next »

[rcjordan]

"the hackers were able to create a website that when visited by the Apple smartphone forced it to spill a copy of its SMS database. The file includes a list of contacts as well as complete copies of messages that have been sent and received. The database also contains deleted messages unless a user has gone through the trouble of manually erasing them."

"Safari was also part of the spoils, making this the third consecutive year contestant Charlie Miller has compromised the Apple browser. Miller, 36, who is principal security analyst at Independent Security Evaluators, said he came to this year's contest armed with close to 20 working attacks that in virtually every case allow him to seize control of the Mac running the program."

http://www.theregister.co.uk/2010/03/25/pwn2own_2010_day_one/

If their security was cat shit, they'd have to mix onions with it to make it smell.

[isthisthingon]

Unlike previous DEP- and ASLR-busting techniques, Vreugdenhil's exploit didn't use Adobe Flash, or any other third-party software to accomplish the feat. Rather, it relied on an information-disclosure exploit that allowed him to identify the memory location of a core module that was loaded by the Microsoft browser.

Oh I'm sure everyone knows how lovely this tastes to ITTO  Nothing like a good old fashioned "information-disclosure" exploit to tickle your fancy.  That should be called the Microsoft Genuine Gaping Hole of an Advantage.

If their security was cat shit, they'd have to mix onions with it to make it smell.

 

[jammaster82]

Seamonkey seems to be a bit peppier even though its fundamentally the same as FF..and ive noticed that memleak in safari as well...  Yeah i have to agree that FF has gone the way of the monolithic...

I have them all installed so i can test the 'logged in' and 'not logged in'
features of sites im writing without going through a lot of hassle...
or that random CSS flaw from one to the next that squeezes that one div into the next or whatever... but out of them all.. on the same machine IE seems to run the FASTEST.  Not the best, but it is the fastest.

but the session manager plug in is FTW and keeps me fire foxin'

https://addons.mozilla.org/en-US/firefox/addon/2324

[jammaster82]

On this topic I would also mention that iceweasel is worth a look.

[isthisthingon]

@IE is fastest

Definitely not my experience.  But I'm always looking at lots of Javascript which clearly runs faster in Chrome and Safari than FF and IE - by miles.  Force.com turns Visualforce pages into sizable amounts of Javascript/HTML.  You can easily see the difference there 

[kurdt]

@IE is fastest

Definitely not my experience.  But I'm always looking at lots of Javascript which clearly runs faster in Chrome and Safari than FF and IE - by miles.  Force.com turns Visualforce pages into sizable amounts of Javascript/HTML.  You can easily see the difference there 

Yeah, I can "verify" that IE is fastest claim. I have seen benchmark video where all browsers loaded same pages with same conditions and IE was the fastest. But like you said, it's just page rendering and not javascript. Also differences are not that big so IE is still in my hate list at number 1 in browsers. IE just makes my life so much more difficult because it doesn't follow standards and nothing works on IE that works with all the other browsers.

My absolute favorite at the moment are Webkit browsers (excluding Chrome of course). Webkit team is the only team at the moment who constantly improves the visual possibilities of their engine while improving speed as well. Firefox is stuck with keeping their bloated browser alive and Opera seems to concentrating on implementing every standard by the dot.

There'll be always security holes but they will be fixed like always before.