Below excerpt is from the interview of the Man who broke  into MacBook within 2 minutes in Pwn2Own contest. 

Alan: How much of your work today is focused on securing Macs vs. PC vs. Linux? Who is your typical customer?

Charlie: At work, I mostly look at application-level security. Most of this is really independent of operating system. For example, source code reviews or reverse engineering binaries doesn’t depend much on the operating system. I’ve spent a lot of my research time on Macs because I like them and they also happen to be pretty easy to break!

Most of ISE’s customers are small to medium size companies that care a lot about security and want to make sure their applications are secure.  The companies that only want a check box usually go somewhere else because we are pretty good at what we do and consequently charge more than many other consulting firms.

 

Read the Full Interview More reading

Computer scientist Brian Mastenbrook has discovered a fairly serious bug in Safari’s RSS feed handling that can allow a maliciously-crafted web page to access personal information without any knowledge or intervention of the user. The information can include—but isn’t necessarily limited to—e-mails, passwords, and information stored in browser cookies.

This vulnerability affects any Mac OS X user that has Safari set as the default feed reader in Safari’s RSS preferences. You can be affected by it even if you don’t read RSS feeds or regularly use another browser such as Firefox. As for Windows users, the vulnerability only affects those who use Safari to browse the web.

Solution/Workaround for this problem is very simple.

Src

Before using Mac my favorite browser in Windows was Firefox ( not that i hate IE ,  because of Firefox addons features basically i love Firefox) . But when i moved to Apple Mac my favorite browser is Safari though it doesn’t have Addon’s flexibility as compared to Firefox . In Firefox world viewing the saved passwords is really easy . You just need to go to Firefox preferences in Mac ( and tools> options in Windows ) then to Security tab and click on the “Saved Passwords” then “Show Passwords” . Getting the forgotten passwords was , and still is , this easy in Firefox . I keep forgetting my usernames and passwords i use in different sites and personally i used this feature of Firefox many times. Quite sometimes i have also revealed my friends’ saved passwords , like a prank , in their Firefox browser . It is quite fun if your friends are not much aware of these stuffs.

Continue reading »