Alexander’s Blog

Microsoft’s Excel application contains a vulnerability that could allow a remote attacker to gain access to a system.

The flaw affects multiple versions of the spreadsheet software, including Excel 2000, 2002 and 2003, as well as versions of Microsoft Office containing those versions. It can also be manipulated in Excel Viewer 2003 and Office 2004 for Mac. Click here for more details.

Saw these 15 Apple commercials on youtube. You’ve probably seen most of them on TV but in case you missed them :).

By the time excited consumers were unwrapping their brand new iPhones, hackers had already found ways to hack into the iPhone. While AT&T had a nightmarish time dealing with activation problems, hackers are claiming to have successfully activated iPhones without paying for the service. Web sites like iphonehacks.com and numerous blogs are full of information related to iPhone hacks.

It didn’t take very long for researchers at Errata Security to find several security holes in Apple’s new iPhone, as reported by DarkReading.com. Errata discovered at least three major flaws in iPhone, which is based on a version of OS X. One of them has to do with a heap overflow bug in Safari browser. If a user visits a malicious Web site, it can potentially take over your iPhone. For example, if a user clicks on a spam message it can take him/her to the malicious Web site. This is only one of several examples of how the iPhone can be hacked due to this vulnerability.

Another bug is in the iPhone’s Bluetooth feature related to a potential denial-of-service attack. A third bug has to do with data “seepage” that can potentially cause data to be exposed by client applications over a WiFi connection. Similar to the known problem on Mac notebooks, if you come close to a wireless access point (WAP), your iPhone may just decide to connect to it and expose your information without your knowledge.

Errata, Flexilis, and other security companies are finding more bugs. However, security researchers say that they will wait until Apples announces the flaws before they will go public with their findings.

Over the past one or two years, security professionals have attempted to raise awareness of the dangers associated with connecting smartphones, PDAs, iPods, and other devices to business network-connected endpoints. Some vendors stepped up and provided centrally managed methods of protecting information stored on company and privately owned devices. The Apple iPhone, however, does not fall anywhere near the “secure device” category.

In a Gartner publication released in June, Frederica Troni and Ken Dulaney provide a list of business reasons why businesses should shy away from the much touted touch-screen device (How to Plan for User Interest in the Apple iPhone, Gartner Research article G00148854), including,

* Lack of support from major mobile device management suites and mobile security suites
* A clear statement by Apple that it is focused on consumer rather than enterprise business

Further, the iPhone lacks support for popular wireless business email solutions-including Microsoft Exchange. Click here for more details.

Apple is offering it’s browser for Windows platform for the first time. The Safari 3.0.2 for Windows is in beta. The download is about 8.0MB. The default option downloads Safari with QuickTime so if you only want Safari then make sure you change the option.

The plug-ins for Safari for Windows are available here. The plug-ins include Adobe Flash Player, Adobe Reader, QuickTime, Java, Real Player, and Windows Media Player. Although these are being referred to as “plug-ins”, these are actually complete applications. If you already have any of the above applications installed, there is no need for you to download and install the plug-ins. The Help menu contains an option to view all the installed plug-ins.

Apple claims that Safari is the fastest browser on any platform. Based on my tests on the Windows platform, I completely agree with Apple. I tested the new beta and compared it to Mozilla’s Firefox and Microsoft’s Internet Explorer. I discovered that it completely blows away both Firefox and Internet Explorer when it comes to speed. I found that compared to Firefox it was at least 2-3 times faster when accessing various Web sites on the Internet. Internet Explorer 7.0 was the slowest of the three, even though it is built into the Windows Vista operating system.

I also ran some tests to check out the QuickTime plug-ins. I observed the following times when starting a 44 second QuickTime video in a Web browser. For example, when I click on the hyperlink that contains a QuickTime video, Firefox makes the video available for playing right away and continues to download it in the background, while some browsers (such as Internet Explorer) take time first to download the entire video in the background then they make it available for viewing. This test is by no means a scientific test but it is a good indicator of what to expect.

Mozilla Firefox = 2 secs
Safari on Macintosh = 2 secs
Safari for Windows on Vista = 2 secs
Internet Explorer 6 on XP = 19 secs
Internet Explorer 7 on Vista = 32 secs

You can reset Safari which allows you to clear history, empty the cache, clear the downloads window, remove all cookies, remove all Web icons, remove saved names and passwords, remove AutoFill form text, clear recent Web searches, and close all Safari windows. You can selectively select only the items in this list that you want.

Another security feature is the ability to turn Private Browsing on or off. When private browsing is turned on Safari won’t save your browsing history, clear your downloads window, and Safari won’t save AutoFill and won’t add searches to the pop-menu in the Google search box. You can go back and forth to the pages that you have visited while the Safari browser is open but will clear everything after you close the browser.

As I mentioned earlier, on the Help menu you can check the installed plug-ins. This opens up a nice HTML formatted page that shows all the plug-ins that are installed in great detail.

Snap-back is a cool feature that allows you to mark a certain page (CTRL-ALT-K) and then later switch (or snap-back) to that page quickly by using CTRL-ALT-P combination.

One problem that I have run into has to do with setting my default browser. I have verified that Internet Explorer is not my default browser and I’ve configured Firefox not to verify that it is the default browser. Firefox was my default browser and now when I configure Safari to become the default browser, it switches back to Internet Explorer as the default browser in Safari’s configuration. I am not sure if it is a beta issue or Vista just can’t stand the fact that someone will make Safari their default browser. I haven’t done enough research at this time.

Here are some of the bugs that I have found so far in Safari. I am not able to minimize or maximize the Safari window like any other Windows program by right-clicking it in the taskbar. The only option available is Move. Also, I am not able to click Safari in the taskbar to minimize it as I usually minimize applications on taskbar (I am forced to use the minimize icon in the top right-hand side) but I can click Safari in the taskbar to maximize it. Hopefully, this will be fixed. Another bug I discovered is that when I maximize Safari by single-clicking, it never wants to go into a full-screen window, even if the window was maximized before. All other applications remember the size of the previous window and will automatically size it to the size that you have configured. One workaround that I use is to make my Safari window as close to full-screen as possible, that way when I click it, it goes back into a window that is close to the maximum size.

I am not able to edit WordPress blogs using Safari. I can do some things but it is not very WordPress-friendly. I haven’t spent much time so far to figure out whether the problem is with Safari or WordPress. However, both Firefox and IE work just fine with WordPress.

So far what I have seen in one day, I am pretty impressed with the speed. However, I do realize that Safari for Windows is still in beta and I may find some problems with it as I use it for a while. One thing’s for sure, there is no way Safari can possibly have more issues and cause more problems than Internet Explorer 7. For now I have switched to Safari as my default browser so I can test drive the beta. Firefox has several features that I like and I am not ready to give up Firefox as my primary browser quite yet. I guess you can say I am just adventuring out to Safari for exploration purposes.