Safari and security concepts are almost synonymous. In recent years Apple so much progress in the field of protection of user data, even unwittingly undermined the current Internet economic model. Because of the mechanisms that prevent cross-tracking sites actually lost the ability to follow users and show them relevant ads. So when it was revealed that Apple do not get much sends information about visited web pages, a seriously strained.

Professor of cryptography at Johns Hopkins University’s Matthew green found outthat the mobile version of Safari checks for phishing sites, passing information about them to the experts Tencent. This is a Chinese company which is engaged in research in the field of information security. In addition to Tencent, a similar data set gets more and Google, but if the search giant most users claims, in General, no, the fact that in Cupertino are voluntarily feeding information to some Chinese firm, makes you wonder.

Apple merges your data. Why is it dangerous

In the end, if the company is Chinese, so is under the jurisdiction of China and subject to the laws of this country. It turns out that the Chinese authorities can at any time request from Tencent required a data packet, which includes information on the resources visited by users and their IP addresses. So the Chinese secret service easily can find out which sites a particular user visits and where he does it.

Inspection of sites is performed by special mechanisms that Apple has built into Safari. They collate data about the site, which is at the moment, with the data available to Google and Tencent. However, in the process of reconciliation, the user is required to provide not only the URL but also your IP address and access to the cookies that Tencent and Google can change if the situation requires. So in theory this information can really be used to deanonimizatsii specific individuals.

What is hidden in the user agreement Apple

However, with Apple in this situation, bribes are smooth. Because the company never hid that sends data in Tencent. You can verify this in the user agreement the Safari, which they themselves adopted. To do this, go to Settings — Safari — “the Search Safari and privacy” — “More” — Safari. There’s a section “Substitution site” clearly States that Safari can send the services of Google safe browsing and Tencent web site and your IP address. Such a disclaimer can be found in iOS 13, iOS 12.

Advertisements