Google finds a serious security vulnerability in Apple's Safari Browser |
According to the "Financial Times," Google researchers have revealed details of several vulnerabilities in the Apple Safari web browser that can be used to track user browsing behavior, although the vulnerability tool is specifically designed to protect user privacy.
The British newspaper added that Google first reported weaknesses in the anti-tracking feature called "smart tracking prevention" last August.
Since then, researchers from the Google Cloud team have identified five potential attacks that may be caused by security vulnerabilities in an article that will be published in the Financial Times, so third parties can "obtain confidential private information about" user browsing habits.
The newspaper quoted independent researchers in the security field as saying: "You will not expect privacy-enhancing technologies to pose a risk to privacy." He added: "When it is developed or used, it is permissible to have these security vulnerabilities without confirmation. Track users and not control them." At present, the problems of confidentiality improvement mechanisms are very unexpected and intuitive. "
Apple introduced Smart Tracking Protection in 2017. Their specific goal is to protect Safari users from online tracking by advertisers and third-party cookies. Privacy advocates see the tool as the most advanced technology to improve web browser privacy, and competitors, including Google Chrome, have had to improve their tracking process.
According to Google researchers, these vulnerabilities revealed personal information because "(Intelligent Tracking Protection) implicitly lists information stored on user-visited sites" researchers have also discovered a vulnerability that enables hackers to "create consistent fingerprints that users can follow on the web" while others can Disclosure of what a single user is searching for on a search engine page.
Apple repaired the hack last December, but has not released any details. Meanwhile, a data protection technician (John Welder) published an article about the browser security update. In the article, Wilander thanked Google researchers for discovering this vulnerability.
Note that this is the second time in the past year that Google researchers have discovered a vulnerability in Apple's software. In August, researchers found that many of the malicious sites that had invaded iPhones in the past two years had been targeting the Chinese Uighurs. ,