Share this:

Like this:

Stop using Safari right away (at least for now)

Image for article titled Stop using Safari immediately (at least right now)

Photo: Nicole Lienemann (Shutterstock)

Despite some negative press about AirTags revolutionizing the stalking industry, Apple has developed a good reputation for other big technology companies when it comes to privacy and security. When you know this, you might be surprised to hear that Apple's own web browser, Safari, is not safe to use right now anyone of the company's platforms, including Mac, iOS and iPadOS.

A critical Safari issue could leave some of your Google Account data and browser history open for theft through an IndexedDB implementation error. When you normally visit a site, that site should only have access to databases created by its own domain name. However, this bug allows websites to view other databases—and to scrape these databases for information such as your Google Account avatar, personal data or browser history.

Use of FingerprintJS 'test page Safari leaks, you can see this problem in action. Once you open it in Safari, the site may be able to grab your Google user ID right away. While it may not, you can open any of its test sites in a new tab and return to Safari Leaks to see that browser history is reported almost immediately. If Safari worked properly, this type of information would not be available to Safari Leaks, as the site would only be able to access data from databases created by its domain. But it can scrape information from Alibaba, Instagram, Twitter and potentially other sites using the IndexedDB JavaScript API.

FingerprintJS was the first to report the error, but its blog post on January 14 was not the first time the bug was published. According to FingerprintJS, this issue was posted to WebKit Bug Tracker on November 28 last year - but it was not until Sunday, January 16, that Apple began working on a patch, meaning the bug has been running untreated for at least the past seven weeks.

Now, Apple is officially working on a patch for this security flaw, but until the fix is ​​here, Safari remains vulnerable.

What to do about this Safari security threat

If you're on a Mac, just using a different browser is an easy solution. Chrome, Firefox, Edge, Opera, choose for yourself. Unfortunately, the same cannot be said about us on iOS and iPadOS. Even though you can find these browsers in the App Store, they are not actually the same browsers that you get on Mac.

Apple, like Apple, does not let developers make their own full-fledged browsers for iPhone and iPad. Instead, developers can add their browser features to Safari and "sell" it as a separate browser. While Chrome on iOS may seem like the mobile version of the desktop browser, it really is Safari with a Google skin on top. Of course, you can use handy features like data syncing between Chrome on your Mac and iPhone, but the one you use on your mobile is actually Apple's core.

Usually it is not one huge agreement (though it is annoying). However, with security issues, you can not replace your browser as you can on Mac. Until Apple issues a fix to Safari across its three major platforms, it will be risky to use the Internet on iPhone or iPad, no matter what "browser" you use.



Leave a Reply

Your email address will not be published. Required fields are marked *

Share this:

Like this:

%d bloggers like this: