Sometimes and when we least expect it there arises a security problem. That’s exactly what happened with Apple and with a bug in Safari that could reveal personal data from our iPhone, iPad or Mac. The security company FingerprintJS reveals that any website now has the ability to check our Internet activity. This bug is in the API used and supported by most browsers.
Safari Bug May Reveal iPhone and Mac Personal Data!
An API is something that allows programmers to link pieces of software together. This makes application development easier. One of the APIs, called IndexedDB, is supported by the vast majority of browsers aggregates a significant amount of data.
This bug in iOS 15, iPadOS 15 and macOS allows some websites to find out which pages we visited in other windows and tabs. This is possible because sites like YouTube, Google Calendar and Google Keep use unique identifiers in their database. As a result of this, authenticated users can be identified as databases are created that include Google IDs belonging to people who have visited the sites.
The Google ID gives an attacker a large set of personal data. Each of them can be used to identify a specific Google account and in combination with the Google API can reveal at least our profile picture. In addition, it can help you discover other accounts used by that person.
However, the security company FingerprintJS verified the 1000 most visited sites around the world and found that 30 of them interact with these databases without the user having to interact or identify themselves to them. However, worse than that is that even in Safari’s private mode, if you visit multiple websites on the same tab, it is possible to collect data.
How to avoid this?
If you want to check if you have this problem then just open Safari on iPhone or iPad and visit the website safarileaks.com. Then just follow the directions. Afterwards, the name of the last site you visited will appear.
Now we just have to wait for Apple to update iOS and iPadOS and the problem will be solved. In the case of Mac, just use Chrome or Firefox to avoid this problem.