Apple offering free attack surface increase to Windows users.

This is hugely irresponsible of Apple IMHO:

As history has taught us - browsers are not trivial applications to write securely and they are the primary conduit by which badness often enters your PC. 
Apple is offering Safari for Windows via their automatic updates mechanism and they are making sure that it's *selected by default*.  Opt-out vs. Opt-in.

So this means that by now there are probably millions of installs of Safari on Windows that users probably didn't want or mean to install . . . and now they are vulnerable to whatever vulns will be found in this version of Safari in the coming days (assuming they at some point launch Safari - I'm assuming it will helpfully set itself up as the default browser the first time you run it).  I'm assuming I would have to even get Safari registered as my default browser - you may not even have to do *that* if it registers un-safe protocol handlers . . . sigh.

Comments (0)

Skip to main content