Privacy oriented search engine DuckDuckGo today released an updated version of its browser extension for desktop Safari users running macOS Catalina.
The launch comes after DuckDuckGo Privacy Essentials had to be removed from the Safari extensions gallery following major changes introduced in Safari 12 that made the extension incompatible. From the DuckDuckGo website:
As you may be aware, major structural changes in Safari 12 meant that we had to remove DuckDuckGo Privacy Essentials from the Safari extensions gallery. With Safari 13, new functionality was thankfully added that enabled us to put it back. Consequently, you'll need Safari 13+ on macOS 10.15 (Catalina) or newer to install the updated version.
DuckDuckGo Privacy Essentials blocks hidden third-party trackers on websites and features a Privacy Dashboard, which generates a Privacy Grade rating (A-F) information card whenever a user visits a site. The rating aims to let them see at a glance how protected they are, while providing additional options to dig deeper into the details of blocked tracking attempts.
While the extension doesn't include private search, DuckDuckGo Search is built into Safari as a default search option, and they work together to help users search and browse privately.
Following user concern over Apple using Chinese company Tencent as one of its Safe Browsing partners for Safari, Apple has issued a statement assuring customers that website URLs are not shared with its safe browsing partners.
For those unfamiliar with the feature, Safari sends data to Google Safe Browsing to cross reference URLs against a blacklist to protect users against scams and malicious sites. It recently came to light that Apple is also using Tencent for this purpose, and there was concern that data from users outside of China was being sent to Tencent.
According to Apple's statement, that is not the case, and Tencent is used for devices that have their region code set to mainland China. Users in the United States, the UK, and other countries do not have their website browsing checked against Tencent's safe list.
Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.
To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.
Safari occasionally receives a list of hash prefixes of URLs known to be malicious from Google or Tencent, choosing between them based on the device's region setting (Tencent for China, Google for other countries). Hash prefixes are the same across multiple URLs, which means the hash prefix received by Safari does not uniquely identify a URL.
Prior to loading a website, when the fraudulent website warning feature is toggled on, Safari checks whether a website URL has a hash prefix to match the hash prefixes of malicious sites. If a match is found, Safari sends the hash prefix to its safe browsing provider and then asks for the full list of URLs that have a hash prefix that matches the suspicious one.
When Safari receives the list of URLs, it checks the original suspicious URL against the list, and if there is a match, Safari shows the warning pop up suggesting users stay away from the site. The check happens on the user's device, and the URL itself is not shared with the safe browsing provider, but because Safari communicates directly with the safe browsing provider, the providers do receive device IP addresses.
Information about Apple's safe browsing partners can be found in the About Safari and Privacy screen, available in the Privacy and Security section of the Safari portion of the Settings app. Fraudulent website protection is enabled by default, and those still concerned about the safety check feature can turn it off by deselecting the "Fraudulent Website Warning" toggle.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Apple's Fraudulent Website Warning feature in Safari for iOS and Mac has come under scrutiny for using Chinese internet giant Tencent as one of its Safe Browsing providers.
The Safari feature has long sent data to Google Safe Browsing to cross-reference URLs against a blacklist and protect users against phishing scams and sites that attempt to push malware. However, it's unclear when Apple started sending user data to Tencent as well.
Apple notes in iOS that it sends some user IP addresses to Tencent, but most users are probably unaware of the fact. The mention can be found in the "About Safari & Privacy" screen, which is linked via small text under the Privacy & Security section in Settings -> Safari. The Fraudulent Website Warning feature is also enabled by default, so users aren't likely to know that their IP address may be logged unless they opt to view the information screen.
Apple's reference to Tencent has been found on devices running iOS 13, but some tweets suggest versions as early as iOS 12.2 also included the Chinese company as a safe browsing provider.
At this point, it's difficult to know for sure whether Apple users residing outside of China are having their data sent to Tencent, but the company appears to be mentioned on iPhones and iPads registered in the U.S. and the U.K., and possibly in other countries, too.
The privacy implications of shifting Safe Browsing to Tencent's servers are unknown, because Apple hasn't said much about it. However, according to Johns Hopkins University professor Matthew Green, a malicious provider could theoretically use Google's Safe Browsing approach to de-anonymize a user by linking their site requests.
As such, Green believes users "deserve to be informed about this kind of change and to make choices about it. At very least, users should learn about these changes before Apple pushes the feature into production, and thus asks millions of their customers to trust them."
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
An appeals court in London has reinstated a lawsuit filed against Google that accuses the company of unlawfully gathering personal information by circumventing the iPhone's default privacy settings, according to Bloomberg.
The collective action, equivalent to a class action lawsuit in the United States, alleged that Google illegally tracked and gathered the personal data of over four million iPhone users in the U.K. between 2011 and 2012. The case was first brought in November 2017 and had been dismissed in October 2018.
"This case, quite properly if the allegations are proved, seeks to call Google to account for its allegedly wholesale and deliberate misuse of personal data without consent, undertaken with a view to a commercial profit," wrote Judge Geoffrey Vos in a ruling today, per the report.
A similar lawsuit was filed in the United States in 2012, when Google was discovered to be circumventing privacy protections in Safari on iOS in order to track users through ads on numerous popular websites.
Specifically, Google took advantage of a Safari loophole that made the browser think that the user was interacting with a given ad, thus allowing a tracking cookie to be installed. With that cookie installed, it became easy for Google to add additional cookies and to track users across the web.
At the time, Safari blocked several types of tracking, but made an exception for websites where a person interacted in some way — by filling out a form, for example. Google added code to some of its ads that made Safari think that a person was submitting an invisible form to Google, thus creating a temporary cookie.
Google stopped this practice after it was reported by The Wall Street Journal, and refuted many details of the report, while Apple closed the loophole in a Safari update shortly after. Google also paid a then-record $22.5 million fine to the Federal Trade Commission over its practices back in 2012.
"Protecting the privacy and security of our users has always been our No. 1 priority," a Google spokeswoman told Bloomberg. "This case relates to events that took place nearly a decade ago and that we addressed at the time."
Apple's WebKit team has published a "WebKit Tracking Prevention Policy" that details a range of anti-tracking measures it has developed and the types of tracking practices it believes are harmful to users.
Inspired by Mozilla's anti-tracking policy, the document posted to the WebKit blog provides an insight into the anti-tracking features built into Apple's Safari browser that the team hopes to see in all browsers one day.
This document describes the web tracking practices that WebKit believes, as a matter of policy, should be prevented by default by web browsers. These practices are harmful to users because they infringe on a user's privacy without giving users the ability to identify, understand, consent to, or control them.
Apple introduced Intelligent Tracking Prevention in iOS 11 and in Safari 11 in macOS High Sierra 10.13 and has been working to develop ITP ever since. For example, in February Apple released iOS 12.2 and Safari 12.1 for macOS, both of which included ITP 2.1 featuring enhancements that block cross-site tracking.
The new WebKit policy highlights Apple's continuing efforts to target all forms of cross-site tracking behavior, even if it's in plain view.
WebKit will do its best to prevent all covert tracking, and all cross-site tracking (even when it’s not covert). These goals apply to all types of tracking listed above, as well as tracking techniques currently unknown to us.
If a particular tracking technique cannot be completely prevented without undue user harm, WebKit will limit the capability of using the technique. For example, limiting the time window for tracking or reducing the available bits of entropy — unique data points that may be used to identify a user or a user’s behavior.
In addition to cross-site tracking, the document outlines several other tracking practices it deems harmful to users, and says WebKit will treat circumvention of its anti-tracking measures "with the same seriousness as exploitation of security vulnerabilities."
If a party attempts to circumvent our tracking prevention methods, we may add additional restrictions without prior notice. These restrictions may apply universally; to algorithmically classified targets; or to specific parties engaging in circumvention.
For more on tracking definitions, the unintended impact of anti-tracking measures, and exceptions to the rules, check out the full WebKit Tracking Prevention Policy on the WebKit blog.
Safari is one of the most important apps on the iPhone and iPad, allowing iOS users to access the web on their devices. Safari is one of the apps that routinely gets updated when new versions of iOS are released, and iOS 13 is no exception.
Safari in iOS 13 offers a whole range of useful updates, from an updated start page to a new download manager. Below, we walk through all of the new and important features in Safari in iOS 13.
Safari in iOS 13 has a revamped start page (the page that's available when you open a new Safari window or tab) that now incorporates Siri Suggestions and other features.
The start page includes access to your favorite websites as usual, but Siri Suggestions will also surface relevant websites in your browsing history along with frequently visited sites, links sent to you in the Messages app, and more.
The new start page is designed to let you get to what most interests you quickly, and it makes sure you don't forget to check out websites recommended to you by friends and family.
Website View Menu
In the Smart Search field where you can search or type in URLs, there's a new icon on the left denoted by two As.
Tapping on this icon opens up the new Website View menu, where you can access the following controls:
Text Size Options - Adjust the size of the text on the website you're on.
Enable Reader View - Enable Reader View on the website you're on, which gets rid of ads and formatting for a clean book-style reading interface.
Hide Toolbar - Eliminates the Toolbar so you can see the webpage you're on full screen.
Request Desktop Website - Loads the desktop version of a website instead of the mobile version. This feature is for the iPhone, as the iPad now automatically loads desktop versions of websites instead of mobile versions. This turns into "Request Mobile Website" if the desktop site is already loaded.
Website Settings - Provides access to individual settings for each website. You can set the site you're on to load in Reader view automatically or to always load as a desktop website. You can also enable or disable content blockers on a per-site basis, and toggle access to the camera, microphone, and you're location. You can view sites where you've customized the settings in the Safari section of the Settings app under "Website Settings."
In the Safari section of the Settings app, there are new per-site controls that let you adjust everything from page zoom to privacy settings for all of the websites you visit (with settings for individual sites customizable using the View Menu mentioned above).
Custom settings you've set will also be listed here along with the toggles to control all websites by default. Available settings:
Page Zoom - Sets the page zoom level for all websites from 50 percent to 300 percent. The default is 100 percent.
Request Desktop Website - Lets you enable Request Desktop Site for all websites by default.
Enable Reader View - Lets you enable Reader View for all websites by default. Sites with a Reader mode will always load in that view.
Enable/Disable Content Blockers - Lets you toggle on or toggle off content blockers for all websites.
Camera Access - Controls camera access. Available settings are Ask, Deny, and Allow.
Location Access - Controls location access. Available settings are Ask, Deny, and Allow.
Microphone Access - Controls microphone access. Available settings are Ask, Deny, and Allow.
If you've enabled some of these settings on a per-site basis using the View Menu, such as turning on Request Desktop Site for MacRumors.com, you can disable the presets or delete them in the Website Settings section using the Edit menu for each category.
There's also an option to clear all settings when using this view.
When uploading a photo to a website in Safari, you can now choose what size image to upload. Options include Actual Size, Large, Medium, and Small, with each option providing the file size at the bottom of the display once it's selected.
Saving Open Tabs as Bookmarks
Safari in iOS 13 includes a new feature that lets you bookmark all of your open tabs. To get to it, long press on the bookmark icon at the bottom of the Safari window, and then choose "Add Bookmarks for [x] Tabs."
Selecting this will provide you with an interface where you can choose a new folder name and location for the bookmarks to be saved.
You can open up all the bookmarks that you've saved into new tabs (or bookmarks from any other folder) by opening up the Bookmarks interface, long pressing on the folder, and selecting the new "Open in New Tabs" option. There's also an option to copy the contents, which has also been added in iOS 13.
When you start typing the address of a website that's already open in another tab, Safari will direct you to the open tab in iOS 13 rather than opening up a new tab. This makes sure you don't open unnecessary tabs.
Automatically Close Safari Tabs
If you want to set your Safari tabs to automatically close after a set period of time, there's a new option to do so in the Safari section of the Settings app.
Open up Settings, choose Safari, scroll down to where it says "Close Tabs" and select the option that you want. The default setting is manual, which means tabs won't close unless you close them yourself, but you can also set tabs to clear automatically after one day, one week, and one month.
Redesigned Share Sheet
The Share Sheet in iOS 13 has been redesigned, making options like Copy, Add to Reading List, Add Bookmark, and more easier to get to with a new list-style view.
Multiple contact suggestions are also included in the Share Sheet now, including people you've recently spoken to in Messages and AirDrop devices that are nearby.
There's a new feature for sharing an entire web page as a link, a PDF, or in Reader view from the Share Sheet, and through the "Options" interface, you can choose whether to send content as a PDF or a Web Archive. By default, though, iOS 13 will pick "the most suitable format" for each app or action.
Sign In With Apple
Though not enabled in the beta right now, Apple is introducing a new Sign In with Apple feature that's a privacy-focused alternative to existing sign-in options from companies like Twitter, Google, and Facebook.
Sign In with Apple is designed to let you sign in with various apps and websites using your existing Apple ID as an authentication method. Unlike sign in options from Google, Twitter, and Facebook, Apple's new option doesn't track or profile you when using Sign In with Apple.
With Sign In with Apple, there's no need to create a login name or email address when signing up for a new website account. Sign In with Apple is authenticated via Face ID or Touch ID, and your information is further protected with two-factor authentication.
If you don't want to share your email address with an app or service that uses Sign In with Apple, Apple has created a "Hide My Email" feature to let you create unique single-use email addresses that forward to your real email address while keeping it inaccessible to third-party apps and services.
Sign In with Apple is designed to work in Safari on iOS, Safari on Mac, in apps, and on other platforms.
Weak Password Warnings
When signing up for a new website account, if you attempt to use a weak password, Safari will give you a warning and suggest a stronger password.
In iOS 13, Safari history and open tabs that have been synced to iCloud are protected with end-to-end encryption, which means that no one but you can access your browsing history.
Enhanced Anti-Fingerprinting Protections
Apple has bolstered anti-fingerprinting protections in Safari in iOS 13, adding new protections related to browser fonts. Anti-fingerprinting techniques prevent companies from tracking your web browsing activities from website to website.
Safari features a new Download Manager that matches the Download Manager in Safari for desktop. When you choose to download a file, such as an image, a little download icon is displayed in the top right corner of the display.
Tapping on the icon will let you see a list of files that you've downloaded, and tapping on the magnifying glass next to any file opens its enclosing folder.
By default, your downloaded Safari files are saved in a "Downloads" section of the Files app, but you can customize the file storage location by opening up the Settings app, selecting the Safari section, and tapping on the "Downloads" section.
You can choose to save files in iCloud Drive, on your iPhone, or in another location such as a different iCloud folder, Dropbox, or another cloud service.
Items in your Safari Download Manager can be set to be deleted after one day, upon successful download, or manually. One day is the default.
While all of the above features are available on both the iPhone and the iPad, there are some additional changes and updates that were added into iPadOS, the version of iOS 13 that's designed to run on the iPad.
All websites on the iPad now display in desktop mode rather than mobile view, better mimicking the viewing experience that you get on a Mac.
Safari on iPadOS introduces 30 additional shortcuts that can be used when browsing, similar to the shortcuts that can be used for Safari on a Mac.
The new keyboard shortcuts work with the Smart Keyboard from Apple or any third-party Bluetooth keyboard.
Use default font size in Reader (Command + 0)
Open link in background (Command + tap)
Toggle downloads (Command + Alt/Option)
Open link in new window (Command + Alt + tap)
Use selection for Find (Command + E)
Email this page (Command + I)
Open link in new tab (Command + Shift + tap)
Decrease Reader text size (Command + -)
Zoom in (Command + +)
Zoom out (Command + -)
Save webpage (Command + S)
Change focused element (Alt/Option + tab)
Focus Smart Search field (Command + Alt/Option + F)
Dismiss web view in app (Command + W)
Increase Reader text size (Command + +)
Download linked file (Alt + tap)
Add link to Reading List (Shift + tap)
Close other tabs (Command + Alt/Option + W)
Scroll around screen (arrow keys)
Paste without formatting (Command + Shift + Alt/Option + V)
New Private tab (Command + Shift + N)
Actual size (Command + 0)
Open search result (Command + Return)
Toggle bookmarks (Command + Alt/Option + 1)
Full Toolbar in Split View
When using Safari in Split View, the full toolbar is now displayed. In iOS 12, the search bar was visible, but none of the additional tools for doing things like accessing bookmarks, getting to the Share Sheet, and more.
Creating New Windows
iOS 13 supports multiple windows from the same app in Split View, and to create two Safari windows, you can drag a link from one Safari window into to another to open Split View or Slide Over.
Dragging a link into a multitasking window with another app already open will open Safari as the secondary window. So, for example, you can open up Messages, receive a link, and drag it to create a Split View interface that has Safari (with the webpage in the link) and Messages open.
Have questions about Safari, know of an iOS 13 Safari feature we left out, or want to offer feedback on this guide? Send us an email here.
Apple says all TLS server certificates must comply with these new security requirements in macOS Catalina and iOS 13:
TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.
Effective immediately, any connections to TLS servers violating these new requirements will fail and may cause network failures, apps to fail, and websites to not load in Safari in macOS Catalina and iOS 13, according to Apple.
Google, Microsoft, and Mozilla all deprecated SHA-1 certificates in 2017.
Apple today previewed a new Safari feature called Privacy Preserving Ad Click Attribution that it says will allow advertisers to measure the effectiveness of their ad campaigns on the web without compromising user privacy.
Wilander says the traditional method of ad click attribution has no practical limit on data, allowing for full cross-site tracking of users using cookies. "We believe this is privacy invasive and thus we are obliged to prevent such ad click attribution from happening in Safari and WebKit," he wrote.
Thus, Apple has proposed a modern solution that it says doesn't allow for cross-site tracking of users but does provide a means of measuring the effectiveness of online ads. The feature is built into the browser itself and runs on-device, meaning that the browser vendor does not see any of the ad data.
Here is Apple's summary of its privacy considerations for the feature:
Only links served on first-party pages should be able to store ad click attribution data.
Neither the website where the ad click happens nor the website where the conversion happens should be able to see whether ad click data has been stored, has been matched, or is scheduled for reporting.
Ad clicks should only be stored for a limited time, such as a week.
The entropy of both ad campaign ID and conversion data needs to be restricted to a point where this data cannot be repurposed for cross-site tracking of users. We propose six bits each for these two pieces of data, or values between 0 and 63.
Ad click attribution requests should be delayed randomly between 24 to 48 hours. This makes sure that a conversion that happens shortly after an ad click will not allow for speculative cross-site profiling of the user. The randomness in the delay makes sure the request does not in itself reveal when during the day the conversion happened.
The browser should not guarantee any specific order in which multiple ad click attribution requests are sent, since the order itself could be abused to increase the entropy and allow for cross-site tracking of users.
The browser should use an ephemeral session aka Private or Incognito Mode to make ad click attribution requests.
The browser should not use or accept any credentials such as cookies, client certificates, or Basic Authentication in ad click attribution requests or responses.
The browser should offer a way to turn ad click attribution on and off. We intend to have the default setting to be on to encourage websites to move to this technology and abandon general cross-site tracking.
The browser should not enable ad click attribution in Private/Incognito Mode.
Privacy Preserving Ad Click Attribution is available as an experimental feature in Safari Technology Preview 82 and later. To turn on the feature, enable the Develop menu and navigate to the Experimental Features submenu.
Apple says the feature will be turned on for web developers later this year. The company has also recommended it as a web standard to the W3C.
The 19th annual CanSecWest security conference is underway in Vancouver, Canada, including the annual Pwn2Own hacking contest, and two zero-day security vulnerabilities have so far been discovered in Safari on macOS.
The contest kicked off on Wednesday with security researchers Amat Cama and Richard Zhu teaming up against Safari. The duo successfully exploited the browser and escaped the sandbox by using a combination of an integer overflow, heap overflow, and brute force technique, earning them $55,000.
Later in the day, a trio of Niklas Baumstark, Luca Todesco, and Bruno Keith targeted Safari with a kernel elevation. They demonstrated a complete system compromise, but it was only a partial win since Apple supposedly already knew of one of the bugs used in the demo. They still netted $45,000.
In total, participants were awarded $240,000 on day one of Pwn2Own. Day two of the contest is currently underway. All exploits discovered during the contest are reported to the necessary companies like Apple so they can be patched.
Safari in the iOS 12.2 beta and Safari 12.1 for macOS High Sierra and Mojave includes an updated version of Intelligent Tracking Prevention, according to details shared on Apple's WebKit blog.
ITP 2.1, as Apple is calling it, caps client-side cookie storage to seven days. After this time period, cookies expire. As outlined by Apple, this offers improvements in privacy, security, and performance. From Apple's WebKit blog:
- Cross-site trackers have started using first-party sites' own cookie jars for the purpose of persistent tracking. The first-party storage space is especially troublesome for privacy since all tracker scripts in the first-party context can read and write each other's data. Say social.example writes a user tracking ID as a news.example first-party cookie. Now analytics.example, adnetwork.example, and video.example can leverage or cross pollinate that user tracking ID through their scripts on news.example.
- Cookies available in document.cookie can be stolen by speculative execution attacks on memory. Therefore, they should not carry sensitive information such as credentials.
- Cookies available in document.cookie can be stolen by cross-site scripting attacks. Again, therefore, they should not carry sensitive information such as credentials.
- The proliferation of cookies slows down page and resource loads since cookies are added to every applicable HTTP request. Additionally, many cookies have high entropy values which means they cannot be compressed efficiently. We come across sites with kilobytes of cookies sent in every resource request.
- There is a size limit on outgoing cookie headers for performance reasons, and websites risk hitting this limit when cross-site trackers add first-party cookies. We've investigated reports of news site subscribers getting spuriously logged out, and found that trackers were adding so many cookies that the news site's legitimate login cookie got pushed out.
The cookie storage limits will not log users out as long as websites are using the appropriate authentication cookies because it only affects cookies created through document.cookie.
ITP 2.1 also allows for just a single set of cookies per site rather than multiples, and third party tools with cross-site tracking capabilities need to use the Storage Access API to get cookie access.
Apple says this change simplifies cookie behavior for developers, lowers the memory footprint of Safari, and makes Intelligent Tracking Prevention compatible with more platforms.
A verified partitioned cache for cutting down on cache abuse for tracking purposes is also included, and as we covered earlier this month, support for Do Not Track has been disabled.
Apple says that it is removing Do Not Track because most websites never paid any attention to it since it was opt-in and could be ignored.
The DNT project recently ended without the publication of a standard, in part "because there has not been sufficient deployment of these extensions (as defined) to justify further advancement." Given the lack of deployment of DNT and Safari's on by default privacy protections such as ITP, Safari removed support for DNT so that users are not presented with a misleading and ineffective privacy control that, if anything, only offered additional browser fingerprinting entropy.
Additional details on the Intelligent Tracking Prevention updates being introduced are available via Apple's full WebKit blog post.