Comments on: OmniWeb 5.5.2 now available and more secure.

By: Lingua franca » OmniWeb 5.5.2

Lingua franca » OmniWeb 5.5.2 — Thu, 11 Jan 2007 01:17:50 +0000

[…] Vous pourrez en apprendre plus (en anglais) sur leur blog. […]

By: Mac Season » Blog Archive » MOAB-07-01-2007: OmniWeb

Mac Season » Blog Archive » MOAB-07-01-2007: OmniWeb — Mon, 08 Jan 2007 12:42:34 +0000

[…] The seventh bug has been posted in the series of “Month of Apple Bugs�? published on the web every day in January 2007 - today the issue is about javascript alert() format string vulnerability in Omniweb. A fix has already been released by OmniWeb - very impressive! […]

By: January: Month of Apple Bugs - Page 2 - MacNN Forums

January: Month of Apple Bugs - Page 2 - MacNN Forums — Mon, 08 Jan 2007 08:39:39 +0000

[…] MOAB-07-01-2007: OmniWeb Javascript alert() Format String Vulnerability These bozos can’t even identify the software that the bug is in and they obviously don’t have a clue about the software they are reporting on. This is identified as an OmniWeb issue (later clarified as being a WebKit issue - but they don’t know why Safari doesn’t suffer from it… that’ll be because OmniWeb uses a newer version of WebKit and KJS you dummies). FWIW, this was fixed within a few hours by OmniGroup but the MOAB bunch haven’t had the courtesy to update their website to inform people of this yet. __________________ 15" PowerBook 1.5GHz, SuperDrive, 5400rpm 80GB, 1.5GB RAM/128MB VRAM, MacOS X 10.4.8 Please visit The Land Gallery for nature-inspired British Fine Art. […]

By: Sean

Sean — Mon, 08 Jan 2007 08:16:24 +0000

I guess in all fairness I should try to read the rest of the article, but honestly I could not get past some idiot trying to trademark “bad code.” (”bad code” ™) are they serious? lol

By: Ilgaz

Ilgaz — Mon, 08 Jan 2007 00:28:23 +0000

Andrew I would hope Omni group stays how it is and Omniweb keeps to be a commercial browser. You don’t get same treatment from Apple over $140 OS do you?

Would you want Graphic Converter to become property of Adobe? Where would be 100+ bugfix, new feature releases?

By: Ilgaz

Ilgaz — Mon, 08 Jan 2007 00:25:41 +0000

I must say I have never seen such thing, I was browsing MOAB and saw Omni issue and right after that, a popup window appeared saying new Omniweb available.

Open source, closed source, never seen anything like that…

Omni did NOT ignore the issue and fixed it, now lets see MOAB and mysterious (not in fact, Omni bug lights a bulb) LMH will STOP advertising Firefox because of this issue.

OMG Firefox? At least suggest a Cocoa thing like Camino! Mercy OS X users *g*

By: cottonM

cottonM — Mon, 08 Jan 2007 00:20:05 +0000

Thanks for the fix. You are being very polite about this. Sure the bug might be a little embarrassing but the “Summary”on the MOAB page was an unnecessary jab at you. Quoting your own promo materials was childish at best. They keep trying to sound reasonable but they keep ending up seeming petty.

I keep wondering what happens if these genius’ announce a bug tomorrow and some hacker immediately puts it in the wild and I have my entire business crippled for a period of time? How would that be a service to me? You can bet that a bunch of attorneys would be suing the pants off of them. I think they’re taking on a boat load of potential liability they probably can’t cover financially.

This is irresponsible because it could severely effect (can you say legal damages) innocent users. If they want to have a pi55ing match with Apple and developers please play the game in their own backyard. Quit risking the people can’t do anything about it. Users. This is the height of geek arrogance.

By: Andrew Dunning

Andrew Dunning — Sun, 07 Jan 2007 23:14:17 +0000

The “one more thing” this Macworld: Apple buys Omni, releasing OmniWeb 6 to replace Safari (compatible with most Firefox extensions), and integrating the rest of the apps into iWork (including OmniFocus). Available immediately as a free download.

By: Ken

Ken — Sun, 07 Jan 2007 23:11:24 +0000

If the “Month of Apple Bugs” project had given us advance notice of the security issue, we would have posted a fix sooner; as it was, they sent us notice at 11:15am and (as you can see) we posted this fixed release a few hours later.

We’re not proud to have had a vulnerability in the first place, naturally, but we are proud of our response time! (Now I guess we’ll see how quickly they respond to our fix, updating their workaround section to point people at our fixed release.)

By: Corentin

Corentin — Sun, 07 Jan 2007 23:11:19 +0000

Yeepee!!!