Safari 15: Apple tackles serious privacy breach

Apple developers have filled a serious gap in Safari’s WebKit sub-structure. The vulnerability allows websites to gain insight into browsing activities and, under certain conditions, to clearly identify users.

An apple According to WebKit change Several code modifications have been implemented for this, so the original error report is considered “checked”.

For some reason yet unknown, since version 15 Safari has ignored the “Same Origin Policy” and thus one of the basic security concepts on the web. Instead of just being able to read their own content, scripts, and databases, websites can also display IndexedDB databases for other websites visited in the current browser session. This quickly provides a very comprehensive insight into your internet browsing behaviour.

In addition, these databases may contain account identifiers – such as the Google Account ID. This could make it possible for an attacker to identify the user.

A security researcher reported new vulnerabilities in Safari 15 to Apple last November, but it appears the company has not reacted for long. The group reacted only after widespread criticism and reports. The vulnerability appears to have been around since the browser was released with iOS 15, iPadOS 15, and macOS — until today. the page safarileaks.com Explains the problem.

Apple must now integrate the WebKit patch into its own operating systems or into the new version of Safari and deliver it to end customers. The update date is still unclear at the moment. An operating system update is required for iOS and iPadOS.

See also  Indie Arena Booth starts today and offers more than 250 games on your screen • Eurogamer.de

More from Mac & i

More from Mac & i

More from Mac & i

Mac users can switch to another browser until then. However, this doesn’t help iOS and iPadOS users because all browsers out there have to rely on WebKit for the infrastructure – so it has the same gap. Disabling JavaScript can reduce the problem somewhat, but it also makes many websites unusable.


(lbe)

to the home page

LEAVE A REPLY

Please enter your comment!
Please enter your name here