Forgot your password?
typodupeerror
Bug Businesses Security Apple

Apple Safari On Windows Broken On First Day 595

Posted by kdawson
from the bigger-they-come dept.
An anonymous reader writes "David Maynor, infamous for the Apple Wi-Fi hack, has discovered bugs in the Windows version of Safari mere hours after it was released. He notes in the blog that his company does not report vulnerabilities to Apple. His claimed catch for 'an afternoon of idle futzing': 4 DoS bugs and 2 remote execution vulnerabilities." Separately, within 2 hours Thor Larholm found a URL protocol handler command injection vulnerability that allows remote command execution.
This discussion has been archived. No new comments can be posted.

Apple Safari On Windows Broken On First Day

Comments Filter:
  • Uhhh...its beta? (Score:2, Informative)

    by protohiro1 (590732) on Monday June 11, 2007 @11:01PM (#19473631) Homepage Journal
    I mean, you kind of expect there are going to be some bugs...this is a Good Thing and the reason you release a public beta, (in addition to getting buzz) you can shake out the bugs.
  • Wow (Score:5, Informative)

    by mabinogi (74033) on Monday June 11, 2007 @11:02PM (#19473639) Homepage
    Bugs in the first public beta release!
    Who would've thought it!

    Incidentally, it doesn't seem to like authenticating proxies at all, so my first experience with it was a bug too :/

    However, making a big deal of, but not reporting bugs found in a beta release of something seems more than a little silly.

  • by lennier (44736) on Monday June 11, 2007 @11:12PM (#19473717) Homepage
    The quote is "an afternoon of idle _fuzzing_". As in fuzz testing [wikipedia.org].
  • by Anonymous Coward on Monday June 11, 2007 @11:16PM (#19473757)
    Make sure your current copy of Safari is still in /Applications/. The beta won't install otherwise.
  • Alpha or Beta? (Score:5, Informative)

    by eebra82 (907996) on Monday June 11, 2007 @11:22PM (#19473789) Homepage
    I was actually looking forward to try this browser out, but to my surprise, I could not even make it work.

    The installation was smooth without any unexpected bumps on the road. First when I loaded the program, I noticed that no menu fonts nor any fonts whatsoever on the web pages existed. To make it worse, the browser would crash every time I clicked on anything with interactivity, such as the stop button. I have read quite a few solutions to this problem but so far no success. I run Win XP SP2, btw.

    Anyway, there are more problems around the corner. According to the Apple forum, people can't play Windows Media files, dual monitor support is very buggy, some buttons screw up the GUI when pressed down and dragged, loads of spontaneous lockups, random letters appearing everywhere, installation problems, parental control issues and more. [apple.com]

    Also, I am not a big fan of customized GUI:s for crucial applications like a web browser. We should be able to use Windows ClearType instead of the ported OSX version (which sucks), and most importantly, we should be able to use the standard Windows themes. I don't get why Apple thinks the average Windows user would want a significantly altered browser that looks nothing like the rest of the operating system he or she is using. How would Mac users react if Internet Explorer was ported with the Windows theme?

    I think it looks like a promising project, but I am worried because it's not in Apple's nature to release beta software with so many bugs and so little heart put into it.
  • by BRSloth (578824) <julio@juli3.1415926obiason.net minus pi> on Monday June 11, 2007 @11:42PM (#19473965) Homepage Journal
    I wonder how many of those vulnerabilities are actually Safari/KHTML code and how many of those are Windows vulnerabilities.

    IIRC, Firefox had that "URL protocol handler command injection" vulnerability (or something around those lines, correct me if I'm wrong) a few years ago and FF developers said it was the way Windows handles protocols. In the end, they had to change the way URLs are handled inside FF to prevent Windows from catching it.
  • Proxy Feature broken (Score:2, Informative)

    by nicc777 (614519) on Tuesday June 12, 2007 @12:33AM (#19474293) Homepage Journal
    For what it's worth - I discovered the proxy feature is broken. Once you enter your user name and password, the browser crashes (Windows XP).
  • by NMerriam (15122) <NMerriam@artboy.org> on Tuesday June 12, 2007 @12:47AM (#19474377) Homepage

    apple threatened to sue if he disassembled the airport,


    Yeah, the only problem is that he is the only security researcher on Earth who has ever even claimed to be told this by Apple, and he has provided no evidence whatsoever of this supposed threat. Somehow everyone else who notifies apple of vulnerabilities and even demonstrates them later has managed to not get sued or taken out by thugs in a back alley.

    Basically he has posited a grand conspiracy with nothing but his own word that it exists. Nobody else who deals with the same people at the same company in the same manner has any idea WTF this guy is talking about.
  • by Grail (18233) on Tuesday June 12, 2007 @01:18AM (#19474529) Journal
    If the "known attack vector" is actually a bug in the Microsoft Windows JPEG handling API, will you still be crowing about Safari 3 for MS Windows being broken? Go have a look at the number of problems that exist for previous versions of Microsoft Windows XP, in particular relating to graphic formats of some kind or another.

    Besides, from the screenshot of the crash reporter, it's a null pointer dereference (not a heap overflow) - so sure, it's a remotely exploitable denial of service attack, but the browser crashes because the software has detected a problem and decides that the safest way out is to dump core. Let's all go tell the world how broken Safari 3 for MS Windows is!

    For example: http://www.trendmicro.com/vinfo/secadvisories/defa ult6.asp?VName=(MS06-078)+Vulnerability+in+Windows +Media+Format+Could+Allow+Remote+Code+Execution+(9 23689) [trendmicro.com]

    Have fun.
  • Re:You're dodging (Score:2, Informative)

    by Anonymous Coward on Tuesday June 12, 2007 @01:22AM (#19474555)
    From one AC to another:

    Webster's 1913 Dictionary

              Definition:
    \Pro*fes"sion*al\, a.
    1. Of or pertaining to a profession, or calling; conforming
          to the rules or standards of a profession; following a
          profession; as, professional knowledge; professional
          conduct. ``Pride, not personal, but professional.''
          --Macaulay. ``A professional sneerer.'' --De Quincey.


    Perhaps you, yourself, should have looked up the definition, ye lazy & bilesome rapscallion!
  • Slashdot stripped my XML. The line to add is, <key>IncludeDebugMenu</key><string>1</string>
  • Re:Alpha or Beta? (Score:1, Informative)

    by KugelKurt (908765) on Tuesday June 12, 2007 @03:38AM (#19475117)
    > We should be able to use Windows ClearType instead of the ported OSX version (which sucks)

    You mean that black letters on white backgroung actually appear as black letters on white backgroud sucks? You really prefer Windows' black-letters-appear-in-rainbow-colors technology? (http://upload.wikimedia.org/wikipedia/de/d/d4/Cle artype.png [wikimedia.org])
    I tried Safari for Windows only for a very short time at a fried's house so I didn't experience any crashes, but at least the font rendering was way better than the ClearType stuff in IE.
  • by The Cornishman (592143) on Tuesday June 12, 2007 @05:25AM (#19475497)
    > Pride comes before a fall

    Pride goeth before destruction, and an haughty spirit before a fall. Proverbs 16:18 [gutenberg.org]

  • by VGPowerlord (621254) on Tuesday June 12, 2007 @06:15AM (#19475697) Homepage

    Second. When Apple posts a direct link to one of its flagship applications on the main page of its website (http://www.apple.com), do you really expect people to understand what a beta is? It's called a beta, but it's not being treated as a beta. With normal betas, a small subset of the userbase will install, test, and use the app. Betas aren't supposed to be marketed with such fanfare. The entire point is to quietly release the beta to permit the beta testing to occur; it's not to push the app to the masses. Apple is advertising this "beta" to everyone and anyone: power user, casual user, grandma user, idiot user, manager user, etc (in order of decreasing acuity). You may know what "beta" means, but your uncle Vince who just completed a course at the public library titled "Learn the Internet 101" does not.

    It doesn't help that the definition of beta has become muddles over the years.

    When I learned the stages of software development, it went something like this:

    alpha - Code that doesn't compile or runs incorrectly. Alpha testing is literally checking to see if the code compiles and runs as expected, done by the developers themselves.

    beta - The code works now, but there may still be major bugs. A small group of internal testers try it and report any bugs they find. This is now called "closed beta" by MMO developers or "alpha" by the Mozilla team.

    gamma - The code works and most major bugs are fixed. The code is released to a large group of testers to find any remaining issues. This is now called "open beta" by MMO developers and "beta" by everyone else.

    delta - The finished product. Only maintenance releases are done at this point. New features and major bugfixes are done on the next release. This is called "beta" by Google.

    So... it sounds like Apple really does have a beta in the old meaning here, but released it to a large group of people.
  • by eldepeche (854916) on Tuesday June 12, 2007 @06:28AM (#19475759)
    1. This is beta software. It has bugs in it.

    2. Officially released software has bugs in it, unless you just run the base NetBSD system with only port 22 open, which is reasonably useless.

    3. What is the difference between publicizing a bug and telling the developers what it is, and publicizing a bug and not telling the developers anything? There's a higher likelihood of the bug getting fixed if the devs are notified, and you still get traffic to your stupid blog. If you give a shit about software security and not just ad revenue, maybe you ought to report the bug.

    4. THIS IS A BETA TEST VERSION OF A WEB BROWSER.
  • by squiggleslash (241428) on Tuesday June 12, 2007 @06:52AM (#19475859) Homepage Journal
    The guy was subject to a character assassination campaign orchestrated by Apple's PR department after the original Wifi bug revelation. I don't think, personally, he owes Apple anything.
  • No, he was not. (Score:3, Informative)

    by LKM (227954) on Tuesday June 12, 2007 @09:06AM (#19476629) Homepage
    No, he was not. [daringfireball.net]

    Geez, if you really believe that whole Ou-invented idea that Apple somehow "orchestrated" a smear campaign against Maynor and got Dalrymple and Chartier to play along with them, you should stop reading zdnet and start reading a real news outlet. It's one of the most inane tech conspiracy theories I've ever heard.
  • by crimperman (225941) on Tuesday June 12, 2007 @09:33AM (#19476879) Homepage

    How is it a structural engineer can make a bridge or skyscraper perfect every time with no bugs


    *Every* time????

    You might like to have a look at London's millenium bridge [wikipedia.org] ( designed by one of the biggest Civil/Structural engineering firms in the world ) or Ronan point [wikipedia.org] (to name just two of the famous ones) and reconsider that statement a little.
  • by 99BottlesOfBeerInMyF (813746) on Tuesday June 12, 2007 @09:34AM (#19476889)

    Given the complaints I've seen elsewhere, I think that the quality is closer to alpha stage development. Usually, "public beta" is done on software that's almost ready for use, but has minor bugs.

    The standard everywhere I've worked has been:

    • milestone - a development snapshot at some point for some feature set. Not feature complete or debugged.
    • alpha - not feature complete, not debugged. Significant milestone - let a partner company or two take a look and give feedback.
    • beta - feature complete - but not fully debugged, let selected users pound on it and find some more bugs.
    • release candidate - we think we have all the important bugs out, barring appearance a new, big one, we ship this.
    • gold master - the release candidate we did not find enough bugs in and are shipping out.
    • recommended version - the gold master we shipped plus whatever important patches have been developed since that time.

    The reports I've seen are that there are a lot of serious bugs in rendering and stability, and now, major security problems.

    That sounds right for a beta to me. All of the things you list are in the category of bugs, not missing features that are supposed to be in. Beta code is not yet fully tested and has not been pounded on by users. It will almost always have these type of bugs.

  • OS independent path (IE Vista-friendly): %APPDATA%\Apple Computer\Safari\Preferences.plist

"Tell the truth and run." -- Yugoslav proverb

Working...