
Security researcher discloses Safari bug after Apple delays patch - caiobegotti
https://www.zdnet.com/article/security-researcher-discloses-safari-bug-after-apple-delays-patch/
======
fsflover
Another proof that Apple, by restricting use of alternative browsers, does not
have a goal of security in mind but control.

> Does Apple permit iPhone users to set a browser other than Safari as the
> defaultbrowser?

> iPhone users cannot set another browser as the default browser. Safari is
> one of the apps that Apple believes defines the core user experience on iOS,
> with industry-leading security and privacy features.

[https://docs.house.gov/meetings/JU/JU05/20190716/109793/HHRG...](https://docs.house.gov/meetings/JU/JU05/20190716/109793/HHRG-116-JU05-20190716-SD036.pdf)

~~~
t0mbstone
It's especially ironic, when you consider the whole anti-competitive lawsuit
against Microsoft and them bundling Internet Explorer with Windows back in the
day.

Now Apple just gets away with the same thing, but even worse (because they
don't even allow other competing browsers on their iOS platform at all).

It's kind of puzzling to me.

~~~
frosted-flakes
I'm not saying I agree with Apple, but the difference is that Microsoft had at
the time more than 90% of desktop computer market share in the US. For Apple
and smartphones, it's about 50%.

------
saurik
Apple is really bad at dealing with security researchers, and would rather
figure out ways to silence them than prioritize fixing anything. For a more
fleshed out argument about this, see this Twitter thread I posted last week
(which starts out talking about Epic Games but quickly moves through the
Corellium lawsuit to focus on this topic).

[https://twitter.com/saurik/status/1295024384596312064](https://twitter.com/saurik/status/1295024384596312064)

------
caiobegotti
I believe the lead here is this part (and goes on):

"However, the real issue here is not just the bug itself and how easy or
complex it is to exploit it, but how Apple handled the bug report."

------
medmunds
Actual bug and disclosure timeline: "Stealing local files using Safari Web
Share API" [https://blog.redteam.pl/2020/08/stealing-local-files-
using-s...](https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-
web.html)

