Linked by Thom Holwerda on Fri 17th Feb 2012 15:36 UTC, submitted by bowkota
Privacy, Security, Encryption Well, paint me red and call me a girl scout: Facebook, Google, and several other advertising networks are using a loophole to make sure third party cookies could still be installed on Safari and Mobile Safari, even though those two browsers technically shouldn't allow such cookies. Google has already ceased the practice, and in fact, closed the loophole in WebKit itself months ago.
Thread beginning with comment 507687
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Apple is the issue
by jackeebleu on Sat 18th Feb 2012 04:21 UTC in reply to "Apple is the issue"
jackeebleu
Member since:
2006-01-26

Wait, so it's Apple's fault that Google and FB purposely and willfully circumvented controls in Safari and said "F U" to the millions of Safari users privacy concerns so that they could continue to make money? Really?

So I guess if someone breaks into your home, by circumventing your alarm/locking mechanism, eats your food, cooks in your kitchen, and rapes your mom....its your fault for having circumventable locks...right?

Reply Parent Score: 3

RE[2]: Apple is the issue
by Neolander on Sat 18th Feb 2012 07:49 in reply to "RE: Apple is the issue"
Neolander Member since:
2010-03-08

Actually, everyone is guilty ;)

Apple are guilty of keeping a known security hole in their browser opened for 7 months after it is fixed in the source. To follow your analogy : if you leave the key to your house under the doormat and your neighbour has publicly poked fun at the fact when he found out months ago, you should expect someone to break in and make copies of the embarrassing photos under your mattress at some point*.

Google and Facebook are guilty of violating standard security practices by not informing Apple in a direct way and giving them some time to fix the hole before beginning to exploit it. This kind of hacker ethics does not translate well to real-life situations, but it is the way things work in the realm of computer security.

* It seems we do not have the same view of what kind of offense online privacy violation represents.

Edited 2012-02-18 08:08 UTC

Reply Parent Score: 2

RE[3]: Apple is the issue
by Neolander on Sat 18th Feb 2012 09:14 in reply to "RE[2]: Apple is the issue"
Neolander Member since:
2010-03-08

Anyway, this is the day where I try to setup Adblock with a custom filter for "like", "share", and other "+1" buttons.

These things have polluted my sight long enough, and AFAIK they are of no financial benefit to website owners. So if they also start to invade my privacy, they are out.

Edited 2012-02-18 09:18 UTC

Reply Parent Score: 3

RE[2]: Apple is the issue
by darknexus on Sat 18th Feb 2012 18:37 in reply to "RE: Apple is the issue"
darknexus Member since:
2008-07-15

Wait, so it's Apple's fault that Google and FB purposely and willfully circumvented controls in Safari and said "F U" to the millions of Safari users privacy concerns so that they could continue to make money? Really?


No, but it is Apple's fault that this security hole still exists in Safari when it has been fixed in the Webkit source months ago. They're all pricks: Google and Facebook for giving us the finger where our privacy is concerned (though surely people aren't actually surprised by that), and Apple for failing to keep their version of Webkit patched and in better sync with the current source tree. The real question is, now that this is out in the open, will Apple patch it promptly?

Reply Parent Score: 4