I felt like my little site to see a browser’s HTTP request headers, logme.mobi, would at some point die and that is why I have not updated it in months. The reality is much brighter and while I see crawlers visiting every other day (don’t care about those very much and I’m sure they do not care about the service!), I also see mobile devices and strange User-Agents coming every day. This is of course a good sign, a proof that it is useful to some and even if it’s very simple in concept it’s good that it is being used.
For this reason I have spent half an hour today to make a small change that I think can be very useful. Up until yesterday I showed the headers as PHP stores them which was probably OK, but less than perfect as PHP uses its own header names and changes everything to uppercase. Using a simple function (apache_request_headers) I have now changed to the actualy names as received by Apache. This is probably a change that will not make a huge difference to the most, but it’s a valuable improvement to some. I have some other improvement on my mind, but I need to install some software and unfortunately I don’t have time, but expect something soon.
I also removed the officially-dead-for-quite-a-while list of tests. I originally created them thinking of using them as a test suite for browsers and mobile devices and wanted to store results in a database. Eventually and thankfully, dotMobi came in and we developed a nice site for testing that is fully integrated with DeviceAtlas and so now I’m linking that site, if you want to run any tests (see the online docs for TA-DA). Remember that in order to login you will need valid mobiForge/DeviceAtlas credentials; on the up-side, all your tests results are stored with your profile.
SecurityFocus Newsletter #485 is I think the first issue of the newsletter where mobile devices are listed. 2 issues have been reported one about the iPod Touch and iPhone and the other about the Nokia 6131, both are vulnerable to remote attacks on the browser.
The interest for security on mobile browsers is yet another proof that mobile is about to take over the rest of connected-electronics.
4. Nokia 6131 Multiple Vulnerabilities
BugTraq ID: 30716
Last Updated: 2009-01-05
Relevant URL: http://www.securityfocus.com/bid/30716
Nokia 6131 is prone to multiple vulnerabilities.
The device is affected by URI-spoofing and denial-of-service issues.
Remote attackers may spoof the source URI of a site to direct users to a malicious location and trigger crashes in an affected device.
23. Apple iPhone and iPod Touch Prior to Version 2.0 Multiple Remote Vulnerabilities
BugTraq ID: 30186
Last Updated: 2009-01-05
Relevant URL: http://www.securityfocus.com/bid/30186
Apple iPhone and iPod touch are prone to multiple remote vulnerabilities:
1. A vulnerability that may allow users to spoof websites.
2. An information-disclosure vulnerability.
3. A buffer-overflow vulnerability.
4. Two memory-corruption vulnerabilities.
Successfully exploiting these issues may allow attackers to execute arbitrary code, crash the affected application, obtain sensitive information, or direct unsuspecting victims to a spoofed site; other attacks are also possible.
These issues affect iPhone 1.0 through 1.1.4 and iPod touch 1.1 through 1.1.4.
Initially Nokia announced the decision of using the webKit browser in their mobile devices in the S60 series and they called it S60 Browser (running on the S60WebKit). That was already a landmark, I think.
Apple of course boosted the users of webKit and Safari releasing the windows version of Safari and then Safari in the iPhone.
Google followed announcing webKit in Android and now with Chrome.
MOTOMAGX is a linux platform by Motorola. They use it for some of their PDA’s. The other day I received their newsletter that among the other things mentioned widgets for MOTOMAGX and guess what? The official browser is the webkit.
A lot of big companies are jumping on the webKit band-wagon, but I think my original question still stands, Will Apple share ownership of the webKit? It’ll be especially interesting to see how Google will contribute and try to take control of the platform as now they have a lot of interest in making sure it goes in the right direction. So far it looks like Nokia did not have much voice in the project, at least from what I see.
More open questions:
- Where does this leave Opera (Mini)? Will there still be space for them?
- What about the Mozilla’s Fennec mobile browser? If you want to know my opinion, they might be late to the party.
- What about other browsers like Skyfire and Teashark?
It must be clear to everyone that today I have more spare time. Meetings are done for today, all I need to do is go to eat and then I have a few hours free.
I took a chance to clear a bit of my backlog of things I wanted to post on the blog, then.
Via Marco Casario I found out the Telefónica Móviles has partenered with Opera to provide to their users a custom version of Opera and Opera Mini.
They are not the first ones and to me is another demonstration of the quality of the Opera browser and that a better user experience will lead more users on internet using their phone.
There’s a full Press release, of course: Telefónica selects Opera Mini and Opera Mobile to deliver the mobile Web.