A vulnerability in the Safari 15 browser allows malicious programs to track people’s internet activity and reveal their identity
A recently disclosed Apple Safari 15 bug can be used by nefarious sites to extract people’s browsing history and obtain their Google ID to collect more personal data, a fraud detector reports.
The problem identified by FingerprintJS, a browser fingerprinting fraud detection service, resides with IndexedDB – an application programming interface, or API, used to store large amounts of data on a browser.
Normally, such data collecting interfaces operate within the ‘same-origin’ policy: they only allow websites a person interacts with to access data generated by each such website itself but not the other ones. For example, if a person opens their email account in one browser tab and another webpage in the second one, this webpage would not be able to access any email-related data.
When it comes to Safari 15, though, this is not the case. Due to Apple’s application of the IndexedDB API, each time a website interacts with the browser database, a new database of the same name is created for all other active tabs. That means that each such site can access database names for all other sites a person interacts with at the same time.
This can be particularly disturbing when a person interacts with some web pages requiring some personal data like YouTube or Google accounts. Any Google ID-linked pages create databases with a person’s unique Google User ID in their names, which are then de-facto shared with all other websites a person opens and can thus be potentially exploited by nefarious actors, including to obtain more personal data once they know the Google ID.
MacOS owners can potentially just use a browser other than Safari to get around the bug but there is little iPhone and iPad owners can do since Apple’s third-party browser engine ban on all iOS devices means all browsers are affected. Private mode on Safari 15 is affected as well.
FingerprintJS even created a special demo to show how website data, browsing history and personal data are collected by Safari in a way that reveals a person’s internet profile picture. It also said it reported the issue to the WebKit Bug Tracker on November 28, but no updates to fix the issue have been released as of yet. Apple also has not answered media requests for comment so far.
source: RT
Împotriva articolelor redacției noastre, persoanele nemulțumite pot formula Contestație în termen de 10 zile de la publicarea articolului, la judecătoria Orășenească nr. 1 München Bayern Deutschland, in conformitate cu Legea federală Germană. Considerăm că nu se pot formula acțiuni la instanțele din România deoarece nici o persoană care activează în trustul nostru nu poate fi extrasă de sub jurisdicția federală germană. Considerăm că redacția noastră nu răspunde în fața autorităților din România ci doar celor federale sau civile germane. deoarece legea română nu are efecte de extraneitate asupra redacției chiar dacă subiectul știrilor face obiectul unor evenimente sau persoane din România și sunt scrise în limba română. Limba română nu este izvor de extraneitate a legii.
absolvent WEB DESIGN Academia Britanică de Comunicare Iasi - absolvent COMUNICARE IN AFACERI Academia Britanica de Afaceri si Comunicare -absolvent JURNALISM EDITORIAL - London School University - 2019 inscris la echivalare diploma la Universitatea Politehnica Timisoara - absolvent studii de Drept Universitatea Europeană Drăgan, cursuri in Drept la Universitatea de Vest Timisoara, absolvent studii de proiectare, pastor coordonator in Biserica Protestanta Evanghelica,
Android Developer pe Google Play și plugin developer la Oxwall, creator de teme Wordpress și Oxwall, operator Wordpress, Drupal, Oxwall, Osclass, Moodle, tehnologii HTML și PHP
Lockheed Martin and Raytheon Technologies have drawn Beijing’s ire for supplying weapons to Taipei China has imposed sanctions on two major American arms manufacturers, Lockheed Martin and Raytheon Technologies. The decision, which was announced by Chinese Foreign Ministry spokesperson Wang Wenbin on Monday, targets the two companies over their involvement in the “supply of American […]
US President Joe Biden claimed that he met with former Israeli PM Golda Meir during the Six-Day War – a time before she held the office and while he was still in law school. Speaking at a menorah lighting for Hanukkah on Thursday, Biden claimed he had been a “liaison” between Israel and Egypt at […]
Researchers said the animals’ reproductive organs reduced in both size and weight Researchers have found that Covid-19 infection in hamsters causes several unwanted effects on their reproductive organs. The infection results in shrunken testicles, an acute decrease in sperm count, and a reduction in testosterone levels. The study, published on Friday in the peer-reviewed journal […]
