Do Not Use Safari On Your iPhone: A Bug Discovered To Collect Your Personal Data

0

Apple iPhones have some very cool features, like the new walkie-talkie mode they just got through Teams. But if you have a phone from the Cupertino-based manufacturer, you better not use Safari until they fix the latest bug.

We are talking about a dangerous security flaw in Safari that reveals some of the information in your Google account, in addition to the most recent browsing history, so we are not exactly talking about a trivial issue.

As the FingerprintJS folks have discovered, it seems that this bug in Safari allows you to see some of the history information, as it shows the most recent browsing, as well as data related to the Google account you are using.

At the moment there is no solution to this bug in Safari for iOS and Mac

From FingerprintJS they indicate that the bug is related to the implementation of IndexedDB in Safari on Mac and iOS, which makes it possible for a web page to see the names of the databases of any domain. In addition, they have published a video showing in detail how this dangerous security flaw works in Apple’s browser that reveals users’ private information.

Remember that Google services have an instance of IndexedDB for each of the accounts on the phone, in addition to adding the corresponding database name to your Google ID.

Through the exploit that has been detected, a malicious web page could have access to your Google user ID to discover all kinds of personal information through API requests made by other Google services. For example, in the test performed you can see the user’s profile picture.

In this way, any website that relies on the IndexedDB JavaScript API could be vulnerable to this data theft. To say that, at the moment, all current versions of Safari for iPhone, iPad and Mac are vulnerable through this security flaw.

Worst of all, FingerprintJS reported this bug to Apple on November 28, 2021, but to this day they still haven’t fixed this security flaw in Safari. So, until they fix the problem, it is best to bet on another browser and save yourself an unnecessary headache.