Articles about webkit

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019

Sysadmins and netizens, it's time to get serious about killing off old, buggy and insecure versions of Transport Layer Security (TLS) – the encryption used to secure connections to HTTPS websites like your bank, El Reg, and so on. For one thing, web browser makers are laying out coordinated deprecation plans, meaning if your …
Composite image. Image by Syda Productions

Check out this link! It's not like it'll crash your iPhone or anything (Hint: Of course it will)

Apple iPhones, iPads, and Mac computers that stray onto websites with malicious CSS code, while using Safari, can crash or fall over – due to a flaw in the web browser. The WebKit rendering engine vulnerability can be triggered by just a few lines of code in a cascading style sheet (CSS). On iOS devices, at least, it all …
John Leyden, 17 Sep 2018

Apple moves on HSTS abuse in Safari

Apple has moved to block an abuse vector in the WebKit framework that underpins its Safari browser and allows HSTS to be abused to act as a 'supercookie' for user tracking. HSTS – HTTP Strict Transport Security – allows a Web site to declare to browsers that it's only accessible via HTTPS. If a user tries to hit the HTTP-only …
Apple iPhone X detail

Web devs griping about iPhone X notch: You're rendering it wrong

WebKit, the open source project behind the rendering engine that powers Apple's Safari browser on macOS and iOS, has urged web designers to embrace "the notch," though not everyone is happy about doing so. Apple's forthcoming iPhone X has a notch because a portion at the top of its screen has been given over to what the tech …
Thomas Claburn, 26 Sep 2017

Apple signals it's willing to let next-gen web apps compete with iOS apps

Analysis About a week after Philadelphia-based web developer Greg Blass pilloried Apple in a widely discussed online post for hindering web development by refusing to embrace Service Workers, the WebKit team, stewards of the open-source layout engine powering Apple's Safari browser, began doing just that. Service Workers, an API for …
Army of Darkness. Universal Pictures.

It's 2017 – and your Mac, iPad, iPhone can all be pwned by an e-book

Apple has released security updates for both of its main operating systems, along with iTunes, Apple Watch, and Apple TV. All should be installed as soon as possible before they are exploited by miscreants. The updates, numbering seven in total, include fixes for security vulnerabilities in the Safari browser and WebKit engine …
Shaun Nichols, 16 May 2017
Rotten Apple

Borked browser baked into Nintendo Switch

A couple of console enthusiasts have run up a proof-of-concept showing a Nintendo's new games machine, the "Switch", being p0wned thanks to an old Webkit vulnerability. When CVE-2016-4657 emerged last year, it was used to jailbreak iOS before version 9.3.5. The Switch has a built-in browser that carries the vuln, and as …

Apple is rolling WebRTC video-chat into Safari iOS, OS X browsers

Apple is adding support for WebRTC videoconferencing to WebKit, the engine at the heart of Safari. This will allow the web browser to handle websites and apps that offer WebRTC's encrypted video-nattering. The Cupertino maker of iThings has updated its WebKit website to add WebRTC to its list of open specifications as "in …
Shaun Nichols, 13 Apr 2016
Rotten Apple

Apple gets around to fixing those 77 security holes in OS X Yosemite

Apple has released a series of security updates to address 77 CVE-listed security vulnerabilities in OS X Yosemite. The Yosemite 10.10.4 update includes fixes for QuickTime, OpenSSL and ImageIO, along with remote code execution flaws and other exploits that could allow an attacker to obtain elevated privileges or crash …
Shaun Nichols, 30 Jun 2015

Apple swats Webkit bugs that bit it on Safari

Apple has update its Safari browser to quash three Webkit-derived bugs. One of the bugs, CVE-2015-1155 , meant “ Visiting a maliciously crafted website may compromise user information on the filesystem,” thanks to “A state management issue … that allowed unprivileged origins to access contents on the filesystem.” CVE-2015- …
BlackBerry logo

BlackBerry goes all 'patch Tuesday' with multi vuln fixes

BlackBerry has issued four patches covering vulnerabilities in Flash, Webkit and libexif on its devices. The Z10, Q10 and PlayBook all need patching for Adobe Flash vulnerabilities. If a user were led to a page containing crafted Flash content, an attacker could execute arbitrary code on an affected device. BSRT-2013-007 notes …
Photo of a stack of Google Chromebooks

Google brings Blink-powered Chrome to Windows and Mac OS X

Blink, the browser rendering engine Google summoned into existence after becoming disgruntled with progress on the Apple-led Webkit, has made its debut in Windows and Mac OS, after having made its way to Linux last month. The engine is embedded in Chrome 28, available now in Chrome's stable channel. Google revealed plans to …
Simon Sharwood, 12 Jul 2013
The Register breaking news

Groundbreaking Camino browser digs grave, jumps in

The Camino browser, first conceived around the turn of the millennium as a free, open source project designed to be a true "Mac-like" browser for the then-nascent Mac OS X, has reached the end of the line. "After a decade-long run, Camino is no longer being developed, and we encourage all users to upgrade to a more modern …
Rik Myslewski, 31 May 2013
The Register breaking news

Opera debuts Chromium-luvvin' desktop browser Next 15

The biggest change to Opera's browser in 17 years has debuted, with code for Opera Next released today for Windows and Mac. Opera Software today announced the beta availability of a completely re-engineered version of its browser that rips out the old plumbing in favour of Chromium, the open-source code that's the basis for …
Gavin Clarke, 28 May 2013
The Register breaking news

WebKit devs on Blink fork: 'Two can play that game'

Now that Google has announced that it will migrate its Chrome browser from the WebKit rendering engine to a homegrown fork called Blink, WebKit developers have already begun discussing how to remove Chrome-specific code from the project. Streamlining the code of its browser engine was one of the top reasons cited by Google for …

Google goes on the Blink in WebKit fork FURORE

Comment When Opera Software killed its web browser's rendering engine Presto, and announced it will instead use WebKit, the company did so with the best intentions. WebKit was a surefire bet: by mainlining the brain juice of Google's Chrome and Apple's Safari - the top dogs on the web and on smartphones - Opera hoped to break out of …
Gavin Clarke, 4 Apr 2013
The Register breaking news

Google forks WebKit, promises faster, leaner Chrome engine

Google has announced that its Chrome browser is dropping the popular WebKit browser engine in favor of Blink, a new fork of the code that the Chocolate Factory says will make Chrome faster, more powerful, and more secure. The internet ad giant announced the move on Wednesday via the official blog of the Chromium project, the …
Firefox smartphone

Mozilla to Apple: we don't care about iOS

Firefox won't land on Apple's iOS until the fruity company relaxes its rules about third party browsers, according to Jay Sullivan, vice president of product at Mozilla. Sullivan spoke on a panel at the SXSW music-and-tech-fest in Austin, Texas, over the weekend, and told the crowd Apple's refusal to allow the installation of …
Simon Sharwood, 10 Mar 2013

Create a news alert about webkit, or find more stories about webkit.

Biting the hand that feeds IT © 1998–2018