Safari 3.0 for Windows: blazing fast yet insecure?

So, how about that WWDC keynote, eh? No new iMacs. No new cinema displays. No 8-core, touchscreen-enabled, ultraportable, translucent Mac tablet. Come to think of it, there was no new hardware at all, making this the first hardware-free WWDC keynote in six years. Just about the only real surprise was the announcement that Apple has ported its Safari browser to Windows--a move that has left even Microsoft fans scratching their heads. The browser market is already pretty crowded and Safari really has its work cut out for it if it hopes to compete with IE's installed user base and Firefox's extensive library of plug-ins and extensions. What is Apple thinking?

The answer to this question came at the end of Steve Jobs's keynote, during his discussion of Apple's strategy for third-party iPhone development. Apple wants to transform Safari from a browser into a fully-fledged Web 2.0 development platform (see today's story, "No iPhone SDK means no real third-party apps") and conversely, wants web developers to support it. Safari's current 5 percent marketshare is suspiciously close to the Mac's U.S. marketshare--which suggests that the browser's user base has hit a ceiling. By releasing Safari for Windows, Apple is giving the browser some room to grow and if Safari's marketshare increases, developers will have more reason to support it.

While that's all well and good, Apple faces an entirely new threat with the Windows version of Safari: Windows browser bugs. Web browsers are just about the most frequently targeted Windows applications and the more Safari's marketshare grows, the more hackers will take notice. As if to welcome Safari to the neighborhood, David Maynor (famous for the "MacBook hack") released four denial-of-service bugs and two remote execution vulnerabilities for the browser, while researcher Thor Larholm discovered a bug that would allow for remote-code execution--all during the software's first day of release. Let's hope that Apple knows what it's getting into here.

Last, but not least, what about the browser itself? According to Apple, Safari's primary selling point is the fact that it is "2 times faster than Internet Explorer 7 and up to 1.6 times faster than Firefox 2" and in our tests, the browser was significantly faster at rendering HTML pages than IE7, Opera 9 and Firefox 2 under Windows XP. As far as look and feel, it's very similar to Safari on the Mac--both in terms of its UI and the way that it renders pages. However, Safari is still missing some features that have become standard for modern browsers (a multiple engine/site search box, a "recently closed tabs" feature) and the browser's brushed-metal look doesn't render quite right on Windows. It's important to note, however, that this is beta software; hopefully some of these flaws will get ironed out during the next few weeks. Safari 3.0 is currently available as a public beta for Windows XP, Vista and Mac OS 10.4 and 10.5 (beta).

For more on Safari 3.0:
- download the beta at Apple's website
- and see this press release

For more on the Safari 3.0 bugs:
- see this Slashdot article