Security researchers have uncovered in Apple's Safari browser by Google researchers.
According to a new report from the Financial Times (opens in new tab), the flaws were found in Safari's Intelligent Tracking Prevention feature that is designed to protect users from cross-site tracking and other online privacy issues.
The report references a new paper (opens in new tab), written by researchers from Google's cloud team, which provides a more in-depth explanation on the vulnerabilities. In total, the researchers identified five different attacks that could occur as a result of the security flaws in Safari.
- Find out how to enable Chrome dark mode
- Chrome, Edge and Safari all fall to hackers in Chinese contest
- Apple reversed plans for fully encrypted backups
Tracking Prevention
According to Google's researchers, the Intelligent Tracking Prevention platform left users' personal data exposed because of how it “implicitly stores information about the websites visited by the users”.
One of the security flaws discovered by the researchers could even be exploited by hackers to “create a persistent fingerprint that will follow the user around the web” while other flaws “were able to reveal what individual users were searching for on search engine pages”.
The irony is that security flaws in Apple's Intelligent Tracking Prevention platform actually made users vulnerable to the kind of tracking the feature was designed to prevent in the first place.
Google informed Apple regarding the vulnerabilities in August of last year and the iPhone maker has since fixed them. However, Google Chrome engineering director Justin Schuh recently said on Twitter that the actual vulnerabilities have not yet been fixed, so it might be best to turn off Intelligent Tracking Prevention in Safari for now.
- We've also highlighted the best VPN services
Via 9to5Mac (opens in new tab)