Apple is working to fix a security flaw in Safari that could allow a web site to grab names, email addresses and other info from visitors, no matter if the visitor volunteers the the info or not.
The AutoFill feature in Safari is very convenient, and is turned on by default, but has recently been exploited in a “lab setting”. Autofill works by filling in fields based on the letter or letters typed into the field. For example, If I type “C” into a name field, AutoFill will fill in Charles, or Charles Lindauer depending on the context. This information is pulled from the Address Book application data. Other browsers autofill from info previously entered on web forms.
There’s no evidence that this flaw has been used to steal information, but it’s not terribly difficult to do, and the flaw has been around for a while.
I opened Safari preferences, chose AutoFill and unclicked the boxes. Now I have to fill in forms the hard way, but my personal information is safer.
Apple will, hopefully, have a solution for this flaw released soon. I’ll post any updates as they are released.
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
