- Cyril Roger |
- February 28, 2008
"I'd love to say that Safari was a safer browser, but at this point it isn't." That's what PayPal's Chief Information Security Officer, Michael Barrett, had to say in an interview reported by Macworld. Apple's Safari browser, which runs on Macs, PCs and iPhones, was heavily criticized by Barrett for lacking many security features which other browsers like Firefox, IE7 or Opera already include.
For one, Barrett states, Safari lacks a proper in-built anti-phishing feature to detect online scams. This sort of malicious behavior has quickly become one of the most common and effective ways of stealing private information from users. Phishing scams usually lead you to a fake website, which looks like the one you want to access. It's commonly used on banking sites, in an attempt to get you to reveal your account information
Another security point where Safari lags, according to Barrett, is certificates. Safari does handle and read certificates, which guarantee the authenticity of a website. However you have to click on the discreet little lock at the top right of the browser to view them. One thing pointed out by Barrett is that Safari doesn't yet include Extended Validation (EV), which requires more extensive investigation to prove that the website you are visiting is authentic. EV is known to turn the address bar green when the site is proven to be genuine.
PayPal's security doubts on Safari are illustrated in their Security Center FAQ, where they omit Safari in their list of safe browsers.