• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
  • About
  • Contact
  • Subscribe
  • Advertise
methodshop

methodshop

tech news, reviews & how to's

  • Trending
  • Latest Stories
  • Fun
  • Culture
  • Learn
  • Tech
  • Search
You are here: Home / Technology / Software / Crashing Apple’s Web Browser with Another Safari Image of Doom
Apple Cyber Security

Crashing Apple’s Web Browser with Another Safari Image of Doom

A fatal flaw has been discovered with Apple's web browser, Safari, where a simple image can crash the app. It's another Safari Image of Doom.

April 5, 2006 by jayfrankwilson
Facebook0Tweet0Pin0LinkedIn0

A fatal flaw has been discovered with Apple’s web browser, Safari, where a simple image can crash the app. It’s another the Safari Image of Doom.

I am not a developer. Nor am I a security guru. And quite frankly I don’t know my way around Unix, WebKit or Core Image. But I do know when there is an issue involving the aforementioned areas that needs to be addressed. This….. Safari Image of Doom II, or whatever that is, needs to be addressed by Apple. And quickly.

Safari’s Kryptonite = An Image File

The lowdown; apparently Drunkenbatman, of drunkenblog.com fame, has brought to light a flaw in the way apps based on WebKit and WebCore handle certain images. It crashes them. Completely, unapologetically, and without prejudice, smacks them down like a redheaded stepchild.

Drunkenbatman does a better job than I ever could of expounding on this issue. And why discoveries like this one hint at an OS that may not be quite as secure as we all like to believe. So rather than provide my own explanation of what this is all about, I will paraphrase his post.

  • the image below crashes anything webkit-based in a very hardcore way. Actually, it crashes anything using ImageIO. That includes the Finder and Preview and apps based on Webkit and WebCore like NetNewsWire.
  • It’s remarkably similar to the Safari Image of Doom™ from a while ago, although this time ImageIO seems to be choking during an EXIF routine, so I won’t rehash what I said there. However, a few thoughts…
  • This particular image (and ones like it) are already floating around on the web. It wasn’t “created” to show off a flaw.
  • While it’s hard not to notice that an image is once again taking out Safari. It should be considered a security issue.
  • Individual applications have all basically rolled their own support instead of using what Apple provides. You are able to open the image with Photoshop, and Graphic Convertor, and of course things like Camino and Firefox will view this page just fine. If a developer can’t trust Apple’s included solution to be robust, there’s little point in throwing it in aside from bullet points.
  • Don’t underestimate the above, nor how widespread the problem is throughout Mac OS X. As an example, I have yet to encounter a developer needing to use SOAP services in a serious way on OS X that hasn’t given up on what Apple’s provided to the point where they just write their own stack.
  • I haven’t met anyone at Apple that’s nervous of dropping OS X as it currently stands. So I’m always amused at what shows up around the web. And less amused by the pundits feeding it to them.
  • I asked around and was told this issue has been reported as bug #4485821 in Apple’s system. No clue as to the status/resolution.

DrunkenBatman’s post has already elicited a wide range of responses from his readers. Many of which are just upset that he saw fit to include the aforementioned “Image of Death” directly in his post. I’m among the afflicted. My NetNewsWire promptly crapped the bed as soon as I clicked the link to the post.

From drunkenbatman;

“I’m aware many people who have the site in their feeds will be trying to access it via something based on WebKit/WebCore. Safari may have crashed, and you lost all your open tabs. You may have had your RSS reader up, and opened up some links in tabs, and down it all went. Read whatever you will into the fact that while these things did occur to me, I’m attaching it inline instead of linking to it separately anyways.”





I will not include the image in question in this post. But if you just have to see the bug in action click (Let me be clear; Safari WILL crash if you click the following links, there, consider yourselves warned) here or here.

Should We Worry About Another Safari Image of Doom?

I’m not worried. Despite the unsettling ease with which a graphic can bring to its knees. And some of the very core applications in Mac OS X, namely the Finder, Preview, and Safari that are impacted by this bug. It may be naive of me, but I am still unconcerned about the overall implications of such a flaw.

Don’t get me wrong, I understand just how significant a discovery this is. And how coding bugs such as this one can result in security breaches. But I am not worried. Maybe it is because I have become one of those unreasonably smug Apple users. I hear about people like me on pro-Microsoft websites (no seriously, there are some). Perhaps it is because I rubbed the bald head of my pure ivory Steve Jobs statue three times this morning for good luck. I really can’t say.

What I do know is that Apple has assigned this vulnerability a bug number. That # is 4485821. Which means the people who need to know about it, do. We’re in good hands. In fact, I have no doubt that his Steve Jobs deprived some engineer well deserved quality time with the family to address this issue. And hopefully as quickly as possible!

Maybe when I wake up in the morning I will feel differently about how secure OS X is. Maybe. But honestly, I don’t see that happening.

Via StationA.net

Related Posts:

  • Did You Know That Indiana Jones And The Temple Of Doom Is A Prequel?
    Did You Know That Indiana Jones And The Temple Of…
  • PSP Web Browser
    PSP Web Browser
  • Bubble Shooter Game: Play This Fun Casual Game In Your Web Browser
    Bubble Shooter Game: Play This Fun Casual Game In…

Facebook0Tweet0Pin0LinkedIn0
Category: Software, Apps, Internet Tag: Apple, Batman, Camino, Core Image, Firefox, Fox Business Channel, Graphic Convertor, ImageIO, Mac OS X, NetNewsWire, Safari, security, Steve Jobs, Unix, web browsers, WebCore, WebKit
Previous Post: « Evolution of the Mac OS
Next Post: 01-02-03-04-05-06 Day Is On April 5th Numbers »

Sidebar

Trending Now

  • How To Easily Create A PayPal Shipping Label Without InvoiceHow To Easily Create A PayPal Shipping Label Without Invoice
  • The 30 Best Caddyshack Quotes That'll Make You LaughThe 30 Best Caddyshack Quotes That’ll Make You Laugh
  • 20 Silly 90s Fads That Were Cool Then, But Definitely Aren't Now20 Silly 90s Fads That Were Cool Then, But Definitely Aren’t Now
  • 20 Famous People Who Are Members Of The Sleepless Elite20 Famous People Who Are Members Of The Sleepless Elite
  • 7 Pictures Of Naked People Captured By Google's Cameras7 Pictures Of Naked People Captured By Google’s Cameras
  • The 25 Weirdest Statues And Sculptures From Around The WorldThe 25 Weirdest Statues And Sculptures From Around The World
  • The 30 Best Office Space Quotes (How Many Do You Know?)The 30 Best Office Space Quotes (How Many Do You Know?)
  • What Happens When You Reach The Pac-Man Kill Screen At Level 256?What Happens When You Reach The Pac-Man Kill Screen At Level 256?
  • 25 Of The Best Pulp Fiction Quotes From Quentin Tarantino's 1994 Film25 Of The Best Pulp Fiction Quotes From Quentin Tarantino’s 1994 Film
  • 50+ Famous Happy Birthday Quotes From Notable Personalities50+ Famous Happy Birthday Quotes From Notable Personalities

Categories

Quotes From Jerry Maguire

Show Me The Money: The 11 Best Quotes From Jerry Maguire

The Origins Of David Letterman's Legendary Broken Glass Joke

The Origins Of David Letterman’s Legendary Broken Glass Joke

If you were a fan of David Letterman through the years, then you’ll immediately remember the broken glass joke. Here’s how a letter from a fan helped create one of the longest-running jokes in David Letterman’s career.

About

MethodShop’s mission is to entertain, inform, and sometimes gross you out. MethodShop has affiliate relationships, so we may get a small share of the revenue from your purchases. Items are sold by the retailer, not by us. All prices are subject to change.

Latest

How To Listen To Spotify On Peloton

How To Listen To Spotify On Peloton – Easy Tutorial

The Origins Of David Letterman's Legendary Broken Glass Joke

The Origins Of David Letterman’s Legendary Broken Glass Joke

Follow

MethodShop Animated Zoom Icon
  • About
  • Submit
  • Disclaimer
  • Privacy Policy
  • Contact
  • Subscribe
  • Store

Copyright © 2021 MethodShop · All Rights Reserved · Powered by BizBudding Inc.

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT