Disabling Unsafe URI Handlers

by Volker Weber

defaultapps.png

Nils Heeren points me to John Gruber's advice to disable unsafe URI handlers. Thank you, Nils.

Comments

John Gruber's article has been updated, by the way, to include disabling telnet too. (http://daringfireball.net/2004/05/telnet_protocol)

I disabled a bunch of protocols, including disk, disks, telnet, ssh (and help).

While I believe that the threat is more theoretical, at least for the sites that I visit every day, you can further enhance the security with Paranoid Android. According to Unsanity it would be quite easy for Apple to fix this hole and I assume they will soon do that.

Volker Weber, 2004-05-22 21:51

Recent comments

Gordon Inkson on Is Slack a product or a feature? at 03:22
Ian Bradbury on Is Slack a product or a feature? at 17:36
Keith brooks on Is Slack a product or a feature? at 15:23
Bill Brown on Samsung Galaxy S8 :: The verdict at 18:57
Richard Schwartz on Samsung Galaxy S8 :: The verdict at 16:01
Andy Dennis on Is Slack a product or a feature? at 16:00
Karl Heindel on Marshall Monitor BT at 15:32
Martin Funk on Is Slack a product or a feature? at 15:02
Volker Weber on Marshall Monitor BT at 11:25
Karl Heindel on Marshall Monitor BT at 11:21
Michael Klüsener on Is Slack a product or a feature? at 09:14
Patrick Bohr on Is Slack a product or a feature? at 19:56
Frank Quednau on Is Slack a product or a feature? at 18:02
Thomas Klein on Samsung Galaxy S8 :: The verdict at 15:46
Volker Weber on Samsung Galaxy S8 :: The verdict at 11:34
Patrick Bohr on Samsung Galaxy S8 :: The verdict at 08:51
Felix Binsack on Samsung Galaxy S8 :: The verdict at 16:49
Volker Weber on Samsung Galaxy S8 :: First impressions at 14:01
Volker Weber on Marshall Monitor BT at 13:59
Scott Hanson on Marshall Monitor BT at 13:23
Norbert Tretkowski on Samsung Galaxy S8 :: First impressions at 09:44
Volker Weber on Marshall Monitor BT at 19:50
Richard Schwartz on Marshall Monitor BT at 18:50
Bernd Hofmann on Marshall Monitor BT at 15:01
Ingo Müller on BlackBerry stumbles over April security fix at 22:22

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  instagram

Local time is 02:26

visitors.gif