Safari 15 makes web browsing information available to websites

Apple is constantly working to protect the data of users in Safari, so that the focus of this browser is on protecting the privacy of users, and in this regard, introduces various initiatives to prevent the tracking of user data; However, according to appleinsider, there seems to be a flaw in the way the Safari browser works, which has wasted all the company’s efforts.

Browser Security Assessment Service (FingerprintJS) said in a post that there is a problem with the implementation of Apple’s API indexed database in Safari version 15, which allows any website to track users’ browsing activity and could potentially reveal their identities. سازد.


An indexed API or IndexedDB database is a JavaScript application programming interface for browsers that manages data and stores it for offline user access; APIs are also software interfaces that implement communication between different software.

IndexedDB typically restricts websites from accessing users’ data by following the same policy for all operating systems, and only accesses the website that generated the data; But IndexedDB in version 15 of Safari for Apple’s desktop operating system (macOS), Apple’s mobile operating system (iOS) and Apple’s operating system (iPadOS) violates the policy from the outset, and whenever a website interacts with its database, the database Creates a new blank with the same name “in all other active frames, tabs and windows in the same browser”.

Safari Bug 15 can allow websites to access user information and open windows and tabs instantly

Safari browser bug version 15 Shares the same authentication credentials, or the same as Google verified user IDs, using the uniqueness of user IDs on websites such as Gmail and YouTube.

Google Account ID refers to a single account that contains the user’s personal information. This bug extracts the user ID from Google APIs and allows other sites to fully identify the user.

Even using a private safari window does not protect users in the buggy version of version 15, but opening just one tab per safari window may limit its effectiveness.

How to protect data in Safari 15

Given how Safari 15 bug was revealed, it seems that users do not have many options to protect their data; Blocking JavaScript by default and enabling it only on trusted websites is one way to prevent data leaks in Safari, but it can damage the user’s web browsing experience.

Related article:

Another temporary method that can be done on Apple’s desktop operating system (macOS) is to use another browser such as Chrome; This method is not available for users of Apple’s mobile operating system (iOS) and Apple’s operating system (iPadOS).

Finally, the researchers stated that “the only definitive way to protect data is to update your browser or operating system as soon as the problem is resolved by Apple.”

Which way do you choose to protect your data?

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker