{"id":4038,"date":"2022-02-01T15:00:06","date_gmt":"2022-02-01T15:00:06","guid":{"rendered":"https:\/\/www.maisetechnology.com\/?p=4038"},"modified":"2023-01-18T21:20:46","modified_gmt":"2023-01-18T21:20:46","slug":"apple-safari-bug-may-leak-personal-information-and-history","status":"publish","type":"post","link":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/","title":{"rendered":"Apple Safari Bug May Leak Personal Information And History"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]<img decoding=\"async\" class=\"alignleft size-full wp-image-15170\" src=\"\/wp-content\/uploads\/2023\/01\/safari-resized.png\" alt=\"Apple Safari Bug May Leak Personal Information And History\" width=\" height=\" \/>There was a recently discovered issue with the way the IndexedDB API was implemented in Safari&#8217;s WebKit engine.<\/p>\n<p>This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated with vulnerable machines.<\/p>\n<p>Indexed DB is a commonly used API that has a robust client-side storage system with no capacity limits. Normally it is used for caching web application data so users can view it offline at a later date but of course, it can also be used to store sensitive information.<\/p>\n<p>To prevent data leaks IndexedDB developers followed the &#8220;same-origin&#8221; policy which controls which resources are allowed to access each piece of data.<\/p>\n<p>Unfortunately, researchers at FingerprintJS discovered that the IndexedDB API doesn&#8217;t follow the same-origin policy used by Safari 15 on macOS and the difference in policy could lead to the disclosure of sensitive information.<\/p>\n<p>In order to be impacted by this issue a user has to log onto websites like YouTube and Facebook or visit service portals like Google Keep or Google Calendar. Doing so creates a new IndexedDB database and appends the Google Username.<\/p>\n<p>According to the researchers who first discovered the bug:<\/p>\n<p>&#8220;We checked the homepages of Alexa&#8217;s Top 1000 most visited websites to understand how many websites use IndexedDB and can be uniquely identified by the databases they interact with.<\/p>\n<p>The results show that more than 30 websites interact with indexed databases directly on their homepage, without any additional user interaction or the need to authenticate. We suspect this number to be significantly higher in real-world scenarios as websites can interact with databases on subpages, after specific user actions, or on authenticated parts of the page.&#8221;<\/p>\n<p>Worst of all is there&#8217;s no good mitigation strategy here. Disabling all JavaScripts would work but would almost certainly cause other applications to fail that your organization relies on. So we&#8217;re waiting on Apple to provide a fix. The good news is that they&#8217;ve got a solid reputation for responsiveness so we should not have to wait long.[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text]There was a recently discovered issue with the way the IndexedDB API was implemented in Safari&#8217;s WebKit engine. This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated&hellip;<\/p>\n","protected":false},"author":2,"featured_media":4039,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[11],"tags":[21,269,48,191,190,267,18,17],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Apple Safari Bug May Leak Personal Information And History | Maise Technology<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Safari Bug May Leak Personal Information And History | Maise Technology\" \/>\n<meta property=\"og:description\" content=\"[vc_row][vc_column][vc_column_text]There was a recently discovered issue with the way the IndexedDB API was implemented in Safari&#8217;s WebKit engine. This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated&hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/\" \/>\n<meta property=\"og:site_name\" content=\"Maise Technology\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-01T15:00:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-18T21:20:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"225\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"maisegroup\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"maisegroup\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/\",\"url\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/\",\"name\":\"Apple Safari Bug May Leak Personal Information And History | Maise Technology\",\"isPartOf\":{\"@id\":\"https:\/\/www.maisetechnology.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png\",\"datePublished\":\"2022-02-01T15:00:06+00:00\",\"dateModified\":\"2023-01-18T21:20:46+00:00\",\"author\":{\"@id\":\"https:\/\/www.maisetechnology.com\/#\/schema\/person\/eb4c832909343bad9b29835cbde276a5\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage\",\"url\":\"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png\",\"contentUrl\":\"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png\",\"width\":300,\"height\":225,\"caption\":\"Apple Safari Bug May Leak Personal Information And History\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.maisetechnology.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Safari Bug May Leak Personal Information And History\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.maisetechnology.com\/#website\",\"url\":\"https:\/\/www.maisetechnology.com\/\",\"name\":\"Maise Technology\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.maisetechnology.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.maisetechnology.com\/#\/schema\/person\/eb4c832909343bad9b29835cbde276a5\",\"name\":\"maisegroup\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.maisetechnology.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/253b0df440d3cf0019e97554b1e058c6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/253b0df440d3cf0019e97554b1e058c6?s=96&d=mm&r=g\",\"caption\":\"maisegroup\"},\"url\":\"https:\/\/www.maisetechnology.com\/author\/maisegroup\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Apple Safari Bug May Leak Personal Information And History | Maise Technology","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/","og_locale":"en_US","og_type":"article","og_title":"Apple Safari Bug May Leak Personal Information And History | Maise Technology","og_description":"[vc_row][vc_column][vc_column_text]There was a recently discovered issue with the way the IndexedDB API was implemented in Safari&#8217;s WebKit engine. This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated&hellip;","og_url":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/","og_site_name":"Maise Technology","article_published_time":"2022-02-01T15:00:06+00:00","article_modified_time":"2023-01-18T21:20:46+00:00","og_image":[{"width":300,"height":225,"url":"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png","type":"image\/png"}],"author":"maisegroup","twitter_card":"summary_large_image","twitter_misc":{"Written by":"maisegroup","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/","url":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/","name":"Apple Safari Bug May Leak Personal Information And History | Maise Technology","isPartOf":{"@id":"https:\/\/www.maisetechnology.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage"},"image":{"@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage"},"thumbnailUrl":"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png","datePublished":"2022-02-01T15:00:06+00:00","dateModified":"2023-01-18T21:20:46+00:00","author":{"@id":"https:\/\/www.maisetechnology.com\/#\/schema\/person\/eb4c832909343bad9b29835cbde276a5"},"breadcrumb":{"@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#primaryimage","url":"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png","contentUrl":"https:\/\/www.maisetechnology.com\/wp-content\/uploads\/2023\/01\/safari-resized.png","width":300,"height":225,"caption":"Apple Safari Bug May Leak Personal Information And History"},{"@type":"BreadcrumbList","@id":"https:\/\/www.maisetechnology.com\/2022\/02\/01\/apple-safari-bug-may-leak-personal-information-and-history\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.maisetechnology.com\/"},{"@type":"ListItem","position":2,"name":"Apple Safari Bug May Leak Personal Information And History"}]},{"@type":"WebSite","@id":"https:\/\/www.maisetechnology.com\/#website","url":"https:\/\/www.maisetechnology.com\/","name":"Maise Technology","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.maisetechnology.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.maisetechnology.com\/#\/schema\/person\/eb4c832909343bad9b29835cbde276a5","name":"maisegroup","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.maisetechnology.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/253b0df440d3cf0019e97554b1e058c6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/253b0df440d3cf0019e97554b1e058c6?s=96&d=mm&r=g","caption":"maisegroup"},"url":"https:\/\/www.maisetechnology.com\/author\/maisegroup\/"}]}},"_links":{"self":[{"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/posts\/4038"}],"collection":[{"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/comments?post=4038"}],"version-history":[{"count":1,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/posts\/4038\/revisions"}],"predecessor-version":[{"id":4040,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/posts\/4038\/revisions\/4040"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/media\/4039"}],"wp:attachment":[{"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/media?parent=4038"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/categories?post=4038"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.maisetechnology.com\/wp-json\/wp\/v2\/tags?post=4038"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}