Slashdot Log In
Apple Quietly Releases Safari 3.2
Posted by
kdawson
on Sun Nov 16, 2008 08:15 AM
from the new-shinies dept.
from the new-shinies dept.
99BottlesOfBeerInMyF writes "Yesterday Apple quietly slipped out an update to their Safari Web browser to version 3.2. The notable feature is that it finally adds anti-phishing technology, an area where Safari has lagged behind competitors. Aside from that, it provides some security fixes, improved JavaScript performance, and a slightly newer version of Webkit, pulling their Acid3 score up to 77." Apple forums across the Net are reporting frequent crashes in Safari 3.2, some possibly caused by 3rd-party add-ons, others perhaps related to the anti-phishing feature.
Related Stories
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
And? (Score:2, Interesting)
New version of Safari. Does this mean /. is turning into a slightly more fleshed-out VersionTracker? I don't see how this is newsworthy: maybe the addition of anti-phishing capabilities would be worth mentioning in passing, but a minor update which causes a few crashes is nothing new.
Re:And? (Score:5, Funny)
An update addressing one of the most important shortcomings of one of the most important web browsers;
We really need sarcasm tags.
Parent
Re: (Score:3, Insightful)
Re:And? (Score:5, Insightful)
Parent
Re:And? (Score:4, Insightful)
I have one word for you:
iPhone
See now how important Safari is? Oh, and WebKit is used on Nokia phones too, and it's becoming a major player on the embedded browser market.
Parent
Re: (Score:3, Funny)
"iPhone Bitch!" [youtube.com]
Re: (Score:3, Informative)
Apple pushED the Safari via iTunes and QuickTime updates, but Apple has not done it long time now.
Safari is possible to install via Apple Update but you need to select it first from secondary downloads list to get it. It does not come automatically.
Re: (Score:2)
Ditto. Safari is maybe a couple percent share, and it's not likely to grow much.
The story does seem newsworthy to me though, at least by /. standards.
Re:And? (Score:4, Informative)
shortcoming yes, important web browser? Dude Im a mac users, a claimed Apple zealot, and all that and even I dont see the importance in Safari.
There are four major HTML rendering engines right now, two of which are commercial (Microsoft's Trident and Opera's Presto) and two of which are open-source (Mozilla's Gecko and Apple's WebKit). Of these, only WebKit is really growing right now - more and more browsers are being built on it. Safari is the reference implementation for a WebKit-based browser. That's why Safari is important.
In addition to Safari (and the mobile version of Safari used on the iPhone and iPod touch), WebKit is also used by Adobe AIR [wikipedia.org], Google Chrome [wikipedia.org], and Nokia's S60 browser [wikipedia.org]. Also, Konqueror [wikipedia.org] is still using their own KHTML, but they're working on switching over to Apple's fork [arstechnica.com], eventually.
Parent
Safari still has an annoying bug... (Score:3, Interesting)
A bit off-topic: Both Safari 3.1 and 3.2 (@ Tiger) freezes the loading progress randomly, but ping google.com still works. I have tried to reset Safari, but it didn't help.
Re: (Score:2)
Want to re-login 250 sites? (Score:4, Informative)
I tell you the real annoying bug. It erases cookies sometimes. Yes, the file itself (~Library/Cookies/Cookies.plist). It was documented by unsanity and said to be fixed at least on Intel but we, poor PPC users who made the mistake of jumping to Leopard still suffer from it.
http://www.unsanity.org/archives/apple/apple_hates_bug_filers.php [unsanity.org]
Ironically, it generally hits you when you report a bug to Apple, that is where the title comes from.
I had to restore 2.2 MB of cookies from Time Machine today.
Parent
Anto-phishing? Fuck that. (Score:4, Interesting)
Personally I don't use Safari (I don't have a Mac, nor do I use MS Windows). I just thought I would take the time to rant about "anti-phishing" things.
I always turn such "features" off on my own computers, and would do so on any computer where I was the "tech support" (after appropriate consultation and education).
Why? Because blacklists don't work. Want to not get phished? Simple instructions that even the most computerphobic person can understand:
When you want to go to the website of your bank, credit union etc., type in what you see on the printed material you have in front of you! (Alternatively, for the more computer literate folks, create a bookmark/favourite after having typed in the address from the printed material from your bank. And only access it via that link.)
Never trust a link via an email, never trust a link from another website, not even if the address looks the same. (Character encoding, bad eyes and other things can make two strings look the same, even when they aren't.)
Simple advice and works for everyone whom I've told it to. (The same with, "don't download files from your email unless you were expecting them, which is a bit over the top, but the slightly more complicated, don't download executable files got reduced somehow.)
End rant.
I did have a look at the article, and to be frank, there isn't anything exciting in there. It seems that the only reason this got to the front page is that Safari crashes a lot. Umm..., I guess I don't care.
Re:Anto-phishing? Fuck that. (Score:5, Insightful)
But anti-phishing is not about blacklists... Some might include that too but it is just a minor addon. Anti-phishing is about browser warning you when link with an anchor text "Your-Bank.com" is about to actually take you to "Your-Bank-fake.com".
Educating users is important but having a backup feature like that is helpful.
IF it was just anbout blacklists (blocking sites absolutely known to be scam) why would you turn it off? What harm would that do to you? :D
Parent
Re: (Score:2, Interesting)
Yourbank.com [slashdot.org]...
command.com [example.org]...
Umm, and I seeing a problem with that idea? Yes I am.
And the reason to turn it off, it doesn't always work (false positives, and false negatives), and it leads to a false sense of security. Like running a virus checker and then not caring about downloading random shit from the web. Better to just not download random shit from the web.
Re: (Score:2, Insightful)
If users could be trained, we could solve a lot of problems. Users don't care about learning, only about function.
Re: (Score:2)
What bugs me is the lack of documentation. Where is the data coming from? Is it offline or online (e.g. every URL submitted), how is the data secured?
1 Password added phishing protection to Safari long before Apple did and while being just a shareware developer, they gave all the details. It is powered by community powered phishtank (opendns).
Now, we gotta run Wireshark here to see where the data comes from, how it acts etc. The "live" online phishing check is a horrible privacy risk since every URL you vis
Re: (Score:2)
Yes, simple advice and education works, you should not rely on anti-phishing tools. However people make mistakes.
It is, in my opinion extremely foolish to turn off the advisories, or tell other people to do so. You don't rely on the crumple zones in your car to stop you in traffic lights either, do you? But do you argue against cars with crumple zones?
Re: (Score:2, Interesting)
* Even typing a correct URL you're not free from dns-poisoning
How does a blacklist of urls address that?
Re: (Score:2)
webkit project (Score:4, Informative)
Safari is based on Webkit [webkit.org], which can achieve an almost perfect acid3 score. Anyone using windows or macosx can easilly try it.
perfect score (Score:3, Informative)
I thought it was a perfect score. [webkit.org] Not a almost perfect score.
What I really want is some screenshots of what the anti-phishing behavior looks like. For all this talk about Safari 3.2 no one has bothered to try out the new features.
Re: (Score:2)
What I really want is some screenshots of what the anti-phishing behavior looks like. For all this talk about Safari 3.2 no one has bothered to try out the new features.
The hard part is finding known phishing sites that are still up and detected by the phishing detection. I think I did get it to work for one page (http://chaseonline.chase.com.ssl.com.kg/ [ssl.com.kg]) and it was a simple dialogue box, but I haven't been able to repeat it with any other page to confirm. Using Google to look for a test suite comes up with dozens of links to the same whitepaper about testing Firefox, but without any links to the actual test pages used. Aside from that, lots of commercial products with no
Re: (Score:2)
Re: (Score:3, Informative)
Anyone using windows can easily try it.
By downloading Chrome (or the open source version Chromium [chromium.org])
Crashes (Score:5, Informative)
Apple forums across the Net are reporting frequent crashes in Safari 3.2, some possibly caused by 3rd-party add-on
Yep, PithHelmet (anti-ad plug-in) causes 3.2 (Mac, of course) to blow up every time when using multiple tabs. Removing its bundle from /Library/Application Support/SIMBL/Plugins/ made it stable as a rock again (no problems at with about 15 tabs open, with varying kinds of embedded content), but, sadly, I'm buried with ads again.
Re:Crashes (Score:5, Informative)
Try this: Adblock for Safari [sourceforge.net]
Parent
Re: (Score:2)
Try this: Adblock for Safari [sourceforge.net]
Hey, great, a OSS Adblock software that requires you have the latest OS. Yeah, I'd pay to use that.
Re: (Score:3, Informative)
It looks like another input manager though. You can't really trust "plugins" (they're not really plugins but elaborate memory hacks) like those to work when a new version of Safari comes out. The simple solution is just to use a custom CSS file that blocks ads, like the one on http://www.floppymoose.com/ [floppymoose.com].
Re:Crashes (Score:4, Informative)
Parent
What about WebKit? (Score:2, Insightful)
Re: (Score:3, Informative)
The WebKit nightly builds have been passing the ACID3 test for months and are still 4 times faster than Safari 3.2 according to the SunSpider Javascript Benchmark. Why is Safari so far behind?
They're probably still working out bugs between Webkit and the applications they have that use it. As I mentioned in the summary, however, most of the javascript improvements seem to have made it in this time. On my machine Safari was getting about 11 on the sunspider test, before this update and is now getting about 3. The nightly of Webkit on the same machine comes in at 1, which is better yet, but not that significantly.
Apple loudly released Safari 3.1 (Score:5, Funny)
Re:Apple loudly released Safari 3.1 (Score:5, Funny)
Its odd that Apple released this version quietly. Last time a major point release was available, Steve Jobs was walking down the streets of Cupertino firing a shotgun into the air screaming, [..] followed by USC Trojan band
I guess the anti-phishing feature filtered out the Trojans this time then? ;-)
Parent
Re: (Score:2)
That's a lie (Score:3, Funny)
The Trojan marching band only knows how to play one song.
Great. (Score:3, Funny)
Apple Quietly Releases Safari 3.2
Great, now you've gone and blabbed their secret to everybody.
EV-SSL (Score:5, Informative)
It also now supports EV-SSL. That and the anti-phishing were two major beefs of companies like PayPal.
I wonder what really got fixed... (Score:2, Insightful)
There is something a little odd about this particular update-- Safari on my Mac had been acting very strangely lately-sucking up lots of processor, computer acting a bit odd. This is unusual. This seems to have been fixed by the update. Maybe just a coincidence?
The question is: why is Apple so quiet about rolling this update out and what it fixes, and since when does a minor Safari update require a reboot?!!
Re: (Score:3, Informative)
The question is: why is Apple so quiet about rolling this update out and what it fixes, and since when does a minor Safari update require a reboot?!!
It replaces more than the Safari application. It also, slightly, updates Webkit, which is a core library that numerous programs use. You can get by without rebooting if you just kill the update at the end then restart all the programs that use Webkit... but that's a bit advanced for most people and a reboot is easy.
The erratic behavior of Safari could be caused by damaged resources which were replaced in this update, making it more useful to you than the average bloke.
"Quietly"? (Score:5, Insightful)
How does putting Safari 3.2 on Software Update, where by default it will be received by every internet-connected Mac OS X user in the world, count as a release that was "quietly slipped out"?
Granted, they're the new Bad Guy on /., but can we be a little less lazy and more accurate in our snide characterization of Apple's activities?
Re:Quietly? (Score:5, Funny)
I'm sure they attempted to force it on every user with iTunes... hardly quiet.
I hear they're working on iLube to adress this problem.
Parent
Re:Quietly? (Score:4, Informative)
Worse, I downloaded Safari for Windows for testing and they tried to force iTunes on me. They said it was a security update. I've since removed their update 'service' (like servicing a cow) and I guess I'll have to update Safari manually.
Admittedly, this was a while back and maybe they've cleaned up their act. Then again, Firefox 3.0.4 refuses to install because I need to run as an account with more rights than a full administrator. All I need now is Opera to give me grief.
Parent
Re: (Score:2)
Admittedly, this was a while back and maybe they've cleaned up their act
They haven't. Their updater for a few programs I barely use is more intrusive than any other updater on my computer. How does that make any sense?
Re: (Score:2)
They seperated "Updates" with "New Software" now so you won't be pushed iTunes or other kind of software. So you better re install Apple software update (Safari installer should do it)
This one is indeed a serious security update on Windows (and OS X), check http://support.apple.com/kb/HT3298 [apple.com] for reference.
Re: (Score:2)
I would rather take a nice walk in the park and feed sqiuirrels
But 'Safari' sounds a lot cooler than 'Bag of Peanuts' as a name for a browser.
Re: (Score:2)
And what better way is there to go meet Nelson Malambe or Chief John Aka Bamba, than on a Safari to their homeland?
Re:Update of Windows version too? (Score:5, Informative)
Windows version is there too and it is a serious sounding security update.
The actual release notes are at http://support.apple.com/kb/HT3298 [apple.com]
You should subscribe to Apple Security Updates mailing list for non PR infested update announcements.
http://lists.apple.com/mailman/listinfo/security-announce [apple.com]
Parent
Re:Update of Windows version too? (Score:4, Informative)
TFA doesn't call this out at all - does this update the Mac version only or is Windows also at 3.2?
TFA provides a link to download the Windows version.
Parent
Re: (Score:3, Informative)
If a browser doesn't score a 100 on the Acid3 test, it fails. Period. A browser that scores an 18 doesn't fail any more (at least officially) than one that scores an 88.
Then why do they bother with scores instead of just putting up the word "pass" or "fail"? Each part of the test hits a problem area of rendering and the more points a browser gets, the more of those cases they are compliant for. Higher scores do translate into greater standards compliance for the tested set.
In order to pass, you need a score of 100 and the test page needs to look pixel-for-pixel like the reference rendering (which is a little redundant, but that's what it says on the test page itself).
More than that, it has to run the animation smoothly using the specified reference hardware... at least according to the authors of the test.
The higher score should raise a footnote perhaps, but you shouldn't be too concerned about it.
It's more abut how current the version of Webkit they're incl