{"id":23008,"date":"2018-10-05T15:11:25","date_gmt":"2018-10-05T19:11:25","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=23008"},"modified":"2018-10-09T16:48:49","modified_gmt":"2018-10-09T20:48:49","slug":"finding-and-exploiting-safari-bugs-using-publicly-available-tools","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2018\/10\/05\/finding-and-exploiting-safari-bugs-using-publicly-available-tools\/","title":{"rendered":"Finding and Exploiting Safari Bugs Using Publicly Available Tools"},"content":{"rendered":"<p><a href=\"https:\/\/googleprojectzero.blogspot.com\/2018\/10\/365-days-later-finding-and-exploiting.html\">Ivan Fratric<\/a> (<a href=\"https:\/\/news.ycombinator.com\/item?id=18141627\">Hacker News<\/a>):<\/p>\n<blockquote cite=\"https:\/\/googleprojectzero.blogspot.com\/2018\/10\/365-days-later-finding-and-exploiting.html\">\n<p>The original advisories most likely didn&rsquo;t include all the issues because Apple wanted to wait for the issues to also be fixed on MacOS before adding them. However, this practice is misleading because customers interested in the Apple security advisories would most likely read them only once, when they are first released and the impression they would to get is that the product updates fix far less vulnerabilities and less severe vulnerabilities than is actually the case.<\/p>\n<p>Furthermore, the practice of not publishing fixes for mobile or desktop operating systems at the same time can put the desktop customers at unnecessary risk, because attackers could reverse-engineer the patches from the mobile updates and develop exploits against desktop products, while the desktop customers would have no way to update and protect themselves.<\/p>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Ivan Fratric (Hacker News): The original advisories most likely didn&rsquo;t include all the issues because Apple wanted to wait for the issues to also be fixed on MacOS before adding them. However, this practice is misleading because customers interested in the Apple security advisories would most likely read them only once, when they are first [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2018-10-05T19:11:27Z","apple_news_api_id":"83e0d91b-eb94-4a73-bf12-bc867daac1ed","apple_news_api_modified_at":"2018-10-09T20:48:53Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/Ag-DZG-uUSnO_EryGfarB7Q","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[],"tags":[131,164,31,1610,30,1609,103,48,328],"class_list":["post-23008","post","type-post","status-publish","format-standard","hentry","tag-bug","tag-documentation","tag-ios","tag-ios-12","tag-mac","tag-macos-10-14","tag-safari","tag-security","tag-webkit"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=23008"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23008\/revisions"}],"predecessor-version":[{"id":23022,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/23008\/revisions\/23022"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=23008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=23008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=23008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}