[Ti] SECURITY ALERT
Tom R. no spam
tr5374 at csc.albany.edu
Mon May 24 14:49:34 PDT 2004
Just for the web browsing part of the security alert issue,
reading the secunia and other info, it seems to me like some
such potentially harmful url could be seen as what it is if
you just look at the url of a link before actually clicking
the link? Which seems to me like a fastest-to-implement
temporary solution, not needing to download any unknown
software, etc. Also, I read somewhere a brief statement that
the iCab browser was immune to the url issue, with no mention of
whether automatically or based on user Preferences settings:
Preferences > Security setting "Launch Programs by HTML Links"
and set to eg "Never Permit" or "Always Ask".
But http://www.euronet.nl/~tekelenb/playground/security/URLschemes
seems to say all browsers are vulnerable.
Also, http://nielsenhayden.com/makinglight/archives/005217.html
seems like an informative link re all this, including the
present last comments say the recent Apple security updater
doesn't solve all the problem.
On Sun, 23 May 2004, Tarik Bilgin wrote:
. . .
> The vulnerability was announced last Monday by Secunia, Apple issued a
> fix and a patch and a workaround on Friday.
. . .
> There are some other theoretical vulnerabilities that the patch does
> not fix....but you can disable them by disabling the Help Viewer as a a
> "Helper Application" which should do it.
More information about the Titanium
mailing list