Jeremiah Grossman has discovered and explained a potentially significant security flaw in Safari 4 and 5. In essence, if you have the AutoFill option "Using info from my Address Book card" enabled, a malicious Web site can extract your name, company, city, state, country, and email address without your knowledge. For the moment, we recommend turning off that option in Safari's AutoFill preference pane. Apple told the New York Times (though not Grossman, who reported the bug) that they are "aware of the issue and are working on a fix." follow link
Use VirusBarrier X6 to Find Internet Traffic Paths
Need to find out who owns a domain name, or where your traffic is being routed? VirusBarrier X6 has a number of network monitoring tools, including a built-in Whois search tool, and a Traceroute feature. If you use the latter, you can even display a map after the traceroute has completed, showing exactly where in the world data passes between your Mac and a selected IP address.
- ExtraBITS for 26 July 2010 (26 Jul 10)
Safari Reveals Personal Info Via Auto-Fill