Skip navigation

How safe is Safari from spyware?

7662 Views 30 Replies Latest reply: Sep 27, 2012 4:39 PM by Orionzx RSS
1 2 3 Previous Next
Orionzx Calculating status...
Currently Being Moderated
Sep 26, 2012 10:02 AM

Any input from the community on the safety of Safari with Mac OSX 10.6 from spyware would be appreciated.  Also, the feeling of any additional protection needed.

MacBook Air, Mac OS X (10.5.8)
  • Kurt Lang Level 7 Level 7 (31,450 points)
    Currently Being Moderated
    Sep 26, 2012 12:15 PM (in response to Orionzx)

    Spyware doesn't have anything to do with your browser. Not directly anyway.

     

    No browser is safe if you've unwittingly installed spyware, such as a keylogger or other malware that can steal your ID, bank account numbers, passwords, etc. as you type them in or use them in some other way.

     

    Your best defense is to refuse any app to install where you don't know its origin. Like web sites that tell you to install the latest version of Flash to use their site. Don't trust those for a nano second. Download and install Flash directly from Adobe only. Another is insisting you need to install a new codec to view some sort of video. Cancel out of those immediately.

     

    Torrents are an extremely good way to get malware on your computer. Don't ever install illegal software from any such file sharing sites. There is no way for you to know what else is in the "free" software you're installing.

  • Network 23 Level 6 Level 6 (11,500 points)
    Currently Being Moderated
    Sep 26, 2012 12:50 PM (in response to Orionzx)

    One way you might get spyware through Safari is if you install a Safari extension from an untrustworthy source. Also, it's a good idea to turn off Java in Safari preferences to avoid some of the recent Java hacks. Note that Java is different than JavaScript, you should leave JavaScript on.

     

    As far as additional protection, on the whole the biggest vulnerability is the user. Many of today's hacks depend on fooling the user, like sending you an email that gets you to click on a link to a bad web site. Therefore, the best protection is to be vigilant and careful about what you click on. Kurt's advice along these lines is very good.

  • WZZZ Level 6 Level 6 (11,875 points)
    Currently Being Moderated
    Sep 26, 2012 2:19 PM (in response to Orionzx)

    If you want to talk about safety and browsers, Firefox with the Add-on NoScript provides the best safety of any browser. It affords fine tuned control over JavaScript.

     

    Many browser exploits are delivered via JavaScript. See this on using NS.

     

    Also, Safari for Snow Leopard doesn't appear to be getting any more updates, consequently it is missing further security patches. Firefox is being updated.

     

    Besides that, here's a good general introduction to the topic of malware.

     

    http://www.reedcorner.net/mmg/

  • Kurt Lang Level 7 Level 7 (31,450 points)
    Currently Being Moderated
    Sep 26, 2012 2:32 PM (in response to Orionzx)

    Does Norton AV provide any protection over and above personal discipline?

    Anything Norton for Mac should be avoided. It has a fine history of trashing many OS X computers. If you must, or just want to run some sort of AV software, use the free ClamX.

    P.S Any way to "know" you are safe from past practices?

    Not easily. Well written malware does its best to make sure you don't know it's there.

     

    WZZZ,

    Many browser exploits are delivered via JavaScript.

    That would be Java, not JavaScript. Or at least the recent Flashback exploit, and the others that followed trying to use the same flaw were all Java related. Can't say I've seen an exploit related to JavaScript.

    Also, Safari for Snow Leopard doesn't appear to be getting any more updates, consequently it is missing further security patches.

    A new security update for Snow Leopard was released just last week. Though I wouldn't hold out much hope we'll see too many more.

  • WZZZ Level 6 Level 6 (11,875 points)
    Currently Being Moderated
    Sep 26, 2012 2:50 PM (in response to Kurt Lang)

    Kurt Lang wrote:

     

     

     

    WZZZ,

    Many browser exploits are delivered via JavaScript.

    That would be Java, not JavaScript. Or at least the recent Flashback exploit, and the others that followed trying to use the same flaw were all Java related. Can't say I've seen an exploit related to JavaScript.

    Also, Safari for Snow Leopard doesn't appear to be getting any more updates, consequently it is missing further security patches.

    A new security update for Snow Leopard was released just last week. Though I wouldn't hold out much hope we'll see too many more.

    Kurt, I was talking about JavaScript, specifically certain browser exploits, not Java. Have a look through this  and this to see what I was talking about.

     

    And I wasn't talking about the recent Security Update for Snow (tell me about it!) I meant that Safari 5.1.7, apparently being the final version for Snow, didn't get the security patches that the new Safari for Lion or ML got. It's being left behind.

  • Kurt Lang Level 7 Level 7 (31,450 points)
    Currently Being Moderated
    Sep 26, 2012 2:57 PM (in response to WZZZ)

    Kurt, I was talking about JavaScript not Java. Have a look through this to see what I was talking about.

    That's better. The original link had none of this info. It was just a primer on how to use the NoScript plugin.

    I meant that Safari 5.1.7, apparently being the final version for Snow, didn't get the security patches that the new Safari for Lion or ML got.

    Sure it did. Here's the link for the full listing of security updates in the Snow Leopard 2012-004 update. Within that, you can click on various links that show which versions of Safari got what updates. One of them is specifically for 5.1.7.

  • WZZZ Level 6 Level 6 (11,875 points)
    Currently Being Moderated
    Sep 26, 2012 3:26 PM (in response to Kurt Lang)

    But that's just for WebKit. There are many more vulnerabilities patched in the new Safari 6. (It may be some of these were included in the 5.1.7 update, if that was released around the same time.)

     

    http://support.apple.com/kb/HT5400

     

    http://support.apple.com/kb/HT5502

     

    Also for NoScript, this was in my edited post, but I don't think you saw it.

     

    http://noscript.net/faq#xss

     

    My first post, which brought up the subject of NS, was for the OP and meant to be fairly non-technical; that's why I didn't provide those links earlier.

     

    Message was edited by: WZZZ

  • WZZZ Level 6 Level 6 (11,875 points)
    Currently Being Moderated
    Sep 26, 2012 4:47 PM (in response to WZZZ)

    (It may be some of these were included in the 5.1.7 update, if that was released around the same time.)

    Nope, this is all there was. Only patches for WebKit.

     

    http://support.apple.com/kb/HT5282

     

    Btw: NoScript is not a Plug-in. It's an extension and exists solely in the browser.

  • Network 23 Level 6 Level 6 (11,500 points)
    Currently Being Moderated
    Sep 26, 2012 4:47 PM (in response to Orionzx)

    Orionzx wrote:

     

    Thanks for the input.  Very helpful and I do try to use practices you and Network 23 suggested.  However, not sure about some of the other family "users".  Does Norton AV provide any protection over and above personal discipline?

    Don't install it. I've read many unhappy reports from Mac users where Norton trashed their system, and I can't recall any happy users of Norton AV.

     

    OS X itself provides a level of protection when you launch an app for the first time after downloading it. You might have seen this, it asks you if you really want to launch it .That's to help ward off apps that you didn't realize you were installing. I'm not sure if there is other extra software that can provide meaningful protection above that.

  • WZZZ Level 6 Level 6 (11,875 points)
    Currently Being Moderated
    Sep 26, 2012 4:57 PM (in response to Network 23)

    I'm not sure if there is other extra software that can provide meaningful protection above that.

    Besides quarantining, there is, of course, XProtect. But its limitation is it will only check items that are normally subject to quarantine.

     

    http://support.apple.com/kb/ht3662

  • MadMacs0 Level 4 Level 4 (3,315 points)
    Currently Being Moderated
    Sep 26, 2012 11:01 PM (in response to Orionzx)

    Orionzx wrote:

     

    Any input from the community on the safety of Safari with Mac OSX 10.6 from spyware would be appreciated.

    Using the generally accepted definition of "Spyware", it would almost have to have been installed by somebody having access to your computer or your permission to share it over your network. There are some recent Trojans which have the potential to install such things, but so far no reports of anything like that.

     

    Glad you've updated to 10.6 as your profile still says you are running 10.5.8 which is more vulnerable to malware infection.

  • MadMacs0 Level 4 Level 4 (3,315 points)
    Currently Being Moderated
    Sep 26, 2012 11:14 PM (in response to WZZZ)

    WZZZ wrote:

     

    Many browser exploits are delivered via JavaScript.

    Admittedly JavaScript is responsible for a lot of annoying features (e.g. redirects, obscured url's, pop-ups, pop-unders, assorted adware), I am not aware of any malware-like exploitation that can impact OS X or any of it's applications. ClamAV currently has definitions for 1369 JS exploits and none of them are marked as OSX. Clearly it could be done, just that as far as we know it hasn't yet.

     

    I've used NoScript for years, but only because it's so good at at removing annoying content.

1 2 3 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.