Two years ago security expert Nitesh Dhanjani reported a Carpet Bomb security bug to security bug in Apple’s Safari Web Browser, in respond of this apple closed this security issue in Windows version of Safari but Mac OS X version of Safari browser still contains this bug.
In a carpet bomb attack, the victim visits a malicious Web site, which then starts downloading unauthorized files to the victim's computer without any sort of approval.Hackers still have no way to run the files on the victim's computer, but these unauthorized downloads still represent a security risk, Dhanjani said. "In this day and age ... the site shouldn't be able to drop anything it wants into my downloads folder."Apple hacker Charlie Miller said that Dhanjani's bug is not serious because there is no second Mac OS X bug that causes downloaded files to be executed. "So basically, a Web site can start to download a bunch of files to your Downloads directory. This isn't an ideal situation, but then again, I don't see a lot of harm that comes from it," he said in an e-mail interview. "Especially, if the alternative is for the browser to nag me every time I want to download something."
Dhanjani said in his blog post that Apple hasn't fixed the issue because they believe it might annoy Mac users. "They're going after usability," he said. "Apple wants to make everything so seamless that they don't want the user to have to go through this extra process."
Since this bug is still open ,it means that if you use the Safari browser on OSX, a malicious entity can drop any amount of binaries or data files into your ~/Downloads/ folder. This issue is caused because, while most sane web browsers warn the end user and ask for explicit permission before saving a file locally, Safari goes ahead and saves the file into the default download location without asking the user - even if hundreds of files are served up by the malicious website simultaneously
Via: Computerworld , Nitesh Dhanjani’s Blog
|
Dear Readers:
|
