Media

• E-Commerce
• Investing
• Marketing and Advertising
• News and Media
• Business Services

Popular tags

• the
• to
• market
• united
• states
• united states
• states united
• llp
• announces
• global
• of
• stock
• earnings
• business
• stocks
• in
• call
• report
• data
• results

Keywords

2022-01-16 21:07:11| Engadget

Apple device users appear to be vulnerable to a significant browser privacy flaw. According to 9to5Mac, FingerprintJS has disclosed an exploit that lets attackers obtain your recent browser history, and even some Google account info, from Safari 15 across all supported platforms as well as third-party browsers on iOS 15 and iPadOS 15. The IndexedDB framework (used to store data on many browsers) is violating the "same-origin" policy that prevents documents and scripts from one location (such as a domain or protocol) from interacting with content from another, letting appropriately coded websites deduce Google info from signed-in users as well as histories from open tabs and windows.The flaw only compromises the names of the databases rather than the content itself. However, this would still be enough for a malicious site owner to grab your Google username, discover your profile picture and otherwise learn more about you. The history could also be used to piece together a rudimentary profile of the sites you like. Private browsing won't defeat the exploit, FingerprintJS said.We've asked Apple for comment. FingerprintJS said it reported the issue on November 28th, however, and that Apple hadn't yet addressed it with security patches honoring same-origin policy. Until then, the only solution may be to either use a third-party browser on Macs or block all JavaScript, neither of which is necessarily an option.

Category: Marketing and Advertising

Latest from this category

15.12 Even Uber has an end-of-year wrap-up now 15.12 iRobot has filed for bankruptcy and may be taken over by its primary supplier 15.12 For two days, a Dutch bakery turns asylum seekers into pastry makers 14.12 Google pulls AI-generated videos of Disney characters from YouTube in response to cease and desist 14.12 Grok is spreading inaccurate info again, this time about the Bondi Beach shooting 14.12 Kindle's in-book AI assistant can answer all your questions without spoilers 14.12 Ayaneo's first smartphone is a major callback to the Xperia Play 13.12 A new AAA Alien game is reportedly in the works Marketing and Advertising »

All news

15.12 Even Uber has an end-of-year wrap-up now 15.12 Ofcom investigates BT and Three for failing to connect 999 calls 15.12 CPS lunchroom workers near six months without a contract: No one sees us 15.12 Bleacher Report has cracked the Gen Z code with Creator League 15.12 Boredom is the new burnout, and its quietly killing motivation at work 15.12 iRobot has filed for bankruptcy and may be taken over by its primary supplier 15.12 The AI revolution is making everything from PCs to smartphones even more expensive 15.12 If you want to be a better boss, science says stop serving feedback sandwiches More »