Google researchers team confirmed major breach in Apple’s privacy software
The researchers working with Google have exposed details of several security flaws in the web browser of its competitor Apple. According to the vulnerability, the user’s browsing behavior is being tracked, even though the tool was generated to protect the privacy of the users.
The issues were ironically figured out via an anti-tracking mode commonly known as Intelligent Tracking Prevention. Last year in August, Google informed Apple about the issue.
In a research paper that will be published shortly by The Finance Times. The researcher working for the Google Cloud team has found out five unique types of cyber-attacks that could have been resulted from the security flaw. It would allow third parties to get sensitive private information regarding the browsing habit of the user.
An independent security researcher, Lukasz Olejnik said: “You would not expect privacy-enhancing technologies to introduce privacy risk. If exploited or used these vulnerabilities will allow unsanctioned and uncontrollable user tracking.”
He further added: “While today such privacy vulnerabilities are very rare, issues in mechanisms designed to improve privacy are unexpected and highly counter-intuitive.”
Apple launched the Intelligent tracking prevention back in 2017 intending to protect the users of the safari browser from getting tracked around the web by the advertiser and the cookies of the third parties.
According to the privacy advocate, the tool helps in enhancing the privacy of the browser. Not just that, the technology has also forced Google Chrome for augmenting its tracking control systems.
As per the claim of the Google researcher the flaw left personal data exposed because the ITP list stores information about the website visited by the user.
Apple addressed the security flaw without giving off any detail in December of last year. A privacy engineer of the company John Wilander posted a blog post regarding security updates in the browser software. He thanked the Google researchers in it upon sending the report. He further confirmed that Apple patched up the flaw.
In a statement, Google said: “Our core security research team has worked closely and collaboratively with Apple on this issue. The technical paper simply explains what our researchers discovered, so others can benefit from their findings.”