Network News

X My Profile
View More Activity

Safari Gets Phishing Protection

Yesterday, Apple released an update to its Safari Web browser that belatedly adds some protection against phishing sites, those phony pages that impersonate financial logins.

Where older versions of Safari would have let you click through to a phishing site, Safari 3.2 (a free download for Mac OS X 10.4 and 10.5 as well as Windows XP and Vista) will halt you with an alert headlined "Warning: Suspected Phishing Site." If you hit the Enter key to get that warning out of your way, you'll be sent back to the previous page -- a safe, sensible default.

safari_3.2_phishing.jpg

On a Mac, this feature worked as advertised, blocking access to multiple sites listed on the PhishTank clearinghouse of phishing reports. On a Vista PC, a copy of Safari 3.2 had to be restarted before it blocked the same pages.

(Safari 3.2, unlike current releases of Mozilla Firefox and Microsoft's Internet Explorer, doesn't do anything extra to highlight the use of strong encryption by trustworthy sites; its only visual cue remains a small, subtle lock icon at one corner of the browser window. Update 1/17: Commenter RussellFinn notes that Safari 3.2 does offer an extra hint--the name of the site in green type, next to the lock icon--for sites that, like PayPal, verify their identity with an "Extended Validation" security certificate. Most companies, however, don't seem to have made this upgrade to their security yet.)

This update also includes a set of security fixes -- although one of them is apparently years overdue.

Speaking of things that are overdue, Safari also still lacks the smart address auto-complete that Firefox, Google's Chrome and IE 8 Beta 2 offer. This might not sound like a major feature -- it lets you return to a page by typing part of either its address or its title, not just its address -- but its absence has grown increasingly irritating in my daily use of Safari. I'm starting to rethink my recommendation of this browser as a better fit on Macs; on Windows, where Safari doesn't benefit from any close integration with the rest of the system, I no longer see much point in installing it.

How has this update worked out for you? And where do you rank Safari among your browser choices these days?

By Rob Pegoraro  |  November 14, 2008; 10:25 AM ET
Categories:  Mac , The Web  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Adobe And Google Edit Photo-Editing Tools
Next: Win the Presidency, Lose Your E-Mail?

Comments

Rob

Don't know what control you have, if any, over PostGlobal blocking comments that might be critical of Islam in the Obama article today about whether Islam sees Obama as a 'Superman.'

Such blocking, while perhaps lawful, does great harm to the 1st Amendment.

Posted by: brucerealtor@gmail.com | November 15, 2008 3:17 AM | Report abuse

As a long time Mac user (home) and Windows user (work), I have finally settled on Firefox as the browser of choice, especially since the advent of Firefox 3. It has had the phishing warning since the beginning, I love the auto-complete, and it is easily customized by readily available add-ons. And, because it is not as tightly integrated with the operating system on either platform it provides, in my opinion, greater security.

While there are some nice features in Safari (expandable entry windows, for example), it is not enough to entice me to use it all the time.

Posted by: bdthompsonmn | November 15, 2008 7:25 PM | Report abuse

"Safari 3.2 ... doesn't do anything extra to highlight the use of strong encryption by trustworthy sites..."

That's not true -- it displays the name of the organization in green text next to the padlock icon in the title bar. (Try going to https://www.paypal.com/ for example.) Clicking the green title displays the certificate information (just as clicking the padlock icon does).

Posted by: RussellFinn | November 16, 2008 1:43 AM | Report abuse

I've used Firefox for years, using IE only when a website I need to access demands IE. However, (for me) smart address auto-complete is visual clutter akin to SHOUTING. For those who don't want smart address auto-complete, Mozilla offers a plugin named "oldbar" aka 6227. Because I found oldbar, I didn't have to quit using Firefox. Here's the link for oldbar:
https://addons.mozilla.org/en-US/firefox/addon/6227

Posted by: TeresaBinstock | November 16, 2008 7:35 AM | Report abuse

I've used Firefox for years, using IE only when a website I need to access demands IE. However, (for me) smart address auto-complete is visual clutter akin to SHOUTING. For those who don't want smart address auto-complete, Mozilla offers a plugin named "oldbar" aka 6227. Because I found oldbar, I didn't have to quit using Firefox.

Posted by: TeresaBinstock | November 16, 2008 7:49 AM | Report abuse

Just purchased an Imac last Monday. I prefer Safari so far to IE. Since I dont use Firefox autocomplete is not an issue.

Still have IE at the office and Windows.

Rob how's about an updated column to help us Red State dwellers in our conversion to
Mac.

Posted by: omarthetentmaker | November 17, 2008 7:47 AM | Report abuse

I use Safari (Mac G5) almost exclusively because of its embedded color synchronization with Apple's monitor color calibration and all the application software. It's also the least robust and most compliant of all the browsers with W3C standard, so it requires better Web page development. I like Firefox's plug-ins for debug Web pages lacking with Safari, but I live with Safari's deficienices compared to FF (3.0.4) or IE (any flavor). As for article's issues, with phising and security, I just watch where I surf, and with the auto fill-in, I've found it works on 95+% of the sites with the other browsers.

Posted by: wsrphoto | November 17, 2008 9:55 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company