• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page
  • Namecheap.com





  • So is Safari Safe?

    May 22nd, 2008

    We know that Mac users stand little or no chance of being infected with malware, at least with Mac OS X so far. In the days of the Classic Mac OS, there were several dozen viruses of various levels of severity, but few that would cause anywhere near the havoc of a typical Windows outbreak.

    However, with Apple now gaining huge chunks of market share, and working hard to promote its default browser, Safari, on the Windows platform, you have to wonder whether that’s a safe move or if there’s potential trouble afoot.

    Now it’s fair to say that the ActiveX feature of Internet Explorer is the real culprit for many online infections. Although there are still some misguided souls who program their sites to use Microsoft’s proprietary technology, a growing number of Webmasters appreciate the fact that Internet Explorer is not the beginning and end of the Internet and there are superior options. As Microsoft’s browser share dips below 75%, you can readily see that a company can ill-afford to restrict the also-rans from their content.

    I mean, would you want to block 25% of your potential customers because they drove a Chevrolet rather than a Ford?

    Into this mix comes Safari, and since the Windows version was finalized, Apple has used a controversial bit of stealth marketing to get people to download a copy. Although it is also offered separately, one fine day, Safari appeared along with the regularly scheduled QuickTime and iTunes updates, using the Windows version of Apple’s Software Update. Since the option to download Safari was already checked for you, I suppose it was natural to assume it was really part of the package.

    After an outcry from some critics, including the CEO of Mozilla, which develops Firefox, Apple relented somewhat, and consigned Safari to a specially-crafted “New” category in Software Update. Of course, it was still selected, which means that you’d have to make the tiny effort to uncheck the Safari download not to take it as part of the package. Apple realizes that few Mac and Windows users read those things, so they weren’t losing much in making this concession.

    As a Windows browser, Safari is actually quite good. It’s speedy and reasonably stable, although it continues to mimic various elements of the Mac user interface. I suppose it serves Windows users right, though. After all, how many Windows to Mac ports over the years played the same trick on us? The first attempt to deliver a Mac version of WordPerfect years ago failed, because it was not sufficiently Mac-like, and Microsoft’s Mac Business Unit has received an ear-full of complaints when they don’t follow Mac conventions as well as they should.

    Now as to Safari: Since it’s not saddled with ActiveX or the interdependencies to the Windows operating system that are found in Microsoft’s applications, it should fare reasonably well. Yes, Apple has to fix security leaks from time to time, but so far at least, they’re not being exploited in the wild. That augers well for Safari, except for one missing piece.

    Phishing protection!

    You see, other browsers will warn you if you attempt to login to a site that appears to be fraudulent. Safari has no such feature, and shouldn’t that be a major shortcoming?

    Well, let’s not forget that the online criminals who engage in phishing scams are using social engineering to entice you to visit a site and give up your personal bank account and/or credit card information. They send you emails hoping to make you believe that they really come from PayPal, Wells Fargo Bank or some other well-known financial institution, letters that say you must click a link to enter a site to fix some sort of security problem.

    Now I’m sure all of you know not to fall for such scams. You just ignore the message, and if you’re concerned, you contact your financial institution to confirm that your account hasn’t been compromised. So you shouldn’t need your browser to inform you that a site your visiting may be bogus. Or at least that’s what I believe, although I can’t say that I have the stats on hand of just how many innocent people have their identities compromised by such nefarious activities.

    At the same time, it wouldn’t hurt for Apple to have such a feature added to Safari. I doubt that the engineering work would really be so onerous that such a capability has to await another full browser or operating system upgrade.

    In the meantime, if you are concerned you might find yourself an unwary victim, you might just configure your Mac or PC to use OpenDNS instead of whatever DNS system your ISP uses now. DNS, short for Domain Name System, is simply a set of computer servers that convert your Web access request from, say, www.apple.com, to the corresponding IP number.

    OpenDNS does it better, having a huge cache and a set of servers across the U.S. and in several other countries for redundancy. They also manage PhishTank, the best-known service for monitoring phishing exploits, and that’s part of the package when you use OpenDNS, which is, by the way, free.

    So whatever fears you might have about Internet security, certainly Safari shouldn’t be doing anything to keep you from staying safe in your online pursuits.



    Share
    | Print This Article Print This Article

    Tech Night Owl Comments

    Your email address will not be published. Required fields are marked *