On Safari and Bagged Your Personal Data

Share this story:Twitter0LinkedIn0Google+0Facebook0

Right at the moment a Safari user visits a website, even if they’ve never been there before or entered any personal information, a malicious website can uncover their first name, last name, work place, city, state, and email address.”
Jeremiah Grossman, founder and CTO of WhiteHat Security

Here’s another new threat to your personal information, and another example how no company is exempt from security breaches.

According to an article written by Thomas Claburn of InformationWeek: “a flaw in the implementation of Safari’s AutoFill mechanism can be exploited to grab Mac users’ names, street addresses, and e-mail addresses.”

[The] entire process takes mere seconds and represents a major breach in online privacy,” says Jeremiah Grossman who believes that “the security flaw may reside in the open-source WebKit engine used by Safari and that the flaw may be present in older versions of Google’s Chrome browser, which also relies on the WebKit engine.”

The article and Grossman’s own blog are worth checking out as it was once all too rare to hear the words “Apple” and “security flaw” in the same sentence.

This entry was posted in Data Breach, Security and tagged , , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Leave a Reply