Safari for Windows Announced, Broken + iPhone Thoughts

Yesterday, at the Apple World Wide Developers Conference, Steve Jobs announced Safari would now be available on Windows. This is an effort to grow its market share, beyond the limits of OS X. My first though however, was that it just means that attacks on Safari would thus be made more relevant. Sure enough, other peoples' first thoughts were also about how it could be broken. David Manor's, and Thor Larholm's articles made slashdot today, but Aviv Raff has also posted about problems found by simply running Hamachi, a fuzzer.

Such problems continue to dispel confidence in Apple's ability to vet potentially exploitable bugs in their code. The thing that really worries me though, is the relevance to Safari in the upcoming iPhone. You can guarantee that security researchers will be getting iPhones and running exploits against them. And Steve Jobs' explanation of how 3rd party web-apps could access the other iPhone capabilities (for instance to make a call) makes one wonder whether it matters or not that the web-apps are supposedly "sandboxed" within Safari's memory space. If they can access your contacts and upload them to the server, or DoS your phone by continuously calling 911, you're going to be in a world of hurt. Further, if you exploit Safari on the iPhone, do you have unimpeded access to the rest of the memory? It seems unlikely that the variant of OS X which runs on the phone would have any sort of advanced exploit protections that the normal version doesn't have (unless it's running a version of Mac OS 10.6 which will supposedly have mandatory access control built in).

There are a lot of things up in the air about the iPhone, but the one thing that is clear, is that Safari will be the primary way of attacking it remotely. Therefore, Safari vulnerabilities should be quite worrisome for anyone who will be buying an iPhone (like myself ;))