners are basically stuffed?


That's not a conspiracy; it's entirely normal for companies to stop updating older products. Some of those products may still have bugs. This isn't unusual in the slightest.

Quote:
What really confuses me though is if you really don't like Apple that much, why do you use their products?


There's a difference between "liking" (which Inventor said he did in the other topic) and being concerned about security. I -like many here- used quite a few OS's over the years but never saw one that was "perfect", they all have issues yet in the end you pick one (or two or three....) that suits your needs. Picking one does not mean you are then forbidden to critique aspects of it.

Quote:
I understand that Chuck runs well in Linux. You could easily sell your Mac and buy a PC running Ubuntu. You would even have enough change left over for the bus! Idea


Deep breath, Tom, count to 10... thanks.

Not everybody feels Apple is perfect, nor do they need to.

Right. How about one computer for music (running OSX) and one for browsing (for example that old pc laptop) and slapping Ubuntu on there? As far as we know that's quite safe.

It has more benefits, aside from being able to optimise both it leads to less distractions while making music. Also; ChucK on OSX has some features that aren't yet ported to Linux and that Inventor makes extensive use of.

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Thu Apr 17, 2008 5:45 am    Post subject: Reply with quote  Mark this post and the followings unread

sigh Rolling Eyes here we go again.

Kassen wrote:

Deep breath, Tom, count to 10... thanks.


Don't patronise me Kassen.

Kassen wrote:

Not everybody feels Apple is perfect, nor do they need to.



I never said Apple was perfect.

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Thu Apr 17, 2008 6:09 am    Post subject: Reply with quote  Mark this post and the followings unread

v-un-v wrote:

Don't patronise me Kassen.


You do realise you just suggested Inventor"sell his Mac" on account of "not liking Apple that much" after he thought there might "probably" still be a "flaw" in the browser? Do you suppose that acting that childish might have something to do with being treated as one?

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Inventor
Stream Operator


Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267

PostPosted: Thu Apr 17, 2008 6:18 am    Post subject: Reply with quote  Mark this post and the followings unread

[quote="v-un-v"]
Inventor wrote:
What really confuses me though is if you really don't like Apple that much, why do you use their products?


Well, I really do enjoy my Mac very much. My good times with Apple began in the late 80's in college when I built the world's first Hackintosh SE and published articles on it in Computer Shopper magazine. It had a PC power supply, a huge 14" PC monitor, and a wooden case with floppy disk cutout and everything (made of 1x4's). Those were fun days. I had the world's first external monitor product as a result of this and tested some models at the university computing center, but I had no business skills to take the prototypes into production (and still don't).

Which is why I was so excited to return to Apple three years ago, and also why I've recently become so disheartened at their profiteering moves. It's easy to see no problem with Apple's tactics if you have enough money to keep buying their toys and software upgrades, then you really don't notice $129 every two years. For me, however, things have been tight and while I could have let Apple drain my account I chose not to make the sacrifice in the name of their bottom line. Now I seem to be a second-class citizen in Apple's eyes, not worthy of a security update or any new software either.

I still enjoy my Mac immensely and I wouldn't trade it for a brand new Windows machine, but at this point Ubuntu is looking quite appealing to me. Once those advanced features of ChucK that Kassen mentions get ported to Ubuntu, I will be able to run my stuff on a free OS and not be subject to the taxes of the overlord.

_________________
"Let's make noise for peace." - Kijjaz
Back to top
View user's profile Send private message Send e-mail
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Thu Apr 17, 2008 6:21 am    Post subject: Reply with quote  Mark this post and the followings unread

Inventor wrote:
the world's first Hackintosh SE


Pictures!

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Inventor
Stream Operator


Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267

PostPosted: Thu Apr 17, 2008 8:19 am    Post subject: Reply with quote  Mark this post and the followings unread

Kassen wrote:
Inventor wrote:
the world's first Hackintosh SE


Pictures!


Oh gosh, I wish I had some pictures! I don't even have the old articles or any of the hardware anymore. I remember it was a big, heavy white pine case held together by angle straps and wood screws, with a removable lid. The 14" monitor was amber in color, and I had to modify the horizontal scan rate of the monitor by putting a bunch of 0.1 uF caps in parallel on the board. Also there was a custom wiring harness to the SE motherboard and a little board with an inverter on it to invert the video. It had an apple mouse and a third-party keyboard.

My friend and I wanted to go into business selling the monitors, which we called the "Macnifier". We tested it in the computer science lab which was sunny and the cheap monitors got bleached out in the sun - there was nothing I could do about that. Also there was the problem of "blooming" which is change in screen size as a function of brightness. I ended up running up my credit card buying and modifying monitors, getting into credit trouble, and shocking myself a few times with 15 kV!

Since then I have invented many things, but never made much money off of them. At least there are a few patents and a small annual royalty from one of them. Maybe the stupid FDA will approve that product and then my stock will be worth something, but until then I'm in the poor house. My advice: inventing is a nice hobby but I wouldn't try to make a living at it. Still, good memories are nice to have!

_________________
"Let's make noise for peace." - Kijjaz
Back to top
View user's profile Send private message Send e-mail
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Thu Apr 17, 2008 8:45 am    Post subject: Reply with quote  Mark this post and the followings unread

Well.... At least it's a really good story.... In my mind's eye it looks great... though admittedly it doesn't look like something I'd actually buy, there, I fear.

:¬)

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic
Page 1 of 1 [15 Posts]
View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
 Forum index » News... » Apple Computers
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Forum with support of Syndicator RSS
Powered by phpBB © 2001, 2005 phpBB Group
Copyright © 2003 through 2009 by electro-music.com - Conditions Of Use