Contestants at Pwn2Own take down Safari, but said OS X security is better than other systems

As usual, the annual Pwn2Own contest featured many hackers targeting the latest operating systems and browsers from the major vendors, including Apple. Threatpost reports that the “Keen Team” focused Safari on Thursday and exploited it with relative ease.

The team took home a $40,000 bounty for their efforts on Safari, as well as a share in a $75,000 prize for co-engineering a zero-day Flash exploit. They say they will donate some of their winnings towards charities representing missing Malaysian Airplane passengers.

The group say that for Safari, they used two different exploit vectors. One vulnerability was a heap overflow in WebKit that enabled arbitrary code execution. The team then used this opening to use another exploit to bypass the application sandbox and run code as if it was user privileged.

Read more

Popular Android ‘Dolphin Browser’ comes to iPhone, iPad with native app

UPDATE [Monday, September 12, 2011 at 3:30pm ET]: Dolphin Browser HD for iPad just went live on the App Store.

Most Android users are quite familiar with the third-party Dolphin Browser app, which has been downloaded over 9 million times and according to TechCrunch just raised $10 million from Sequoia Capital. It appears some of that investment will go towards the company’s efforts on iOS devices as well, as an official iOS version of the browser has just popped up in the App Store.

The iOS version brings over the majority of features that have made Dolphin so popular among Android users. Among them is highly customizable gestures, built-in translations, dock-like sidebar for accessing bookmarks, speed dial, tabbed browsing, and more. Don’t be fooled, however, Dolphin is still based on Apple’s own WebKit, much the same as the default Safari app, all other third-party browsers on the App Store, and the majority of browsers in the smartphone industry. It does have some competitors such as Opera and a handful of smaller players like SkyFire who are starting to gain traction and steadily improving their iOS offerings.
Read more

RIM doesn’t want Apple to trademark ‘WebKit’ for reasons unknown, files opposing action

RIM has filed an ‘opposition action’ (via Patently Apple) in Canada against Apple’s trademark application for ‘WebKit’, the rendering platform based on KHTML that Apple help create before making open-source. The move grants RIM more time to build their case before a November 22, 2011 deadline.

Apple originally filed the trademark application in May of 2010 which, while getting a little bit of media attention, kind of flew under the radar of most. After all, WebKit has been made open-source.. so trademark or no trademark this shouldn’t affect Google, RIM, and all other platforms currently relying on WebKit in their browsers. Right?

If Apple were granted the trademark, it would mean other companies wouldn’t be able to associate the “WebKit” name with their products. Something that could potentially become more valuable if the WebKit name was marketed more prominently as a feature of future devices. Perhaps if Apple branded “WebKit” as a feature or technology in future products, other companies inability to do so would give Apple an advantage. Apple’s trademark application asserts the company’s rights to the name based on a “screenshot of Applicant’s website [WebKit Nightly Builds page] showing use of mark in connection with download of Applicant’s software”.
Read more

Edge, Adobe’s new web motion and interaction design tool, now available as a preview

Adobe today released its “Flash for HTML5″ web design tool Edge into Beta.

Adobe® Edge is a new web motion and interaction design tool that allows designers to bring animated content to websites, using web standards like HTML5, JavaScript, and CSS3.

This version of Edge focuses primarily on adding rich motion design to new or existing HTML projects, that runs beautifully on devices and desktops.

  • Create new compositions with Edge’s drawing and text tools.
  • Import popular web graphics such as SVG, PNG, JPG or GIF files.
  • Easily choreograph animation with the timeline editor. Animate position, size, color, shape, rotation and more at the property level.
  • Energize existing HTML files with motion, while preserving the integrity of CSS-based HTML layouts.
  • Copy and paste transitions, invert them, and choose from over 25 built-in easing effects for added creativity.

Two example videos and feature breakdown below (Via The Loop): Read more

iOS 4.3.2 to fix Verizon iPad, Facetime issues

A BGR Source has the 4.3.2 update and it appears to fix those Verizon iPad 2 issues that have 3G connections freezing. The update…

will fix the issues we’ve been hearing about with some Verizon iPad 2 models. Additionally, the new update is said to contain a fix for FaceTime in addition to security fixes for things like WebKit vulnerabilities and other minor changes.

It isn’t certain yet if this update is for Verizon iPhone 4s but that’s a bit …due as well. Read more

Inconclusive tests paint Android browser 52 percent faster than iPhone's, but what about Safari's Nitro engine? (UPDATED: the testing is flawed)

According to a Blaze study stemming from 45,000 Android and iOS tests, the Android browser on average loads web pages 52 percent faster than mobile Safari. The results are inconclusive, however, because it’s unclear whether Blaze’s measurements take into account the new Nitro JavaScript engine that comes with iOS 4.3. The report was completed before this complaint was made public and Blaze is arguing that the lack of Nitro boost can “slightly” skew the results given that “JavaScript only accounts for a small percentage of the total load time.”

Read more