News

Google reveals security flaws in Apple’s Safari anti-tracking feature

Flaws in the Intelligent Tracking Prevention allowed Safari users to be tracked

23 Jan 2020

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 23 Jan 2020

Google researchers have discovered significant security flaws in a privacy feature in Apple’s Safari browser, which allowed for user browsing behaviour to be tracked.

In an as-yet-unpublished report seen by the Financial Times, Google researchers found that multiple flaws in Apple’s Intelligent Tracking Prevention (ITP) feature in Safari, which, somewhat ironically, enabled third parties to gain access “sensitive private information about the user’s browsing habits”.

Related Resource

Don't overlook your email archiving systems

Business users benefit from tools that balance productivity and compliance needs

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_resource-card-mobile@1/v1573813874/itpro/Whitepaper%20covers/Don_t_overlook_your_email_archiving_systems.png { display: none !important; }

Download now

Despite being designed to prevent users from being tracked around the web by advertisers and third-party cookies, according to Google’s report, the flaws in ITP placed Safari users’ personal data at risk, making it possible for confidential information, such as browsing behaviour, to be obtained by those who shouldn’t have access to it.

The report also claims that Google representatives informed Apple about the security flaw in August 2019.

Apple acknowledged the report in a blog post written by privacy and security engineer John Wilander in December.

“We’d like to thank Google for sending us a report in which they explore both the ability to detect when web content is treated differently by tracking prevention and the bad things that are possible with such detection,” said Wilander. “Their responsible disclosure practice allowed us to design and test the changes detailed above.”

Apple has reportedly fixed the security issues with ITP last year.

The news comes only months after Google researchers exposed a wide-ranging Apple and Android phone-hacking scheme which targeted the persecuted Uighur minority in China.

Google and Apple had previously clashed over Safari when a High Court blocked a mass lawsuit over iPhone data.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638974102/itpro/Whitepaper%20covers/Diligent_Modern_Governance_cover.png { display: none !important; }

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1622545081/itpro/Whitepaper%20covers/Cloud_Op_Excellence.jpg { display: none !important; }

Watch now

A buyer’s guide to board management software

Improve your board’s performance

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638982070/itpro/Whitepaper%20covers/board_management_software_thumb.png { display: none !important; }

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638972797/itpro/Whitepaper%20covers/content_syndication_story_idc_business_brief_adw__1_.jpg { display: none !important; }

Download now

Google reveals security flaws in Apple’s Safari anti-tracking feature

Flaws in the Intelligent Tracking Prevention allowed Safari users to be tracked

Most Popular

Get the IT Pro newsletter

Get the free daily newsletter from IT Pro, delivering the latest news, reviews, insights and case studies