|
|
Sarafi 1.1 cookies stealing
|
|
|
|
Dedicated MacNNer
Join Date: May 2001
Location: Paris, France
Status:
Offline
|
|
(
Last edited by kangoo_boo; Nov 19, 2003 at 09:31 AM.
)
|
hotline://hl.chatonly.org
mp3://radio.chatonly.org
|
|
|
|
|
|
|
|
Mac Elite
Join Date: May 2002
Status:
Offline
|
|
It seems OmniWeb isn't vulnerable
|
[vash:~] banana% killall killall
Terminated
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Feb 2000
Location: Washington, DC
Status:
Offline
|
|
That sucks... but you would need to go to a site that is trying to steal your info for it to be a big deal.
Apple should put this in the 10.3.2 update as a fix.
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: May 2001
Location: Paris, France
Status:
Offline
|
|
buh
doesn't updates my subject when i want to correct the typing
|
hotline://hl.chatonly.org
mp3://radio.chatonly.org
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Status:
Offline
|
|
Originally posted by mitchell_pgh:
That sucks... but you would need to go to a site that is trying to steal your info for it to be a big deal.
And we all know that no one would want to steal info about eBay accounts, for example?
This is a critical problem. I could code up an exploit for this without breaking a sweat.
Apple should put this in the 10.3.2 update as a fix.[/B]
This should be fixed in both 1.1 and 1.0; it's that serious. I'm not going to insist that Apple backport 1.1 to Jaguar, but security holes do need to be dealt with.
|
You are in Soviet Russia. It is dark. Grue is likely to be eaten by YOU!
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Mar 2001
Location: London
Status:
Offline
|
|
That's enough to make me stop using Safari until it's fixed. It would be so easy to exploit this it's untrue and I know it's only a matter of time before someone tries... NOT good
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Feb 2000
Location: Washington, DC
Status:
Offline
|
|
The new security update didn't fix this...
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: May 2000
Location: Collie-fornya
Status:
Offline
|
|
Any ideas on temporary workaround?
Delete all cookies?
Safari>preferences>security>showcookies>remove all
Delete cache?
Delete history?
All comments appreciated
|
Suicide Bombers: That never-say-die spirit. No, that's not right.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: Madison, WI
Status:
Offline
|
|
My one reason for not using Safari as my primary browser was its poor cookie handling options compared to others. Now I'm glad I stuck with Camino.
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: May 2000
Location: Collie-fornya
Status:
Offline
|
|
I don't like to rant, but where the devil is Apple's quality control these days? This is an old, identified, known problem. It smacks of negligence to allow this to occur. If someone gets their identity stolen or has their accounts messed with, is Apple responsible? A lot of lawyers and courts would say yes. Please fix this asap.
|
Suicide Bombers: That never-say-die spirit. No, that's not right.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: CO
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Nov 2000
Status:
Offline
|
|
As a note, if you're behind a proxy this will stop the exploit in many cases. The proxy often either won't allow the connection through with the %00 in the URL, or they'll try and resolve the domain with it in place, and not find anything useful.
- proton
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Feb 2000
Location: Washington, DC
Status:
Offline
|
|
For myself, this isn't a major issue unless someone wants into my MacNN account...
And that only means +1 for me.
But seriously. I'm surprised that this wasn't thrown into the security update.
I would even be happy if they said "Redownload Safari".
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Oct 1999
Location: San Jose, Ca
Status:
Offline
|
|
Macola, have you checked at the link to see if Camino is veunerable? It is a Mozilla browser, and that was where the exploit was first found...
I think this is the first time I have ever seen a "buffer under-run" exploit...
|
|
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Apr 1999
Location: sunny southern california
Status:
Offline
|
|
wonder if privoxy prevents this...prolly.
time to turn it back on.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: Madison, WI
Status:
Offline
|
|
Originally posted by larkost:
Macola, have you checked at the link to see if Camino is veunerable? It is a Mozilla browser, and that was where the exploit was first found...
I tried Camino (0.7, build 2003030613) and it doesn't appear to be vulnerable.
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: May 2000
Location: Collie-fornya
Status:
Offline
|
|
It's worth noting that the website
http://www.insecure.ws/
where the problem was reported says Safari 1.1 and earlier.
I can't test 1.0 since the upgrade, but someone might want to check on this.
|
Suicide Bombers: That never-say-die spirit. No, that's not right.
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: May 2001
Location: Paris, France
Status:
Offline
|
|
http://www.insecure.ws/article.php?s...31119022325244
i posted how to turn cookies off.
People on butraq have trouble understanding the meaning of a button when it's written on it. (Yes, i'm like that cause they posted the bug just after me, so i have no credit ^.^)
(I doubt the guy have seen my page and posted though, just no luck)
|
hotline://hl.chatonly.org
mp3://radio.chatonly.org
|
|
|
|
|
|
|
|
Senior User
Join Date: Jun 2002
Status:
Offline
|
|
I can't test 1.0 since the upgrade, but someone might want to check on this.
I tested the latest Safari for Jaguar and it to is vulnerable.
One more reason for me not to use it... I want my OmniWeb 5 so Apple can see what a real, modern Mac browser should be like
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2003
Location: ~/
Status:
Offline
|
|
I've switch for now to Firebird. I use several online banking services, mutual fund services, etc. I'd like to continue to keep it private.
Anyway, I'm growing quite fond of the new look of the current Firebird builds. Kind of what Safari should look like without all the brushed metal (and no, demetalizing Safari doesn't make it look any better).
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: May 2000
Location: Collie-fornya
Status:
Offline
|
|
Macintouch.com is reporting a fix for the cookies stealing problem with a program written by hetima.com. See here for more details:
Hetima Cookies Stealing Fix
It is a patch for Safari so use at your own risk. It does appear to stop the problem.
|
Suicide Bombers: That never-say-die spirit. No, that's not right.
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Apr 2001
Status:
Offline
|
|
Originally posted by mcsjgs:
Macintouch.com is reporting a fix for the cookies stealing problem with a program written by hetima.com. See here for more details:
Hetima Cookies Stealing Fix
It is a patch for Safari so use at your own risk. It does appear to stop the problem.
just installed and the fix works great and even LOGS the web site that tried to steal your cookies.
wow that sound so funny saying that
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Aug 2000
Location: CA
Status:
Offline
|
|
Originally posted by Groovy:
just installed and the fix works great and even LOGS the web site that tried to steal your cookies.
wow that sound so funny saying that
Now you can bookmark those sites and feed it cookies for fun...like a zoo, yeah. BTW, the site is in Japanese in case others want to know.
|
Current: XPC SB81P, 3GHz P4, 1GB RAM; Compaq Presario V2410US, Turion 64 ML-30, 512MB RAM
Previous: Sawtooth G4/400 448MB RAM
ATI Radeon 8500 64MB - flashed variant
OS X 10.3.141592653589793238462643383279502884197169399 37510
Future: 13" Widescreen Powerbook, Core Duo Intel
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|