“Apple Safari has become the first major browser to be purged of one of the web’s longest-running privacy defects: The ability for any site owner to effortlessly steal a compete copy of your recent browsing history,” Dan Goodin reports for The Register.
“The browser history disclosure leak is as old as the World Wide Web itself, and it afflicted every major browser – until now,” Goodin reports. “Starting with versions released Monday, Safari no longer coughs up the list of websites a user has visited. The change is one of almost 50 security fixes Apple engineers added to versions 4.1 and 5.0 of the browser.”
Goodin reports, “In characteristic Apple fashion, the company buried news of the change at the bottom of this page. We pointed the new Safari version at sites here and here, which exploit the weakness, and neither worked. The attacks succeeded just fine against Google Chrome and Firefox, and one of them succeeded even when Firefox was running the NoScript add-on.”
Full article here.
[Thanks to MacDailyNews Reader “Lava_Head_UK” for the heads up.]