A preview of Google's research, first spotted by The Financial Times, reveals that security flaws in Apple's Safari could expose users' virtual footprint to tracking websites. In specific, Google researchers claimed that Apple's implementation of its Intelligent Tracking Prevention feature fell short of doing its job.
The research indicates that engineers spotted the flaws last year and reported them to Apple in August. Although specific information about the issues will be released in the near future, Google researchers have already told Apple that the vulnerabilities in its Safari could expose users to at least five types of cyberattacks, according to MacRumors.
To refresh your memory — In 2017, Apple introduced its Intelligent Tracking Prevention List as a feature to mitigate any stealthy documentation and tracking of users' internet histories. This feature was designed to prevent websites from creating full browsing profiles, maps, and virtual fingerprints of people.
Bad actors let loose — Google researchers told Apple that the faulty tracking prevention feature in place could allow for the exposure of "sensitive private information about the user's browsing habits," MacRumors reported. They added that the issue lied in the company's preventative measure which "implicitly stores information about the websites visited by the user." Per MacRumors, Lukasz Olejnik, a security researcher, said that if the security issues were not robustly addressed, it "would allow unsanctioned and uncontrollable user tracking."
A work in progress — In the past, Apple has admitted that its feature requires updates and tweaking. For example, in December, the company updated Safari with supposedly strengthened anti-tracking capabilities, vowing to do better for its users. The company even thanked Google for its "responsible disclosure practice," too. Clearly, there's still room for more improvement.