O'Grady's PowerPage

Tag: Safari

  • Apple release Security Update 2010-007 update for Mac OS X 10.5 operating systems

    On Wednesday, Apple released Security Update 2010-007, bringing the same security patches included in the recent Mac OS X 10.6.5 release to Macs running 10.5 Leopard client or server versions.

    Per Macworld, the more prominent fixes included in the update is a fix for a bug in Apple Type Services which could allow the downloading of a maliciously crafted font file to lead to arbitrary code execution. That bug, originally caught by security firm Core Security, was similar to a vulnerability in Apple’s iOS that allowed hackers to jailbreak devices running that software. Apple patched the flaw in an iOS update

    In addition to fixing the font bug, 2010-007 brings an updated version of Adobe’s Flash Player plug-in (numbered 10.1.102.64) which patches a number of security vulnerabilities, some of which could lead to arbitrary code execution. Patches are also included for a number of holes in QuickTime, Time Machine, Safari RSS, Quick Look, and several of OS X’s other underlying systems.

    The Leopard client version of Security Update 2010-007 is a 240.74 megabyte download while the server version is a 448.10 megabyte download. If you’re running an eligible system, the relevant update should appear via Mac OS X’s Software Update feature.

    If you’ve tried the update and noticed any major changes, please let us know.

  • Apple releases Safari 5.0.2 update

    safarilogo.jpg

    Amidst yesterday’s updates and product releases, Apple released Safari 5.0.2, the newest version of its web browser. The new version, available here (or via Mac OS X’s Software Update feature), sports the following fixes and changes:

    – Fixes an issue that could prevent users from submitting web forms.

    – Fixes an issue that could cause web content to display incorrectly when viewing a Google Image result with Flash 10.1 installed.

    – Establishes an encrypted, authenticated connection to the Safari Extensions Gallery.

    Safari 5.0.1 requires Mac OS X 10.6.2 (under Mac OS X 10.6) or later to install and run and is available for free.

  • Apple promises fix for web-based jailbreak flaw in iOS-based devices, declines on specific date

    The tug-of-war between Apple and the iPhone hacker community continues as Apple has vowed to fix a flaw that allows its iOS-based device to be jailbroken via the Safari web browser.

    Per CNET an Apple spokesperson said, “We’re aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update.”

    Apple declined to say when the update would be available.

    If you’ve jailbroken your iOS-based device recently and have any feedback about the experience, let us know what happened and how it went.

  • Recently unearthed iPad configuration policies provide additional evidence to forthcoming camera

    You’re hankering for a camera on the iPad and it may be forthcoming.

    Per AppleInsider, iPad management profile policies available to corporate users include the capability to disable use of its camera, providing evidence of future intent to include a camera on upcoming models.

    Apple’s configuration profile tools for iOS devices include a variety of settings and restrictions that companies can impose to regulate how the devices are used and to configure services such as VPN and wireless networking access or email, calendar and directory services.

    These policies can also force strong passwords and set security features such as the number of times a password attempt can fail before the device wipes its data. Similar to parental controls, the policy settings can also be used to block access to features such as the iTunes Store, Safari, YouTube, or the use of its camera.

    While iPhones do have cameras to disable, the current iPad lacks this. However, among the profiles specifically included in its iPad documentation, Apple notes the ability to restrict camera use on the iPad.

    Prior to launch, it was widely rumored that the iPad might include a camera. When it shipped, Apple only provided the ability to connect to external cameras through its Dock connector, either via USB or using an SD Card reader adapter.

    API support for camera, flash, and zoom functions were discovered in developer builds of the iPad-only iOS 3.2 in February.

    While those APIs may have been added as part of software development work performed to support iPhone 4, Apple also posted job listings for a “Performance QA Engineer, iPad Media” which stated, “Build on your QA experience and knowledge of digital camera technology (still and video) to develop and maintain testing frameworks for both capture and playback pipelines.”

    Taken together, it appears likely that future versions of iPad will incorporate a camera, most likely a front-facing unit intended to support FaceTime. That video conferencing feature is currently limited to iPhone 4, but Apple plans to make it a widespread standard among mobile devices.

    Stay tuned for additional details as they become available.

  • iPhone Dev Team releases web-based hack for iPhone 4 handset

    The iPhone Dev Team raised their hand on Sunday, releasing the first “jailbreak” for the iPhone 4, a browser-based exploit that allows users to run unauthorized code. However, some reported that the modification results in broken MMS and FaceTime functionality.

    According to AppleInsider, “comex,” a member of the iPhone Dev Team, released the hack through a website, jailbreakme.com. Users can visit the site in their iPhone browser to begin the jailbreaking process.

    The software modification is the first release for Apple’s latest handset hardware, the iPhone 4. Some users reported that the jailbreak managed to break FaceTime and MMS functionality on the device.

    Comex announced via a Twitter post that he was able to reproduce the issues, and is working on a fix. The latest jailbreak does not work with iPads running iOS 3.2.1.

    Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser. Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad.

    The iPhone 4 jailbreak comes less than a week after the U.S. Library of Congress officially made it legal for users to jailbreak their iPhone to run unauthorized software. The government approved the measure as an exemption to a federal law which prevents the circumvention of technical measures that keep users from accessing and modifying copyrighted works.

    The jailbreak process, which also voids Apple’s warranty of the handset allows users to run software not approved by Apple, which has no plans to allow users to install third-party applications downloaded from outside its sanctioned App Store. Hackers have created their own custom applications (many free, and some for purchase) from an alternative storefront known as Cydia.

    Jailbreaking can also be used to unlock a phone, allowing it to be used on carriers that do not have access to the iPhone.

    In addition to allowing access to legitimate third-party software, both free and paid, through services like Cydia, jailbreaking can also be used to pirate App Store software, one major reason why Apple has fought the practice.

    Stay tuned for additional details as they become available and if you decide to jailbreak your iPhone 4, please let us know how it goes.