iOS 14.5 Beta Directs ‘Safe Browsing’ Traffic in Safari Through Apple Server Instead of Google to Protect Personal User Data


Starting with iOS and iPadOS 14.5, Apple will proxy Google’s “Safe Browsing” service used in Safari through its own servers instead of relying on Google as a way to limit which personal data Google sees about users.

iOS 14 safari feature

Safari on iOS and iPadOS includes a built-in feature called “Fraudulent Website Warning.” As Apple describes it, having the feature enabled will prompt Safari to warn users if they’re visiting a suspected phishing website, or in other words, a website attempting to steal your data such as username, passwords, and other information.

In order to provide this feature, Apple relies on Google’s “Safe Browsing,” a database/blocklist of websites crawled by Google of websites that it deems to be suspected phishing or scam. In practice Google sends Safari a list of hashed prefixes of URLs that it determines to be malicious/phishing, Safari then checks the website you’re trying to visit against the list from Google. Any match in hashed prefix will cause Safari to request the full URL link from Google, and by using the hashed prefix, Google never sees the website’s URL you’re trying to go to.

While Google doesn’t know which specific URL you’re trying to visit, it may collect your IP address during its interaction with Safari. Now on iOS/iPadOS 14.5, that’s no longer the case. As confirmed by the Head of Engineering for WebKit, Apple will now proxy Google’s Safe Browsing feature through its own servers instead of Google as a way to “limit the risk of information leak.”

Screenshots posted on Reddit of incoming/outgoing connections on a device running the latest iOS 14.5 beta shows a new “proxy.safebrowsing.apple” URL, and testing by MacRumors shows the same URL alongside “safebrowsing.g.applimg.com” and “token.safebrowsing.apple” being used to proxy “Safe Browsing.”

The new change in iOS and iPadOS is part of a comprehensive set of privacy-focused features for the iPhone and iPad and Apple’s recent forceful push towards more stringent privacy features/rules. In addition to the change in “Safe Browsing,” iOS 14.5 will also require apps to asks for user’s permission before tracking them across other apps and websites.

The new requirement called “ATT” or App Tracking Transparency has caused companies such as Facebook and Twitter to voice concerns about how the new feature will impact their bottom-line, specifically when it comes to personalized advertising.

Another noteworthy feature in the upcoming update is crowdsource reporting for accidents, speed traps, and hazards within Apple Maps. Apple released the first beta to developers and public beta testers last week and says that iOS and iPadOS 14.5 will roll out to the public in the “early spring.”





Source link