Multiple security flaws have been exposed by Google researchers in Apple’s Safari web browser, that lets potential hackers track a user’s behaviour online. And the irony? The very tool that allowed tracking of users browsing behavior was indeed specifically designed to protect their privacy. This is the third browser whose vulnerability has been found this week after bugs were found in Mozilla’s Firefox and Microsoft’s Internet Explorer that compromised user security.
Google’s cloud team informed Apple of five different types of potential attacks that could be carried out using the vulnerabilities. These vulnerabilities give access to users sensitive private information about users’ browsing habits. They can be further exploited to get access to uncontrollable user tracking
The vulnerability has been found in Browser’s anti-tracking tool- Intelligent Tracking Prevention (ITP) which is in complete contrast to its assigned name. It was first disclosed to Apple in August last year. This Intelligent Tracking system was added to Safari in 2017, with the main objective of protecting users from being tracked by advertisers and other third parties cookies.
This ITP tool was earlier seen as a major step in privacy enhancing technology for web browsers and even google has to incorporate it into its Chrome browser. The main problem with ITP of Safari is the user-specific aspect of its algorithms on device, which detects user behavior which is partly the reason for risk of information leak.
“While today such privacy vulnerabilities are very rare, issues in mechanisms designed to improve privacy are unexpected and highly counter-intuitive,” said Lukasz Olejnik, an independent security researcher
Apple has not yet commented on whether the vulnerability has been fixed or not.
This is not the first time Google researchers have helped Apple address security flaws in its software. Apple acknowledged last year in tracking privacy attacks on its iPhone users. Google in August unfolded a series of websites delivering planned attacks on iPhones owned by Uighur minority in China.