Highest Voted 'safari' Questions - IT Security Stack Exchange

7

votes

1 answer

Pegasus iOS exploit & Kernel Memory Corruption

I'm currently reading about Pegasus, the malware on iOS that uses 3 zero-days, in the Lookout Blogpost. Blog Post about Pegasus I'm a cs student in the first year and I understand that the malware needs to gain access of the kernel priveliges to get…

asked Aug 26 '16 at 20:20

Seen

73
4

6

votes

2 answers

Password management in Firefox, Chrome and Safari

I just read a couple of very interesting discussions on Chrome password security strategy. Chrome’s insane password security strategy Showing stored passwords - Tim Berners-Lee The following is how Chrome, Firefox and Safari handle storing passwords…

password-management chrome firefox safari

asked Aug 26 '13 at 02:25

Rohit Agarwal

161
1
4

4

votes

0 answers

Security flaw in iOS, Safari weird behavior or what else?

some months ago I was travelling and flew from Frankfurt airport and, while there, I probably connected to some Telekom.de free hotspot. I have an iPhone 6 with iOS 9.02 (at that time it was 8.1.x). Couple days ago I looked through my Safari saved…

ios iphone credentials keychain safari

asked Oct 13 '15 at 10:29

int 2Eh

153
1
4

3

votes

1 answer

POODLE vulnerability in Safari

I have been trying to mitigate POODLE on client side in my organization. I disabled SSL3 in most browsers but couldn't disable it in Safari. Apple released a Security Update 2014-005, which, according to apple, addresses POODLE. However, Safari is…

tls attacks safari

asked Dec 04 '14 at 09:18

user61520

41
2

3

votes

0 answers

Does Apple have access to the cryptographic keys to decrypt Safari Sync Data?

I was reading over iOS's security guide, and it is unclear to me whether Apple can accessed synced Safari data. For example, if Apple received a FISA Order for all information on iCloud on all customers, would they have the ability to reveal a…

ios macos synchronization safari apple

asked Mar 01 '18 at 22:44

user115400

2

votes

2 answers

Google thinks I am a robot when using proxy, but only in Safari

Google greeted me with this message while being behind a private proxy: Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot. I did my research…

proxy google safari

asked May 15 '16 at 09:07

sanjihan

639
2
7
11

2

votes

2 answers

Why does Safari still support SSL 3?

The "POODLE" attack was made public in October, 2014. Why does Safari still support SSL 3.0 after POODLE showed it to be insecure?

tls web-browser known-vulnerabilities safe-browsing-filter safari

asked Apr 20 '16 at 01:36

Fernando

705
5
17

1

vote

1 answer

Can you get virus just by visiting a website in Safari using cache?

A few days ago I was searching for information to do an essay and I opened a page using the "in cache" option on Google. But then I realised that the page was not what I was expecting. My question is if I can get a virus from opening a page using…

malware virus safari

asked Apr 03 '20 at 12:12

user178965

23
1
4

1

vote

1 answer

Is using a third party browser in iOS more secure than Safari?

I have read that many iOS exploits target the Safari browser. Would using another browser on my iOS device be safer? Does Safari being a system app give it more access to the OS than a third party browser that I install through the App Store?

ios safari

asked Sep 19 '19 at 19:31

Ken

13
2

1

vote

0 answers

Are iCloud Tabs for Safari end to end encrypted?

I see that iCloud bookmarks are not covered under end-to-end-encryption on the iCloud security overview, but no mention is made of iCloud Tabs, which seems even more important. Are Tabs stored merely using server side encryption and hence Apple is…

cloud-storage end-to-end-encryption apple safari

asked Jun 27 '19 at 07:41

Boris Shilov

11
1

1

vote

2 answers

Can a webpage track that I have downloaded the page source/webarchive?

Can a webpage track that I have downloaded the page source/webarchive? Specifically on Safari. I understand that accessing a webpage via GET is already traceable back to the requester (me), but if I download the page itself, will it send another…

user-tracking safari

asked Feb 13 '18 at 08:24

isopach

491
1
3
14

1

vote

0 answers

How is the Apple FairPlay Server Playback Context (SPC) message generated?

I'm researching encryption tools that use OS-verified hardware such as a TPM or Secure Element. Given that FairPlay only works on iOS and certain Mac hardware, I suspect there is some interaction between the FairPlay AV Foundation and the Secure…

encryption cryptography ios drm safari

asked Apr 04 '17 at 14:07

makerofthings7

50,090
54
250
536

1

vote

1 answer

Safari not showing GREEN lettering for EV SSL

I've recently installed an EV SSL cert on my server, Chrome and Firefox show a green banner and padlock denoting the EV cert is installed, but in Safari, it just shows a gray padlock... is there something extra I have to do for Safari to recognize…

tls certificates web-browser safari

asked Feb 17 '16 at 21:16

CJT3

111
3

0

votes

0 answers

Site "Not Secure" warning on Safari iOS, only on one device

Summary We are running a web site (https only) and have a single bug report from a user that says the site gets warned as "Not secure". The user gets this warning only when accessing it from the Safari browser on an iPhone (iOS 14.6). Other users -…

tls man-in-the-middle ios safari

asked Jun 30 '21 at 22:15

Stan Portland

1

0

votes

2 answers

Is it safe to browse the internet with unpatched iPhone with iOS 13.1.3?

I am using unpatched iPhone that has IOS 13.1.3 installed. Apple released IOS 13.1.3 15 Oct 2019. Are there any vulnerabilities for IOS 13.1.3's safari that are currently being exploited in the wild? Are there any publicly available modules for…

exploit metasploit iphone safari

asked Jan 27 '20 at 06:37

Npxkytzv

1
2

Questions tagged [safari]