Stop using Safari right now, at least for now. Safari is an unsafe web browser on Mac, iPhone, and iPad due to an unpatched security issue.
- Stop using Safari right now (Reason)
- What to do
Despite the recent unfavorable publicity about AirTags transforming the surveillance industry, Apple has a strong reputation when it comes to privacy and security when compared to other big digital companies.
Knowing this, it may come as a surprise that Apple’s own internet browser, Safari, is currently unsafe to use on any of the company’s platforms, including Mac, iOS, and iPadOS.
Through an IndexedDB software bug, a severe Safari bug can expose some of your Google Account data and browser history to theft.
When you visit a website, you should be able to access only the databases produced by that website’s web address.
This flaw, on the other hand, allows websites to see other databases and scrape them for information like your Google Account avatar, personal information, or browsing history.
This problem can be seen in action on FingerprintJS’ test site Safari Leaks. When you access it in Safari, the site may be able to automatically detect your Google User ID.
Even if it can’t, you may access any of the company’s test websites in a new tab and then return to Safari Leaks to see your browsing history reported almost instantly.
Safari Leaks would not be able to obtain this type of information if Safari were functioning properly, as the site would only be able to access data from databases generated by its domain.
It can, however, scrape data from websites that use the IndexedDB JavaScript API, such as Alibaba, Instagram, Twitter, and maybe more.
The flaw was first reported by FingerprintJS on January 14, however, it wasn’t the first time it was made public.
According to FingerprintJS, this defect was reported to the WebKit Bug Tracker on November 28 of last year, but Apple didn’t start working on a fix until Sunday, January 16, meaning the bug has been unfixed for at least seven weeks.
Apple is now working on a fix for this security flaw, but Safari will remain susceptible until it is released.
What are your options for dealing with the Safari security threat?
If you’re on a Mac, you can just use another browser as a workaround.
Choose from Chrome, Firefox, Edge, or Opera. Unfortunately, those of us using iOS and iPadOS can’t say the same
While these browsers are available on the App Store, they are not the same as those available on Mac.
Apple, being Apple, refuses to allow third-party developers to create full-fledged browsers for the iPhone and iPad.
Developers, on the other hand, get to add their browser’s functionality to Safari and “sell” it as a standalone browser. While Chrome on iOS appears to be a mobile version of the desktop browser, it’s actually Safari with a Google skin applied.
Sure, you can utilize features like data sync between Chrome on your Mac and your iPhone, but the one you use on your phone is Apple’s core.
Normally, this isn’t a big deal (although it is annoying). However, unlike on a Mac, you are unable to change your browser due to security concerns.
Using the internet on an iPhone or iPad, regardless of which “browser” you use, is risky until Apple delivers a fix for Safari across its three major platforms.
source: 9to5mac
