Minor update patches WebKit security flaws in Yosemite, Mavericks, Mountain Lion
On Wednesday, Apple updated its Safari browser for OS X 10.8 (Mountain Lion), 10.9 (Mavericks), and 10.10 (Yosemite) to versions 6.2.6, 7.1.6, and 8.0.6, respectively. The updates applied patches to discovered security flaws in WebKit, the underlying engine of Safari, that could have been exploited if left unfixed. Potential problems that could have arisen from the flaws could have resulted in crashes, access to filesystem contents, or allowing a site to spoof a user interface. The updates as relevant will appear in the Updates tab of the Mac App Store.
Apple releases new Safari betas for OS X 10.9 and 10.8
On Wednesday, Apple updated the developer versions of Safari with two new betas aimed at users of older OS X versions, specifically 10.8 (Mountain Lion) and 10.9 (Mavericks). The new versions follow a slight update to the current Safari versions for OS X 10.8 and later that contains several WebKit fixes for security issues. Version 7.15 is for Mavericks, while Mountain Lion owners will see only version 6.2.5.
AutoFill, subpixel rendering, extension compatibility and more being tested
On Wednesday, Apple released two betas for its Safari web browser, as well as a new beta for OS X Server. The Safari betas, 7.1 for Mavericks and 6.2 for Lion and later, add new features to WebKit, the rendering engine at the heart of the browser. In addition, Apple has asked testers to focus on general website compatibility in light of changes in some defaults, and tie-ins to forthcoming features in OS X and iOS. The new OS X Server beta requires the latest Mavericks (10.9.4).
WebKit vulnerability, memory corruption, other issues addressed
Seven potential security and stability flaws in the WebKit engine that drives Safari have been identified and fixed in a new update for the default Mac web browser, which was released on Wednesday. The patch updates the version numbers to 6.1.6 for older OS versions going back to Lion (OS X 10.7.5), and to 7.0.6 for Mavericks (10.9.4). Problems with a WebKit vulnerability that could cause crashes, alongside some memory corruption issues, prompted the update.
May hint at simpler cross-platform compatibility
New developer APIs for OS X 10.10 and iOS 8 are already being pushed to open-source channels for WebKit, users note. A new class involves a view that replaces the current OS X and iOS support for displaying inline content. It's believed to include cross-platform compatibility, eliminating the need to use "WebView" for OS X and "UIWebView" for iOS. At the same time though, some separate view classes remain, meaning that the platforms are still not thoroughly meshed.
Follows just one week after 7.0.3
(Updated for Safari 6.1.4) Apple has issued a minor update to Safari, v7.0.4. The patch is in fact much smaller than most, solving only a security flaw in WebKit, the rendering engine that underlies the browser. Memory corruption problems in v7.0.3 could've potentially let hackers use malicious websites to assume control of a computer.
WebKit-based browser Opera Coast now available for iPhone
Opera Software has released an iPhone version of its WebKit-based browser, Opera Coast. An iPad version was released last September, initially optimizing the browser for touchscreens. Users can begin a search by using a pulling down gesture on the home screen, bringing up an input interface with an icon-based autofill for sites previously visited. Navigation between pages can be executed by a swipe, with websites displayed on the iPhone's full screen.
Move aims to streamline innovation
Google has introduced its own browser rendering engine, Blink, that will serve as Chrome's alternative to the WebKit2 engine used by competing browsers such as Safari. The search giant suggests its WebKit-based engine will enable developers to streamline innovation, eliminating approximately 4.5 million lines of code and thousands of files that only serve to support WebKit2's features, according to an Ars Technica report.
Large contingent took severance package before Christmas
Opera's move from the Presto rendering engine to WebKit has forced the company to restructure its development teams. The Core Technology division, consisting of around 100 developers, has dropped by more than 90 positions in the last quarter, with overall employee numbers reduced from 931 to 840 in the most recent quarterly report.
Presto being exchanged for open source projects
Opera is replacing the Presto rendering engine used in its web browser with WebKit. The migration to a different rendering engine comes at the same time the browser is celebrating 300 million monthly users in total over all formats, including smartphones, smart televisions, tablets, and personal computers.
Vulnerability exposes contacts, photos, but not SMS or email
A vulnerability in WebKit, the engine behind Mobile Safari and other iOS browsers, allowed two Dutch professional security researchers to come up with an exploit that compromised an iPhone 4S and won the pair a $30,000 cash prize at the mobile Pwn2Own contest in Amsterdam. While the finished exploit can be deployed in minutes, finding a vulnerability to use in WebKit and developing the technique took about three weeks of dedicated work, Certified Secure CEO Joost Pol told interviewers. The vulnerability is not yet patched in iOS 6, the team says.
Will benefit all WebKit-based browsers over time
Devs call for action
Mozilla and several other browser developers have voiced concern over the dominance of WebKit-based browsers, notably Safari and Chrome. World Wide Web Consortium (W3C) co-chairman Daniel Glazman suggests programmers have begun to disregard alternative browsers, such as Firefox and Internet Explorer, when optimizing website compatibility.
WebOS may have been fated to struggle
New scoops both public and private have suggested that Palm, and later HP, may have ultimately had hurdles at the corporate level, not just technical, to ever challenging Apple or Google. WebOS didn't have either the needed management or engineers to bring it to completion, a New York Times source said, and there were few WebKit-savvy developers weren't already working on iOS or Android. This was compounded by a rush to finish the OS in nine months, which required taking shortcuts such as skipping proper APIs (app programming interfaces) until later, hurting the ability for third-party developers to sign on.
ALAC now open to modify and use
Apple in a gesture to the community started up the Apple Lossless Audio Codec project to open-source its lone proprietary audio standard. Its change lets developers implement and modify the format for both encoding and playback. Codes also get an example app that can read or write audio to Core Audio and WAV, along with a "magic cookie" to use when making M4A and MP4 clips.
Dolphin Browser ported to iPhone
One of Android's better-known apps, Dolphin Browser, has been given a long-requested port to the iPhone (free, App Store). The iOS version of MoboTap's software uses Apple's WebKit engine but brings features that have yet to reach Safari. It already has tabbed browsing ahead of iOS 5, a Firefox-style address bar with search results, and gesture-based shortcuts for common tasks.
Engine should remain open, name may not
Research in Motion has filed an opposition motion in Canada, attempting to block an Apple trademark application for the term "WebKit," notes Patently Apple. In the short term the move will give RIM some extra time to prepare a case, the deadline being November 22nd. Apple first filed for the application in May 2010.
Attempt to reduce confusion, improve code
Google is turning to the WebKit community to create a more functional, Chromium-like browser for the Android platform, TechCrunch reports. The project will involve removing a previous but incomplete Android port of WebKit and all Android-specific code out of the existing browser, which shares a codebase with Chrome (the company's full-fledged WebKit-based browser) but is developed by a separate team. The new browser will be entirely open-sourced, a change in direction.
Company may have bowed to public pressure
Fulfilling earlier obligations, Apple has finally released source code for iOS 4.3.3. The firmware contains several open-source components, notably ones related to the WebKit rendering engine used in Safari and third-party browsers such as Chrome. Items of concern are covered under the Lesser General Public License, or LGPL.
No updates provided since iOS 4.3
Apple has been negligent in releasing some of the source code from the BSD and LGPL (Lesser General Public License) components of WebKit, reports say. What would become WebKit is based partly on the KHTML and KJS in KDE Project's Konqueror browser, and Apple has promised to publish all modifications of related open-source material. The problem is that no source code has been published in connection with iOS 4.3, 4.3.1, 4.3.2 or 4.3.3, even though iOS' Safari web browser is based on WebKit.
Also targets stability and performance problems
Apple has released iTunes 10.2.2, a minor update of its Mac and Windows jukebox software. The patch mainly copes with syncing issues, such as one causing the program to become unresponsive when syncing an iPad. Apple has similarly dealt with a problem causing photo sync to take too long with all iOS devices.
Updates patch a long list of security issues
Apple has posted a security update for its Safari browser, which has been released alongside a related security update for Snow Leopard. Safari 5.0.5 brings several critical fixes for its WebKit engine, patching vulnerabilities that were discovered by researchers working with TippingPoint's Zero Day Initiative. The changes are designed to help protect against sites containing malicious code.
Blackberry Torch 9800 said to be "far less secure"
[Update: Miller says Apple will issue a patch] Hacker Charlie Miller, who has repeatedly won the CanSecWest "Pwn2Own" security competition in Vancouver, seems to enjoy owning Apple products -- but mainly by winning them after demonstrating a security vulnerability. Miller, who has previously compromised an (original) MacBook Air and has since focused mostly on vulnerabilities in Webkit and Safari, used that technique again this year to compromise an iPhone 4, thus winning it. The exploit Miller used has been blocked in the release of iOS 4.3, but the vulnerability in Webkit still exists, he told ZDNet.
Team exploits WebKit vulnerability
Security researches from the French company Vupen hacked a MacBook running Safari to win the recent Pwn2Own hacking contest this week at the CanSecWest security conference. The group discovered and exploited an unpatched vulnerability in Safari's WebKit engine. The browser was directed to a website designed to take advantage of the flaw, enabling the hackers to remotely launch the calculator application and write a file to the disk.
Resume may close unused apps
A variety of less publicized changes have been made in Mac OS X Lion, the developer preview shows. One of the most important is an overhauled Finder, sporting new buttons and a different sidebar. The file browser automatically sorts items by type, and is also described as more responsive.
Company to focus on gaming, future uncertain
On the eve of Flock's sixth anniversary,CEO Sean Hardin has announced in a blog post on the company's website that the Flock team will be going to work for the social gaming company Zynga, leaving the future of the multi-platform browser uncertain. The web browser, now based on Webkit and Chromium, integrates a social-media sidebar into the browser directly so that users can keep up with posts, statuses, comments and timelines while browsing other web sites.
Boxee Box ships preorders Nov 10, stores Nov 17
Boxee today locked down ship dates for the Boxee Box. The media hub will ship November 10 for those who've pre-ordered through either Amazon in the US (above) or Best Buy and Future Shop in Canada. A much wider range of online and retail shops should get the Boxee Box on November 17.
TomTom Go Live 1000, Magellan flagships hit FCC
The FCC has leaked word of two new including the Magellan RoadMate 9020/9055 as well as TomTom's Go Live 1000. More is known about the latter device, as it will be based on a WebKit interface, which is new for TomTom. It will sport a capacitative touchscreen, a magnetic mount and connected services such as real-time traffic updates.
Boxee Box to use Atom CE4100 chip
Boxee on Monday revealed that it's switching the Boxee Box away from the NVIDIA Tegra 2 platform to Intel's Atom CE4100 processor. The switch was described to Electronista as a form of future proofing; the company wants to guarantee 1080p HD streaming for the future as well as today, Boxee said. NVIDIA's hardware can handle 1080p, but only in VC-1 and not the more popular H.264 format.
Boxee browser to drop Firefox for WebKit
Boxee tonight revealed that it's dropping the Firefox-based browser in the Boxee Box and desktop apps will switch to the Apple-made but open WebKit engine instead. Lead Apps Developer Rob Spectre told NewTeeVee that Boxee wanted to guarantee HTML5 support. Firefox's Gecko engine has rudimentary HTML5 support, but it doesn't work well within the Boxee client.
RIM promises BB 6 updates to older phones
RIM as part of the BlackBerry Torch launch provided details of the upgrade plan for BlackBerry 6. The new OS will reach the Bold 9700, the Bold 9650 and the Pearl 3G as well as future devices. A timetable hasn't been set, but it should reach devices in the "months ahead."
BlackBerry Bold 9780 reviewed with OS 6
Willyboy6 on the Driphter forums has posted a video pre-review of the upcoming BlackBerry Bold 9780 running on OS 6.0. The presence of the platform on a QWERTY BlackBerry is a first, and while the software appears to run smoothly, willyboy6 is quick to point out this is a pre-release version and may differ from the final, production version. The hardware is identical to the 9700, including 480x360 screen resolution, but its camera does not have a megapixel stamp next to it, so it may use the same 3.2-megapixel unit as the 9700 or the 5-megapixel shooter of the future 9670.
Nokia desktop web browser to join Chrome, Safari
Nokia is developing a full-fledged web browser for the desktop, Eldar Murtazin confirmed today after getting access to a beta. The famed target of Nokia said Ovi Browser would be based on WebKit, like Nokia's mobile web browser as well as Apple's Safari and Google Chrome, but would tie directly into Ovi services. Users could shop some of the Ovi Store and check their calendars, contacts and e-mail.
New BlackBerry may already have iPhone 4 problem
RIM may have suffered an unintentional humbling today through a set of videos (available below) demoing the yet-to-be-launched BlackBerry 9800. While showing off the new WebKit and media browsers, clips given to Salomondrin has shown what appears to be the "death grip" symptom in action: while held in certain positions, the phone drops to one or two bars. The phone is a pre-release model but is using what should be the final design.
BBerry OS 6 devices may see huge delay for CDMA
Devices running BlackBerry OS 6.0 may not reach CDMA networks until next year, Kaufman Bros. analyst Shaw Wu said in a research note today. Industry sources said that the OS is in "beta testing" and should ship with its first GSM device, likely the BlackBerry 9800, before the end of September. CDMA devices, however, aren't so far and could be three to six months behind, pushing their launches either to the end of the year or early 2011.
Flock 3 now out, uses Chromium instead of Firefox
The Mozilla Firefox-based Flock browser is now available in a Flock 3 beta build that drops Firefox roots in favor of Google's Chromium and its WebKit engine. As one would expect, the new browser is much different from the original. While the latest Flock browser is currently only available for Windows, a Mac beta is due in July.
Safari 5 would help Apple regain browser edge
A potentially significant rumor has Apple launching Safari 5 as soon as WWDC with new additions intended to beat Google. The browser would allegedly have an option for Bing alongside Google and Yahoo, reflecting a last-minute deal with Microsoft. Apple would also bolster its HTML5 advocacy by supporting many more features, including geolocation, draggable items and video with closed-captioning and full-screen modes.
BB Bold 9700 sequel may be internal update
A low-key update to the BlackBerry Bold 9700 could be enroute based on multiple rumors. The design, nicknamed Onyx II, would be identical on the outside but would have a new processor with OpenGL-capable graphics, twice as much RAM at 512MB and a five-megapixel camera. RIM would almost certainly load the new phone with BlackBerry OS 6.0 and get the benefits of both the faster graphics and the vaunted WebKit browser.
Tech supports several browsers
Apple has filed for a trademark on WebKit, the engine at the heart of Safari, documents show. While an open-source project, Apple is the creator and primary developer of the engine, which handles the critical task of page rendering. The technology has been adapted for use in several other platforms, including Google's Chrome and Android browsers, and HP/Palm's WebOS.
Steve Jobs posts open letter about Flash dispute
Apple chief Steve Jobs today posted an open letter explaining his company's reasons for not supporting Adobe Flash on the iPad, iPhone and iPod. He argued it had nothing to do with control at all but that it was instead "based on technology issues." Flash is too proprietary, prone to crash, a major security risk and not at all suited to touchscreens, he said.
TomTom fights Garmin, iPhone with new GPS
TomTom ushered in a newer wave of GPS units today through the Go Live 1000. Like the Garmin nuvi 3700 it's up against, TomTom's GPS switches to a capacitive touchscreen much more naturally suited to finger input. The interface has been redesigned to match and is unique in being based on WebKit, the same web browser engine that runs Chrome and Safari.
BlackBerry 6.0 to have better touch features
RIM co-chief Mike Lazaridis during an analyst talk today provided the first official teasers of BlackBerry OS 6.0. He promised the platform would work better with touchscreen phones without dropping support for trackpad devices. The WebKit-based browser will play a central role and should affect both the web and apps that depend on the web engine to work.
System "sandboxes" tabs for stability, security
LG Mini GD880 has desktop-level web
LG this morning said it had officially launched the GD880 with a surprise software feature in store. The device is the only non-smartphone with an HTML5 web browser, nicknamed Phantom, and can see Gmail or other advanced pages with accuracy approaching the Android and iPhone browsers. It shares similar WebKit roots and loads pages (as many as 10) much more quickly than usual browsers in the class.
iPad processor blows away Nexus One
The A4 processor in the iPad is far faster than the Qualcomm Snapdragon processor running the Nexus One, according to early benchmarks. Although both run at 1GHz, Apple's chip is usually at least 9 percent faster loading most websites; it's up to 60 percent faster with very visually intensive websites. The AnandTech tests noted some unusual spikes, but even discarding these is an average of 10 percent faster.
Nokia gets Novarra and expects results
Nokia today said it had bought Chicago-based Novarra through acquiring all its shares. The younger company has been known for developing high speed mobile web browsers as well as platforms for services. Unlike most such deals, Nokia explicitly noted that its goal was to improve Internet access on its phones and expects a new Nokia-branded service at the end of the year.
BlackBerry now has fast, accurate web browser
RIM drew attention at Mobile World Congress this morning by confirming and showing off a new web browser for the BlackBerry based on WebKit (video below). By using largely the same engine as Apple's Safari or Google's Chrome, the browser now loads pages much faster and is much more accurate. It can handle complex AJAX, CSS and HTML5, and is one of the few mobile browsers to get a perfect score on the ACID3 web standards test.
BBerry WebKit browser said 30-60pc faster
Research In Motion is planning to use its WebKit-based BlackBerry browser as a surprise weapon against Android phones and the iPhone, Kaufman Bros. analyst Shaw Wu said today in an investor note. He cites "sources" who say the browser has been delayed but that it will take advantage of the push nature of BlackBerry Internet Service to load sites much more quickly. It could load pages as much as 30 to 60 percent faster than other WebKit devices simply by not having to use as much bandwidth.
Google's Brin sees two OSes merging
Google co-creator Sergey Brin followed up the introduction of Chrome OS with hints that the new operating system may eventually merge with Android. While the two are currently separate in most ways, the executive suggested the two could unite simply because smartphones and notebooks increasingly share common traits. He pointed out that both have Linux at the root and WebKit for their browsing engines.
Flash and AIR betas also bring HW decode
Adobe today fulfilled earlier promises and provided betas for both Flash Player 10.1 and AIR 2. Both are the first from Adobe to have a Flash layer that supports multi-touch input, including gestures such as pinching to zoom the window. Flash Player specifically gets H.264 hardware decoding through newer video chipsets and, initially for Windows PCs, can significantly reduce the workload on the CPU or a notebook's battery.