Apple is constantly working to protect the data of users in Safari, so that the focus of this browser is on protecting the privacy of users, and in this regard, introduces various initiatives to prevent the tracking of user data; However, according to appleinsider, there seems to be a flaw in the way the Safari browser works, which has wasted all the company’s efforts.
Browser Security Assessment Service (FingerprintJS) said in a post that there is a problem with the implementation of Apple’s API indexed database in Safari version 15, which allows any website to track users’ browsing activity and could potentially reveal their identities. سازد.
IndexedDB typically restricts websites from accessing users’ data by following the same policy for all operating systems, and only accesses the website that generated the data; But IndexedDB in version 15 of Safari for Apple’s desktop operating system (macOS), Apple’s mobile operating system (iOS) and Apple’s operating system (iPadOS) violates the policy from the outset, and whenever a website interacts with its database, the database Creates a new blank with the same name “in all other active frames, tabs and windows in the same browser”.
Safari Bug 15 can allow websites to access user information and open windows and tabs instantly
Safari browser bug version 15 Shares the same authentication credentials, or the same as Google verified user IDs, using the uniqueness of user IDs on websites such as Gmail and YouTube.
Google Account ID refers to a single account that contains the user’s personal information. This bug extracts the user ID from Google APIs and allows other sites to fully identify the user.
Even using a private safari window does not protect users in the buggy version of version 15, but opening just one tab per safari window may limit its effectiveness.
How to protect data in Safari 15
Another temporary method that can be done on Apple’s desktop operating system (macOS) is to use another browser such as Chrome; This method is not available for users of Apple’s mobile operating system (iOS) and Apple’s operating system (iPadOS).
Finally, the researchers stated that “the only definitive way to protect data is to update your browser or operating system as soon as the problem is resolved by Apple.”
Which way do you choose to protect your data?