Xorte logo

News Markets Groups

USA | Europe | Asia | World| Stocks | Commodities



Add a new RSS channel

 
 


Keywords

2022-01-16 21:07:11| Engadget

Apple device users appear to be vulnerable to a significant browser privacy flaw. According to 9to5Mac, FingerprintJS has disclosed an exploit that lets attackers obtain your recent browser history, and even some Google account info, from Safari 15 across all supported platforms as well as third-party browsers on iOS 15 and iPadOS 15. The IndexedDB framework (used to store data on many browsers) is violating the "same-origin" policy that prevents documents and scripts from one location (such as a domain or protocol) from interacting with content from another, letting appropriately coded websites deduce Google info from signed-in users as well as histories from open tabs and windows.The flaw only compromises the names of the databases rather than the content itself. However, this would still be enough for a malicious site owner to grab your Google username, discover your profile picture and otherwise learn more about you. The history could also be used to piece together a rudimentary profile of the sites you like. Private browsing won't defeat the exploit, FingerprintJS said.We've asked Apple for comment. FingerprintJS said it reported the issue on November 28th, however, and that Apple hadn't yet addressed it with security patches honoring same-origin policy. Until then, the only solution may be to either use a third-party browser on Macs or block all JavaScript, neither of which is necessarily an option.


Category: Marketing and Advertising

 

Latest from this category

23.05Elon Musk Lost $10 Billion In Net Worth In A Single Day After Sexual Misconduct Claims Emerged
23.05Why San Francisco's New Bus Rapid Transit System Is A Game Changer
23.05Pampered Pooches Ride Japan's Shinkansen In Style
23.05The Morning After: Will EA be the next gaming giant to sell itself?
23.05John Oliver Breaks Down Why Subway Restaurants Are Everywhere
23.05Russian Soldier Sentenced To Life In Prison In Ukraine's First War Crimes Trial Since Invasion
23.05Clearview AI fined 7.5 million and told to delete all UK facial recognition data
23.05Londons railway of the future is finally here
Marketing and Advertising »

All news

23.05Elon Musk Lost $10 Billion In Net Worth In A Single Day After Sexual Misconduct Claims Emerged
23.05Why San Francisco's New Bus Rapid Transit System Is A Game Changer
23.05Pampered Pooches Ride Japan's Shinkansen In Style
23.05Italy: Performance Bond: Introduction - Mora & Associati Studio Legale
23.05The Morning After: Will EA be the next gaming giant to sell itself?
23.05John Oliver Breaks Down Why Subway Restaurants Are Everywhere
23.05India: Supreme Court Strikes Down Reverse Charge On Ocean Freight - Khaitan & Co
23.05Cyprus: Blockchain Fest 2022 Cyprus - Chrysostomides Advocates & Legal Consultants
More »
Privacy policy . Copyright . Contact form .