Google Has Found Flaws In Apple's Privacy Feature, Again!

For years, Apple has touted its privacy as a selling point for its products, and the company has developed several tools to ensure user privacy for its customers. What if you found out that all those claims were not so true? What if a privacy feature turned out to be a vulnerability?

According to a paper published a few days ago, Google’s security engineer group Arxiv.org came across many flaws in Safari, a browser developed by Apple. The flaws reportedly allow potential hackers to look into users’ history as well as enable websites to track users over the web.

The flaws were found in the Intelligent Tracking Prevention feature (ITP) in the browser, which was unveiled for the first time in 2017. In fact, the feature was meant to keep users safe from cookies tracking them.

ITP logs their use and blocks websites from doing any activity. The websites would be termed as “prevalent domains” as soon as it noticed that the sites were sending data, it would then add them to an ITP list.

However, the logging process gives potential hackers a way to access a user’s detailed web history. A site was able to check the ITP status of certain domains and could manipulate the list, posing security threats to users. But Apple said that the company has fixed the flaws.

Google’s researchers used to find vulnerabilities in Apple’s systems before. Last year, for example, the Do Not Track feature helped sites track users better by creating some kind of digital fingerprint. Acknowledging the flaws, in December 2019, Apple announced that it had fixed the bugs.

In a statement, WebKit engineer John Wilander at Apple said:

>>> What Apple And Google Should Do To Improve iOS And Android