Investing Ideas Forum » Business, Finance and General Discussions » Technology and the Internet v
Apple’s Web Browser Allows Sites to Collect Personal Information


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Apple’s Web Browser Allows Sites to Collect Personal Information
Author Message
grateful Offline
II Administrator
*******
Administrators

Posts: 6,564
Joined: Nov 2006
Reputation: 28
Post: #1
Apple’s Web Browser Allows Sites to Collect Personal Information
A security researcher uncovered a flaw in Apple’s Safari Web browser that allows Internet sites to harvest personal information from visitors. The flaw, which exploits the Web browser’s “auto-fill” capabilities, allows Web sites to scrape information like the name, e-mail, address, phone number and place of work of the person who uses the computer, which many Macintosh users store in their digital address books.

The Safari bug, which Apple acknowledged, is the latest to underscore the difficulty that Apple, and other technology companies, face in keeping personal information from falling into the wrong hands. Last month, a bug in an AT&T Web site exposed the e-addresses of 114,000 iPad owners. This month, a developer of iPhone applications breached the accounts of several iTunes users to conduct unauthorized purchases.

In a statement, Apple acknowledged the latest flaw in Safari but gave no further information. “We take security and privacy very seriously,” the company said. “We are aware of the issue and working on a fix.”

The researcher who uncovered the flaw, Jeremiah Grossman, chief technology officer of the computer security company WhiteHat Security, said he chose to publish the information on his blog only after he notified Apple about the problem in June. Mr. Grossman said that he received an auto-response from Apple via e-mail but that the company never followed up with him.

In an interview, Mr. Grossman said the longstanding flaw is easy to exploit. As a result, he said he suspects that Web site may have used it to collect personal information from unsuspecting visitors.

“It is very easy to do,” he said. “We can only assume that other people have used it.”

Mr. Grossman said that he uncovered the bug while doing research on browser vulnerabilities that he plans to present at a security conference in Las Vegas next week. At that time, he said he will also present more damaging bugs that affect versions of Microsoft’s Internet Explorer, the most used Web browser. Mr. Grossman estimated that Safari is currently used by 83 million people.

While the iPhone and iPad use the Safari Web browser, Mr. Grossman said the bug does not affect versions of Safari running on those devices.

Some Web sites recommended that users disable the auto-fill capabilities until the bug is fixed.


http://bits.blogs.nytimes.com/2010/07/22...technology
~ Learn everything you can, anytime you can, from anyone you can - there will always come a time when you will be grateful you did.
- Sarah Caldwell
Play The Game and you are guaranteed to win. JOIN ME!
07-23-2010 10:28 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Global Forum Network Daily Talk Investing Ideas Golden Hosting Golden Domains Due Diligence International Discover Australia Discover Thailand The Last Business You Will Ever Need Money Making Sites Site Showcase

Contact UsInvesting Ideas ForumReturn to TopReturn to ContentLite (Archive) ModeRSS SyndicationLinksPortalBannersAdvertiseGold MembershipRulesPrivacy
Global Forum NetworkBusiness SystemsWellness ChallengeTriVita BusinessTriVita ProductsSonoran BloomCheap DomainsMoniker DomainsEstibot Domain Tools
Review IIF at AlexaReview IIF at Norton SafewebFollow GFN on TwitterDomains For SaleSite Map