Apple Fixed Tracking Flaws In Safari, But Google Director Disagrees

Google security researchers have published a paper which detailed a tool that Apple developed to halt web tracking, but which actually contained a number of flaws.

The ‘multiple security and privacy issues’ were found in Safari’s Intelligent Tracking Prevention (ITP) feature, according to a paper published on the matter. The tool was designed to block tracking software used by digital advertisers, but can be exploited to do the exact opposite, Google said.

Google reportedly told Apple about the problem with five flaws in August 2019, and in December Apple published a blog post saying it had fixed the issues and it thanked Google for its help.

Tracking flaw

According to the report among those issues Google found with ITP was a feature that stores information about websites visited by the user.

A flaw in the technology also could potentially allow hackers to “create a persistent fingerprint that will follow the user around the web”.

Other vulnerabilities Google researchers apparently discovered in ITP allowed third parties to observe what individual users were searching for on search engine pages.

Apple has worked hard over the years to protect user privacy and has installed anti-tracking technologies across its portfolio. Apple for example added ITP to Safari in 2017 to protect users from being tracked by third parties.

Not fixed

But it seems as though Google doesn’t believe that Apple has actually patched the problem, despite its claims that it had.

This week on Twitter, Google Chrome Engineering Director Justin Schuh tweeted that the actual vulnerabilities have not been fixed, despite Apple’s claim.

“No, I can assure you that they still haven’t fixed these issues, which is what made that blog post last year so weird,” tweeted Schuh in a thread. “Apple didn’t disclose the vulnerabilities or appropriately credit the researchers, but put out a post implying they fixed ‘something’”.

Do you know all about security? Try our quiz!

Tom Jowitt @TJowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple Shareholders Vote On Chinese App Removal Policies

Apple's policy to obey Chinese government orders to remove certain apps from its App Store in China is facing a…

10 hours ago

Google To Spend Billions On US Data Centres

Alphabet CEO Sundar Pichai confirms plan to spend $10 billion in 2020 on Google data centres and offices across the…

11 hours ago

NTSB Slams Tesla’s Autopilot Safeguard, Blames Regulator Oversight

Tesla and US safety regulators criticised over a lack of safeguards in a fatal 2018 Autopilot crash by US National…

12 hours ago

AI and Public Standards

As the Committee on Standards in Public Life release their awaited report considering AI and its impact on the delivery…

14 hours ago

US Supreme Court Rejects Apple Appeal Against VirnetX

Bad news for Apple, as the US Supreme Court rejects iPad maker's appeal against a $440m patent infringement financial penalty

16 hours ago

Met Boss: Facial Recognition Less Concerning Than Knife In Chest

The United Kingdom's most senior police officer Cressida Dick has strongly defended the use of facial recognition by police forces

18 hours ago