Nat! bio photo

Nat!

Senior Mull.

Twitter RSS

Github

Safari Exploit: Look at this page and join my Botnet

It's funny. If you look at Stepwise there is never an article like Dangerous Bug in Safari or something. Instead the articles are mostly about damage control, if there's something slightly negative about Apple, if there are articles at all.
The smuggest of smug Mac users is right: the platform is more secure, and these new security threats are no more threatening that a paraplegic kitten. says one columnist. And Gruber's Daring Fireball says: It boils down to this: you can’t safely double-click files from untrusted sources, and you never could. This is no different today on Mac OS X 10.4 than it was a decade ago on Mac OS 8 and 9.

But...

Have you ever downloaded something from Sourceforge ? Isn't it curious how there is a download happening from a page, where you did not click anything on it ? This is done using a http-equiv="refresh" META tag. If you load a page with this code embedded, you don' t have to do anything: the exploit will get downloaded and executed automatically on a standard Safari installation.

You do trust the others, not me, don't you ? You don't think this will work ? Then please visit this page and join my Botnet. I could have put the META tag also on this page right here and my Botnet would be even stronger, but I am a nice guy basically.