Carpet bombing flaw in Safari is not a problem because…



Link from Slashdot to arcticle at The RegisterSo let me get this straight, a flaw in Safari, could allow a malicious attacker to download files (1, 2 or thousands) to your Windows desktop without your perrmission.But the flaw doesn’t allow execution.Because Apple’s not that stupid.You know, to allow just ‘any’ file to just execute without permission.So what’s the problem? Other than it being a ‘design’ flaw? It’s certainly not a security flaw is it? the files cannot be executed and therefore cause untold damage can they?Ah, right but those files can…By a flaw in Windows.Not Safari, then.So it’s Microsoft’s problem then is it?That’s right it is.And when will Microsoft fix this flaw?No word on that. Yet.I’m sure they’ll get round to fixing it asap, once they’ve blamed Apple for drawing attention to their SECURITY flaw, by a DESIGN flaw that Apple, quite rightly, didn’t really think would cause too much of a problem, because no company is stupid to allow files to execute by themselves.Except Microsoft. Again. 


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s