Beware! There is this SCARY bug in your iPhone browser Safari; Get rid of it now
If you use the Apple iPhone browser Safari, then you need to know about this scary report. A dangerous bug has surfaced which can potentially reveal your personal data from your Google account and your recent browsing history to a hacker. This new iPhone Safari bug was found in Apple Safari browser and impacts all web browsers on iOS including iPhone, iPad and Safari 15 on Mac for PC and laptops.
This problem was reported by Martin Bajanik of FingerprintJS who confirmed that the issue emerged from a feature in the backend of the iPhone browser Safari that allows users to store browsing data as well as various account information in one place. The reason behind this functionality was to give users faster access to their data. However, it may have backfired.
New bug in Apple Safari browser
As mentioned, the emergence of the problem can be traced back to the new feature in Apple Safari browser called IndexedDB. In simple terms it is a low level API that follows same-origin-policy. Same-origin-policy is a security mechanism that prevents documents or scripts from one source from interacting with documents from another source. But apparently, IndexedDB is breaking the same-origin-protocol and creates duplicates of data for every different website that interacts with the data. What does this mean for your iPhone Safari browsing experience?
Well, imagine this. While using the Safari browser from either iPhone, iPad or Mac, you have one tab with your email account open. And on the next tab, you open a suspicious website that may try to access your personal data. Under normal circumstances, that would not be an issue as your data is segmented and the website can only access what has been shared with it by the user. But due to this bug, now the website can potentially read all your emails without you even doing anything, according to this report. Now, that is scary!
The problem becomes much bigger as the malicious website can also access your Google information, gaining access to multiple accounts like YouTube, Google services and more even if you have not opened those websites. So you can see how this bug puts your Apple iPhone Safari browsing experience in a fraught situation.
There is not much you can do apart from not using the Safari browser at the moment. Or even if you have to, only open reliable websites on it. But rest assured because Apple’s engineers are already working on the problem, according to FingerprintJS.
The website posted an update that said, “Apple engineers began working on the bug as of Sunday, have merged potential fixes, and have marked our report as resolved. However, the bug continues to persist for end users until these changes are released.”
Therefore, for the time being, till Apple releases a fix, ensure your own safety by visiting only the trusted websites on Apple iPhone Safari browser or for that matter any other gadget.