News
"Shocking" security failures in Google and Apple web browsers
18 December 2008
Information security expert Mike Barwise from Infosecurity Adviser
has called the recently announced security problems of the Apple Safari
and Google Chrome Web browsers shocking.
In his latest blog posting, Barwise, an IT veteran of some 30 years,
noted that both of the two Web browsers have dangerously weak password
management. The bugs in question are "such basic errors that I'd fail an
undergraduate for perpetrating them in coursework," he said.
The fact that the two Web browsers, whilst relatively minor in the
great Internet Explorer v Firefox stakes, have more than ten million
users between them, makes it a potentially serious issue.
When it comes to the real security of online services, Barwise
asserts that there appears to be a complete lack of security awareness
among providers.
The problem, he says, is that the Web has become a triumph of instant
gratification over common sense — nobody is making the effort to ensure
their systems are designed to be secure, they're just pushing them out
the door the moment they seem to function.
All of the security weaknesses he identifies in the Infosecurity
Adviser blog are potentially serious, either for the provider or the
customer, and none of them would be difficult to address. In each case,
Barwise considers, that "the desire to be 'up and running' has
completely overridden any caution."
As the UK enters the final days of its annual pre-Christmas online
shopping spree, Barwise's comments will ring true with most IT security
professionals.
The big question, of course, is whether those engaged in online commerce
will wake up and smell the coffee before a serious online security faux
pas occurs.
Infosecurity Advisor is an online community for the information
security industry, created by the organisers of Infosecurity Europe.
Read more on the The Infosecurity Advisor blog:
www.infosecurityadviser.com/view_message?id=86
|