Dave Taylor answers free tech support questions about a wide variety of business and technical topics, including blogging, iphone help, ipod help, AdSense, MySpace, Sony PSP help, Mp3 players, Windows XP, Windows Vista, Linux, SEO, Mac OS X, Facebook, Twitter and LinkedIn.

Fixing a Mac OS X Safari vulnerability

A letter came in this morning:
Help! I read about some sort of major security hole where people can exploit the Safari help system and drop junk onto my computer? What's that all about? How can I avoid it being a danger on my computer?
Dave's Answer: The problem here is that like all Web browsers, Apple's Safari browser associates different applications with different protocols. Go to a 'http:' URL and it'll act differently than if you go to a 'mailto' URL, for example.

In this case, it appears that the Help Viewer with Mac OS X has some unexpected vulnerabilities that some delinquent hackers have realized can be exploited to get onto your computer if you're running Mac OS X. Obviously not good.

To fix this you need to associate a different application with the "help:" protocol in Safari. Unfortunately, Safari doesn't let you tweak these so-called protocol helpers so you either need to swoop into the XML preferences file and edit by hand (not recommended!) or install a nice - free - application called MoreInternet from MonkeyFood.com. Install that, then start it from the Apple -> System Preferences menu. Then it's a breeze; find the "help" protocol and either just delete it (that's what I did) or associate it with an application other than the Help Viewer (try "Chess" for something amusing).

That should solve the problem until Apple comes up with a more logical fix, like a version of Help Viewer that doesn't have this vulnerability!



Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon    
Categorized: Mac OS X Help   (Article 3701)
Tagged:
Previous: Is there any hidden importance to the page TITLE?
Next: How do I optimize my site for search engines?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments
Rather amazingly, there are no comments on this article yet.


I have a lot to say, but ...
Starbucks coffee cup I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!









Remember personal info?


Please note that I will never send you any unsolicited commercial email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Uniblue: Free Virus Scan

Search
Find just the answers you seek from among our 1700+ free tech support articles by using our Lijit search engine.


Member of the B5Media Network

Help!
Ask Dave for Help!




Link To Dave!
• Buy Dave a Cuppa •
Media Queries

Subscribe to
Ask Dave Taylor!

Add to Google Reader
Add to My Yahoo!
Subscribe in NewsGator Online

RDF   XML

Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.

Complete Archives

Recent Entries
Join the List!
Join my author info mailing list, where you'll learn about my upcoming books, speaking gigs, and more!


Book Links
CIG Growing Your Business with Google
Creating Cool Web Sites
Wicked Cool Shell Scripts
Learning Unix for Mac OS X Panther
Solaris 9 for Dummies
Teach Yourself Unix System Administration in 24 Hours
Teach Yourself Unix in 24 Hours
Creating Cool HTML 4 Web Pages
Dynamic HTML Weekend Crash Course
training - speaking - writing - business blog - photography - bio - tech support
© 2002 - 2008 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]