Friday, February 19, 2021 [Tweets] [Favorites]

Apple Adds Proxy for Safe Browsing Queries

Taha Broach (via Hacker News):

Apple’s privacy push is much more widespread than it seems at the surface. A perfect example is the new privacy feature in iOS 14.5 Beta 1 (V2) which redirects Google Safe Browsing traffic through Apple’s own proxy servers to enhance users’ privacy and to not let Google see your IP address.

Since Apple uses a hashed prefix, Google cannot learn which website the user is trying to visit. Up until iOS 14.5, Google could also see the IP address of where that request is coming from. However, since Apple now proxies Google Safe Browsing traffic, it further safeguards users’ privacy while browsing using Safari.

I still think that one could figure out with reasonable certainty which site the hashed prefix corresponds to. Presumably this also prevents the data from iPhone users in China from being shared with Tencent. On the other hand, now Apple gets the data and would be in a position to link it to your iPhone if it wanted to.

Previously:

2 Comments

>On the other hand, now Apple gets the data and would be in a position to link it to your iPhone if it wanted to.

The data Apple (and previously Google) can link is:

* someone with IP address x wants a list of all hash prefixes
* at some later point, the same person (possibly with a different IP address) wants a list of all hashes matching a prefix

A typical hash prefix is 4-7 bytes of a SHA256 hash. I don't see that being very useful to link it back to browsing behavior.

Yeah, I think this is really as private as such a system can possibly be, apart from just dumping the whole database on the client's computer, which doesn't seem like a feasible option.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment