Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here* • The Register
Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.
Customise Settings
SIGN IN The Register® — Biting the hand that feeds IT
SECURITY
Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here*
Not personal info, but there are worries over deanonymisation. Remember that AOL research database?
Tim Anderson Wed 23 Sep 2020 // 13:51 UTC
46 comment bubble on white
Microsoft earlier this month exposed a 6.5TB Elastic server to the world that included search terms, location coordinates, device ID data, and a partial list of which URLs were visited.
According to a report from cyber-security outfit WizCase, the server was password-protected until around 10 September, when "the authentication was removed," we're told.
WizCase code-prober Ata Hakcil discovered the leak on 12 September. The data appears to be generated by the Bing mobile app, which promises users "getting rewarded is easy, just search with the Bing," and has been downloaded more than 10 million times from Google's Play Store at least. The data was growing by up to 200GB per day and included searches from people in more than 70 countries, according to WizCase.
Once the data was left unsecured, several things happened. The infosec firm reported the problem to Microsoft on 13 September, and the database was vanished from public view by the Windows giant's security response centre on 16 September. That left plenty of time for hackers and bots to stumble across the data silo. WizCase said the server suffered a Meow attack on two occasions, referring to a bot which wipes unsecured databases and replaces them with new ones featuring over and over the word "meow". However, fresh telemetry from the Bing app continued to be collected in the silo. If the Meow bot found that data, it is likely that other interested parties did as well.
In mitigation, the information did not include personal details such as names, addresses or email addresses. A critical question, though, is whether enough data was included to track down individuals using the search engine.
In 2006, AOL released what it thought was anonymised search data for research purposes, though journalists soon proved this wrong by identifying some of the searchers. One of the reasons why this was easy was that each searcher was identified by a numeric key, so it was possible to see all the searches made by a particular individual and then join the dots from clues in the queries.
A bucket leaking water
Leaky AWS S3 buckets are so common, they're being found by the thousands now – with lots of buried secrets
READ MORE
It seems Microsoft's leaked data may likewise have privacy implications. WizCase screenshots show that the records include fields called deviceID, deviceHash, AdID and clientID, all of which are promising in terms of finding all the searches from a particular user. There are also coordinates showing location "within 500 metres," not precise enough to get an address, but helpful to someone trying to identify searchers.
The data also reveals some of the unsavoury things people search for, including illegal content. WizCase suggested that if criminals succeed in deanonymising the data, some individuals could be vulnerable to blackmail or phishing scams as a result.
Statcounter readings show just 2.83 per cent market share for Bing versus Google's 92.05 per cent. That said, it is a small percentage of a very large market, and Statcounter's figures may not reflect searches via the Bing app or those integrated into Windows search.
The security blunder is unfortunate for Microsoft, which advertises "simplified privacy controls" as one of the benefits of the iOS version of Bing Search.
A Microsoft spokesperson told us: “We’ve fixed a misconfiguration that caused a small amount of search query data to be exposed. After analysis, we’ve determined that the exposed data was limited and de-identified.”
Anybody can make a mistake, but there is an implicit deal with search providers like Microsoft and Google that we get personalisation and improved search results in return for allowing them to collect data on our behaviour. A high level of trust is required, and this kind of incident is damaging to that trust. The data was, apparently, not encrypted. ®
Sponsored: Put data first when deploying scale-out file storage for accelerated systems
SHARE
46 Comments
Similar topics
MORE Security
CorrectionsSend us news
Other stories you might like
Better late than never: Microsoft rolls out a public preview of E2EE in Teams calls
Only for one-to-one voice and video, mind
Richard SpeedFri 22 Oct 2021 // 17:28 UTCcomment bubble on black
Microsoft has finally kicked off the rollout of end-to-end-encryption (E2EE) in its Teams collaboration platform with a public preview of E2EE for one-to-one calls.
It has been a while coming. The company made the promise of E2EE for some one-to-one Teams calls at its virtual Ignite shindig in March this year (https://www.theregister.com/2021/03/03/microsoft_ups_security/) and as 2021 nears its end appears to have delivered, in preview form at least.
The company's rival in the conference calling space, Zoom, added E2EE for all a year ago, making Microsoft rather late to the privacy party. COO at Matrix-based communications and collaboration app Element, Amandine Le Pape, told The Register that the preview, although welcome, was "long overdue."
CONTINUE READING
Recycled Cobalt Strike key pairs show many crooks are using same cloned installation
Researcher spots RSA tell-tale lurking in plain sight on VirusTotal
Gareth CorfieldFri 22 Oct 2021 // 16:32 UTCcomment bubble on black
Around 1,500 Cobalt Strike beacons uploaded to VirusTotal were reusing the same RSA keys from a cracked version of the software, according to a security researcher who pored through the malware repository.
The discovery could make blue teams' lives easier by giving them a clue about whether or not Cobalt Strike traffic across their networks is a real threat or an action by an authorised red team carrying out a penetration test.
Didier Stevens, the researcher with Belgian infosec firm NVISO who discovered that private Cobalt Strike keys are being widely reused by criminals, told The Register: "While fingerprinting Cobalt Strike servers on the internet, we noticed that some public keys appeared often. The fact that there is a reuse of public keys means that there is a reuse of private keys too: a public key and a private key are linked to each other."
CONTINUE READING
Microsoft investor urges shareholders to vote for a deep dive into pay gap and harassment policies
More transparency and reporting needed, says Arunja Capital
Richard SpeedFri 22 Oct 2021 // 15:30 UTCcomment bubble on black
UPDATED Accusations of harassment and concerns over pay gaps continue to dog Microsoft as shareholders were urged by investor Arunja Capital to vote for the software giant to release transparency reports.
The form PX14A6G filed with the US Securities and Exchange Commission is sent to shareholders outlining why the sender wants them to vote a certain way. In this case, for a proposal to release a transparency report regarding the effectiveness of Microsoft's workplace sexual harassment policies, and another to have the company report on median pay gaps across race and gender.
Investment management firm Arunja Capital put forward the resolution earlier this year, stating: "Microsoft needs independent and transparent investigation of gender discrimination, [and alleged] sexual harassment by former CEO Gates and others."
CONTINUE READING
US drops tariff threat against nations who dished out digital taxes to American tech giants as OECD members hash out new deal
15% tax minimum to hit tech firms
Lindsay ClarkFri 22 Oct 2021 // 14:37 UTC4 comment bubble on white
The US government and administrations in Europe have come to an agreement that will drop the threat of tariffs in response to policies on digital services taxes (DSTs).
The Department of the Treasury announced the deal would mean Austria, France, Italy, Spain, and the United Kingdom could keep their DSTs while multinational rules negotiated with the Organization for Economic Co-operation and Development (OECD) were introduced.
Back in June, nations where digital services taxes were deemed to disproportionately affect the US tech industry were threatened with 25 per cent tariffs on up to $2bn of their goods by the Office of the US Trade Representative (USTR). At the same time, it announced an immediate 180-day suspension of the tariffs so G20 and OECD nations had time to complete their negotiations on a global tax law, which would also hit tech companies.
CONTINUE READING
Nobody cares about DAB radio – so let's force it onto smart speakers, suggests UK govt review
Britain's anti Amazon and Google war gets a second front
Gareth CorfieldFri 22 Oct 2021 // 13:49 UTC43 comment bubble on white
The UK may require smart speakers such as Amazon Echo and Google Home devices to broadcast UK DAB radio stations, over government fears that Brits aren't consuming enough of the unloved radio tech.
Under the guise of "protecting UK radio stations' accessibility" the Department for Culture, Media and Sport (DCMS) has published a report calling for smart speakers to rebroadcast domestic radio stations' output. The recommendation is as follows:
CONTINUE READING
IPSE: More than a third of freelancers have quit contracting since IR35 reforms
Exodus, movement of the people... to the Middle East or elsewhere
Paul KunertFri 22 Oct 2021 // 13:08 UTC13 comment bubble on white
More than a third (35 per cent) of contractors in the UK have become permanent employees, retired, shifted to work overseas or are "simply not working" since IR35 tax legislation was revised earlier this year.
This is according to the Association of Independent Professionals (IPSE) which found 35 per cent fewer freelancers among those it surveyed since 6 April when the government pushed through the delayed reform.
"This research shows the devastating impact the changes to IR35 have had on contractors, needlessly compounding the financial damage of the pandemic," said Andy Chamberlain, director of policy at IPSE. "Now, just when contractors are needed the most - amid mounting labour shortages across the UK and particularly in haulage - government decisions have drive out a third of the sector."
CONTINUE READING
New Relic guzzles down CodeStream to help devs jump straight from app error telemetry to offending code
'I can debug production from the IDE,' said CS boss Peter Pezaris
Tim AndersonFri 22 Oct 2021 // 12:15 UTC2 comment bubble on white
Observability company New Relic has acquired CodeStream, specialists in developer collaboration, with the aim being to connect observability data with code in the development environment.
CodeStream, founded in 2017 by Peter Pezaris, adds instant developer communication to coding environments. For example, a developer puzzling over some code written by a colleague can click next to that code, type a message to the other dev, and they will receive it either in the IDE if they happen to be working on the same project, or in a messaging tool such as Slack, complete with a reference to the code in question. They reply, and a discussion begins.
Although it may seem a small thing, given that they could just use Slack (or any number of other messaging services) directly, the context and convenience makes it a worthwhile collaboration tool. CodeStream also integrates with pull requests from GitHub, GitLab, BitBucket, and issue management from Jira, Trello and others.
CONTINUE READING
Analogue tones of a ZX Spectrum Load set to ride again via podcast project
Remember the R Tape Loading Error?
Richard SpeedFri 22 Oct 2021 // 11:29 UTC15 comment bubble on white
The glory days of audio-cassette loading are set to return in the coming weeks, with retro fans to be treated to a broadcast for them to hit Play and Record to.
Audio cassettes were the medium of choice for software back when Sinclair and Commodore's 8-bit hardware ruled the roost. The floppy disk seemed impossibly glamorous for the average home computer user and code was instead delivered via audio.
While the sound of those files was unintelligible for most, for some enthusiasts it was possible to discern the type of data being loaded. Right up until the all-too-common R Tape Loading Error (which usually seemed to come right at the end of a lengthy period staring at a loading screen).
CONTINUE READING
Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations
The second vanishing of the cybergang... for now
Laura DobbersteinFri 22 Oct 2021 // 10:43 UTC16 comment bubble on white
As we noted a few days back, notorious ransomware gang REvil "disappeared" again this week. Recent reports have now shed light on why that may be.
The REvil leaks blog, known as Happy Blog, was made inaccessible on October 17, the same day one of its operators announced the group was shutting down due to a hijacking of their domain on Russian forum XSS, security vendor Flashpoint said at the time.
Now we may know why. Reuters reported the cybergang was taken down by a multi-country operation.
CONTINUE READING
Apple's Safari browser runs the risk of becoming the new Internet Explorer – holding the web back for everyone
WebKit engine is well behind the competition
Scott GilbertsonFri 22 Oct 2021 // 10:05 UTC56 comment bubble on white
FEATURE The legacy of Internet Explorer 6 haunts web developer nightmares to this day. Microsoft's browser of yore made their lives miserable and it's only slightly hyperbolic to say it very nearly destroyed the entire internet. It really was that bad, kids. It made us walk to school in the snow. Uphill. Both ways. You wouldn't understand.
Or maybe you would. Today developers who want to use "cutting-edge" web APIs find themselves resorting to the same kind of browser-specific workarounds, but this time the browser dragging things down comes from Apple.
Apple's Safari lags considerably behind its peers in supporting web features. Whether it's far enough behind to be considered "the new IE" is debatable and may say more about the shadow IE still casts across the web than it does about Safari. But Safari – or more specifically the WebKit engine that powers it – is well behind the competition. According to the Web Platform Tests dashboard, Chrome-based browsers support 94 per cent of the test suite, and Firefox pulls off 91 per cent, but Safari only manages 71 per cent.
CONTINUE READING
Judging by the way your face lit up, my inbox just got more attractive
A message for you, (on your) rudie
Alistair DabbsFri 22 Oct 2021 // 09:16 UTC22 comment bubble on white
SOMETHING FOR THE WEEKEND, SIR? "You've got mail!" announces a voice on the tram.
How very 1990s, I think, imagining myself as a double-taking, pre-gravitas Tom Hanks in a remake of the lightweight romantic comedy. I tear my attention away from my book and look up to see who uttered this famous refrain.
A man standing across the aisle is staring straight at me. OK, I'm no Tom Hanks but this guy's definitely no Meg Ryan. It is unsettling. I look up and down the carriage for other potential sources.
CONTINUE READING
ABOUT US
Who we are
Under the hood
Contact us
Advertise with us
MORE CONTENT
Latest News
Popular Stories
Forums
Whitepapers
Webinars
SITUATION PUBLISHING
The Next Platform
DevClass
Blocks and Files
Continuous Lifecycle London
M-cubed
Situation Publishing
The Register - Independent news and views for the tech community. Part of Situation Publishing
SIGN UP TO OUR DAILY NEWSLETTER
Your Work Email Address
SUBSCRIBE
Twitter
Facebook
LinkedIn
feeds
Biting the hand that feeds IT © 1998–2021
Your Consent Options Cookies Privacy Ts&Cs
Customise Settings
SIGN IN The Register® — Biting the hand that feeds IT
SECURITY
Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here*
Not personal info, but there are worries over deanonymisation. Remember that AOL research database?
Tim Anderson Wed 23 Sep 2020 // 13:51 UTC
46 comment bubble on white
Microsoft earlier this month exposed a 6.5TB Elastic server to the world that included search terms, location coordinates, device ID data, and a partial list of which URLs were visited.
According to a report from cyber-security outfit WizCase, the server was password-protected until around 10 September, when "the authentication was removed," we're told.
WizCase code-prober Ata Hakcil discovered the leak on 12 September. The data appears to be generated by the Bing mobile app, which promises users "getting rewarded is easy, just search with the Bing," and has been downloaded more than 10 million times from Google's Play Store at least. The data was growing by up to 200GB per day and included searches from people in more than 70 countries, according to WizCase.
Once the data was left unsecured, several things happened. The infosec firm reported the problem to Microsoft on 13 September, and the database was vanished from public view by the Windows giant's security response centre on 16 September. That left plenty of time for hackers and bots to stumble across the data silo. WizCase said the server suffered a Meow attack on two occasions, referring to a bot which wipes unsecured databases and replaces them with new ones featuring over and over the word "meow". However, fresh telemetry from the Bing app continued to be collected in the silo. If the Meow bot found that data, it is likely that other interested parties did as well.
In mitigation, the information did not include personal details such as names, addresses or email addresses. A critical question, though, is whether enough data was included to track down individuals using the search engine.
In 2006, AOL released what it thought was anonymised search data for research purposes, though journalists soon proved this wrong by identifying some of the searchers. One of the reasons why this was easy was that each searcher was identified by a numeric key, so it was possible to see all the searches made by a particular individual and then join the dots from clues in the queries.
A bucket leaking water
Leaky AWS S3 buckets are so common, they're being found by the thousands now – with lots of buried secrets
READ MORE
It seems Microsoft's leaked data may likewise have privacy implications. WizCase screenshots show that the records include fields called deviceID, deviceHash, AdID and clientID, all of which are promising in terms of finding all the searches from a particular user. There are also coordinates showing location "within 500 metres," not precise enough to get an address, but helpful to someone trying to identify searchers.
The data also reveals some of the unsavoury things people search for, including illegal content. WizCase suggested that if criminals succeed in deanonymising the data, some individuals could be vulnerable to blackmail or phishing scams as a result.
Statcounter readings show just 2.83 per cent market share for Bing versus Google's 92.05 per cent. That said, it is a small percentage of a very large market, and Statcounter's figures may not reflect searches via the Bing app or those integrated into Windows search.
The security blunder is unfortunate for Microsoft, which advertises "simplified privacy controls" as one of the benefits of the iOS version of Bing Search.
A Microsoft spokesperson told us: “We’ve fixed a misconfiguration that caused a small amount of search query data to be exposed. After analysis, we’ve determined that the exposed data was limited and de-identified.”
Anybody can make a mistake, but there is an implicit deal with search providers like Microsoft and Google that we get personalisation and improved search results in return for allowing them to collect data on our behaviour. A high level of trust is required, and this kind of incident is damaging to that trust. The data was, apparently, not encrypted. ®
Sponsored: Put data first when deploying scale-out file storage for accelerated systems
SHARE
46 Comments
Similar topics
MORE Security
CorrectionsSend us news
Other stories you might like
Better late than never: Microsoft rolls out a public preview of E2EE in Teams calls
Only for one-to-one voice and video, mind
Richard SpeedFri 22 Oct 2021 // 17:28 UTCcomment bubble on black
Microsoft has finally kicked off the rollout of end-to-end-encryption (E2EE) in its Teams collaboration platform with a public preview of E2EE for one-to-one calls.
It has been a while coming. The company made the promise of E2EE for some one-to-one Teams calls at its virtual Ignite shindig in March this year (https://www.theregister.com/2021/03/03/microsoft_ups_security/) and as 2021 nears its end appears to have delivered, in preview form at least.
The company's rival in the conference calling space, Zoom, added E2EE for all a year ago, making Microsoft rather late to the privacy party. COO at Matrix-based communications and collaboration app Element, Amandine Le Pape, told The Register that the preview, although welcome, was "long overdue."
CONTINUE READING
Recycled Cobalt Strike key pairs show many crooks are using same cloned installation
Researcher spots RSA tell-tale lurking in plain sight on VirusTotal
Gareth CorfieldFri 22 Oct 2021 // 16:32 UTCcomment bubble on black
Around 1,500 Cobalt Strike beacons uploaded to VirusTotal were reusing the same RSA keys from a cracked version of the software, according to a security researcher who pored through the malware repository.
The discovery could make blue teams' lives easier by giving them a clue about whether or not Cobalt Strike traffic across their networks is a real threat or an action by an authorised red team carrying out a penetration test.
Didier Stevens, the researcher with Belgian infosec firm NVISO who discovered that private Cobalt Strike keys are being widely reused by criminals, told The Register: "While fingerprinting Cobalt Strike servers on the internet, we noticed that some public keys appeared often. The fact that there is a reuse of public keys means that there is a reuse of private keys too: a public key and a private key are linked to each other."
CONTINUE READING
Microsoft investor urges shareholders to vote for a deep dive into pay gap and harassment policies
More transparency and reporting needed, says Arunja Capital
Richard SpeedFri 22 Oct 2021 // 15:30 UTCcomment bubble on black
UPDATED Accusations of harassment and concerns over pay gaps continue to dog Microsoft as shareholders were urged by investor Arunja Capital to vote for the software giant to release transparency reports.
The form PX14A6G filed with the US Securities and Exchange Commission is sent to shareholders outlining why the sender wants them to vote a certain way. In this case, for a proposal to release a transparency report regarding the effectiveness of Microsoft's workplace sexual harassment policies, and another to have the company report on median pay gaps across race and gender.
Investment management firm Arunja Capital put forward the resolution earlier this year, stating: "Microsoft needs independent and transparent investigation of gender discrimination, [and alleged] sexual harassment by former CEO Gates and others."
CONTINUE READING
US drops tariff threat against nations who dished out digital taxes to American tech giants as OECD members hash out new deal
15% tax minimum to hit tech firms
Lindsay ClarkFri 22 Oct 2021 // 14:37 UTC4 comment bubble on white
The US government and administrations in Europe have come to an agreement that will drop the threat of tariffs in response to policies on digital services taxes (DSTs).
The Department of the Treasury announced the deal would mean Austria, France, Italy, Spain, and the United Kingdom could keep their DSTs while multinational rules negotiated with the Organization for Economic Co-operation and Development (OECD) were introduced.
Back in June, nations where digital services taxes were deemed to disproportionately affect the US tech industry were threatened with 25 per cent tariffs on up to $2bn of their goods by the Office of the US Trade Representative (USTR). At the same time, it announced an immediate 180-day suspension of the tariffs so G20 and OECD nations had time to complete their negotiations on a global tax law, which would also hit tech companies.
CONTINUE READING
Nobody cares about DAB radio – so let's force it onto smart speakers, suggests UK govt review
Britain's anti Amazon and Google war gets a second front
Gareth CorfieldFri 22 Oct 2021 // 13:49 UTC43 comment bubble on white
The UK may require smart speakers such as Amazon Echo and Google Home devices to broadcast UK DAB radio stations, over government fears that Brits aren't consuming enough of the unloved radio tech.
Under the guise of "protecting UK radio stations' accessibility" the Department for Culture, Media and Sport (DCMS) has published a report calling for smart speakers to rebroadcast domestic radio stations' output. The recommendation is as follows:
CONTINUE READING
IPSE: More than a third of freelancers have quit contracting since IR35 reforms
Exodus, movement of the people... to the Middle East or elsewhere
Paul KunertFri 22 Oct 2021 // 13:08 UTC13 comment bubble on white
More than a third (35 per cent) of contractors in the UK have become permanent employees, retired, shifted to work overseas or are "simply not working" since IR35 tax legislation was revised earlier this year.
This is according to the Association of Independent Professionals (IPSE) which found 35 per cent fewer freelancers among those it surveyed since 6 April when the government pushed through the delayed reform.
"This research shows the devastating impact the changes to IR35 have had on contractors, needlessly compounding the financial damage of the pandemic," said Andy Chamberlain, director of policy at IPSE. "Now, just when contractors are needed the most - amid mounting labour shortages across the UK and particularly in haulage - government decisions have drive out a third of the sector."
CONTINUE READING
New Relic guzzles down CodeStream to help devs jump straight from app error telemetry to offending code
'I can debug production from the IDE,' said CS boss Peter Pezaris
Tim AndersonFri 22 Oct 2021 // 12:15 UTC2 comment bubble on white
Observability company New Relic has acquired CodeStream, specialists in developer collaboration, with the aim being to connect observability data with code in the development environment.
CodeStream, founded in 2017 by Peter Pezaris, adds instant developer communication to coding environments. For example, a developer puzzling over some code written by a colleague can click next to that code, type a message to the other dev, and they will receive it either in the IDE if they happen to be working on the same project, or in a messaging tool such as Slack, complete with a reference to the code in question. They reply, and a discussion begins.
Although it may seem a small thing, given that they could just use Slack (or any number of other messaging services) directly, the context and convenience makes it a worthwhile collaboration tool. CodeStream also integrates with pull requests from GitHub, GitLab, BitBucket, and issue management from Jira, Trello and others.
CONTINUE READING
Analogue tones of a ZX Spectrum Load set to ride again via podcast project
Remember the R Tape Loading Error?
Richard SpeedFri 22 Oct 2021 // 11:29 UTC15 comment bubble on white
The glory days of audio-cassette loading are set to return in the coming weeks, with retro fans to be treated to a broadcast for them to hit Play and Record to.
Audio cassettes were the medium of choice for software back when Sinclair and Commodore's 8-bit hardware ruled the roost. The floppy disk seemed impossibly glamorous for the average home computer user and code was instead delivered via audio.
While the sound of those files was unintelligible for most, for some enthusiasts it was possible to discern the type of data being loaded. Right up until the all-too-common R Tape Loading Error (which usually seemed to come right at the end of a lengthy period staring at a loading screen).
CONTINUE READING
Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations
The second vanishing of the cybergang... for now
Laura DobbersteinFri 22 Oct 2021 // 10:43 UTC16 comment bubble on white
As we noted a few days back, notorious ransomware gang REvil "disappeared" again this week. Recent reports have now shed light on why that may be.
The REvil leaks blog, known as Happy Blog, was made inaccessible on October 17, the same day one of its operators announced the group was shutting down due to a hijacking of their domain on Russian forum XSS, security vendor Flashpoint said at the time.
Now we may know why. Reuters reported the cybergang was taken down by a multi-country operation.
CONTINUE READING
Apple's Safari browser runs the risk of becoming the new Internet Explorer – holding the web back for everyone
WebKit engine is well behind the competition
Scott GilbertsonFri 22 Oct 2021 // 10:05 UTC56 comment bubble on white
FEATURE The legacy of Internet Explorer 6 haunts web developer nightmares to this day. Microsoft's browser of yore made their lives miserable and it's only slightly hyperbolic to say it very nearly destroyed the entire internet. It really was that bad, kids. It made us walk to school in the snow. Uphill. Both ways. You wouldn't understand.
Or maybe you would. Today developers who want to use "cutting-edge" web APIs find themselves resorting to the same kind of browser-specific workarounds, but this time the browser dragging things down comes from Apple.
Apple's Safari lags considerably behind its peers in supporting web features. Whether it's far enough behind to be considered "the new IE" is debatable and may say more about the shadow IE still casts across the web than it does about Safari. But Safari – or more specifically the WebKit engine that powers it – is well behind the competition. According to the Web Platform Tests dashboard, Chrome-based browsers support 94 per cent of the test suite, and Firefox pulls off 91 per cent, but Safari only manages 71 per cent.
CONTINUE READING
Judging by the way your face lit up, my inbox just got more attractive
A message for you, (on your) rudie
Alistair DabbsFri 22 Oct 2021 // 09:16 UTC22 comment bubble on white
SOMETHING FOR THE WEEKEND, SIR? "You've got mail!" announces a voice on the tram.
How very 1990s, I think, imagining myself as a double-taking, pre-gravitas Tom Hanks in a remake of the lightweight romantic comedy. I tear my attention away from my book and look up to see who uttered this famous refrain.
A man standing across the aisle is staring straight at me. OK, I'm no Tom Hanks but this guy's definitely no Meg Ryan. It is unsettling. I look up and down the carriage for other potential sources.
CONTINUE READING
ABOUT US
Who we are
Under the hood
Contact us
Advertise with us
MORE CONTENT
Latest News
Popular Stories
Forums
Whitepapers
Webinars
SITUATION PUBLISHING
The Next Platform
DevClass
Blocks and Files
Continuous Lifecycle London
M-cubed
Situation Publishing
The Register - Independent news and views for the tech community. Part of Situation Publishing
SIGN UP TO OUR DAILY NEWSLETTER
Your Work Email Address
SUBSCRIBE
feeds
Biting the hand that feeds IT © 1998–2021
Your Consent Options Cookies Privacy Ts&Cs
