Safari browser of Apple, in some regions, has raised privacy issues. This browser was meant to protect the website surfers from unsafe sites. However the ‘safe browsing’ option is turned on by default, this browser perhaps sends IP information to ‘Tencent’- linked with the Chinese government. And this majorly depends on the registration region of that Apple device.
Apple has given an explanation regarding this issue under Safari’s Settings tab which says- ‘To verify whether the site is fraudulent, your measured details may be sent from the web address to Tencent Safe Browsing plus Google Safe Browsing before you visit the site.’
Now this can affect the customers- says Law Prof. Joel Reidenberg who is Founding Academic Director for Law and Knowledge Policy Center, Fordham University School of Law, New York. He further stated to TechNewsWorld that just shielding access from malicious websites is not what ‘safe browsing’ means, but also to protect someone’s privacy.
Value of browser history
If someone’s browser history is checked, it has a lot to reveal- says the cryptography-specialized Prof. Matthew Green, Department of Computer Science, Baltimore’s Johns Hopkins University, Maryland. He further told to TechNewsWorld that if he’d have browsed the websites of the Chinese Government, then those systems may have leaked this info to the Tencent.
Someone’s intellectual information can also be stolen from browser knowledge. Prof. Reidenberg gives an example that if in a US company, a person is researching for inventing a product and if the browser sends this private info to the Tencent, then this Tencent gets to know about private innovation of this US Company.
However, Apple has not commented to this story, they told iMore that in case of having enabled the feature of Fraudulent Website Warning, that URL is checked by Safari browser against the list of familiar sites and it would show a warning message if any URL is found phishing or fraudulent or suspected.
Apple’s statement has also to say this- Safari browser does this by collecting a list of known malicious sites, from Google. And in case of devices showing the region code as China, this list comes from Tencent. But the user’s actual web URL is not shared while using a secure browser and one can turn off this feature also. Thus, as the user’s actual website URL isn’t delivered by the secure browser, the same URL can be perhaps reconstructed by the determined provider.