Apple’s Fraudulent Website Feature in Safari for iOS uses Chinese firm Tencent as one of its Safe Browsing Providers.
Over the years, we’ve seen steady improvements to macOS. But it requires a brilliant, in-depth look at Catalina to put the continuous developments into proper perspective.
MacMost has a good video on YouTube where he shares 10 macOS Catalina features. They’re smaller features that don’t get the same attention or shoutout by Apple, but they’re good to know. The first one he mentions is a feature that I noticed but was annoyed about. When you hover or long-click the green fullscreen button in Safari, it now brings up a menu window to enter full screen or tile the window to the left or right. While it makes this capability more obvious it also adds an extra step, when just dragging the window by the green button was faster. In any case the video is pretty helpful and you can watch it here.
You may have noticed in iOS 13 and iPadOS that double tap to zoom in Safari no longer works. Instead you’ll have to do something else.
Although Apple hasn’t released macOS Catalina yet, it did update its browser to Safari 13. It has a new section for downloads permissions.
Advertisers aren’t happy with solutions like Safari’s Intelligent Tracking Prevention. They came up with an alternative version to cookies.
Advertising company Google wants to build a “Google privacy sandbox” as a way to improve personalized ads while attempting to remove the “personalized” part.
The goal of these proposals is to promote a dialog on ways browsers could advance user privacy, while still ensuring publishers can earn what they need to fund great content and user experiences, and advertisers can deliver relevant ads to the right people and measure their impact.
Or, if you want to support websites with ads while also protecting your privacy, stick to Safari.
The iMac, in 1998, saved Apple from an extinction event. Today, it endures and embodies the best of desktop computing. Here’s the story.
In the latest issue of Mac Format magazine, Adam Banks writes a guide on how to stay safe online. This is a PDF version and on page 66.
Using a Mac makes you safer than average when going online. That’s partly because of Apple’s efforts to secure the operating system; partly because the Mac App Store gives you somewhere to get most of your third-party software safely. It’s also partly because bad actors – in the security industry sense, not the Hollyoaks sense – tend to be less interested in targeting macOS. But that doesn’t mean either you or your Mac can’t get fooled. Know your way around the common risks and basic protections to keep yourself out of harm’s way.
This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.
AdGuard is a content blocker for iOS that lets people block trackers and ads in Safari. Its AdGuard Pro app eventually got pulled from the App Store because of new VPN rules. AdGuard 3 brings some of those Pro features to the regular app, and some of them are locked behind a premium subscription. But Pro users can get a free 6-month license key. AdGuard 3 fixes a key issue with Safari. Safari’s maximum limit for content blockers is 50,000 rules. AdGuard now works around this by combining five blocks into one, each separately enabled in Settings and each with 50,000 rules. It also supports DNS-over-TLS and DNS-over-HTTPS. You can read more in the blog post. App Store: Free (Offers In-App Purchases)
Owen Williams writes how Apple wants to “kill advertising” with its newest privacy feature in iOS 13 called Sign In with Apple.
Apple is likely to win consumers over, who think these things sound evil and strange, but without these practices [of using customers’ email addresses] many of our favorite businesses and services simply couldn’t exist or practically reach customers.
I disagree. Apple is trying to kill tracking, not advertising. In Safari, Apple is adding a feature called Privacy Preserving Ad Click Attribution to reduce targeted ads, which only accounts for a small 4% in revenue anyway.
Apple is deprecating SHA-1, an old security standard, in iOS 13 and macOS Catalina. This is good news since we now have the more secure SHA-2 and SHA-3.
A study called “SensorID: Sensor Calibration Fingerprinting for Smartphones” examined sensor fingerprinting techniques against smartphones. It found that Micro Electro Mechanical Systems (MEMS) are inaccurate in small ways that make them unique. But Apple thwarted this technique in iOS 12.2 and used the researchers’ suggestion to add random noise to the analog-to-digital converter output and removing default access to motion sensors in Safari.
We demonstrate that our approach is very likely to produce globally unique fingerprints for iOS devices, with an estimated 67 bits of entropy in the fingerprint for iPhone 6S devices. In addition, we find that the accelerometer of Google Pixel 2 and Pixel 3 devices can also be fingerprinted by our approach.
Charlotte Henry and Andrew Orr join host Kelly Guimont to discuss ad blocking in Safari and the latest report of plaintext password storage.
Google will launch tools limiting the use of tracking cookies on Chrome, however, it would not be as wide-ranging a restriction as on Safari.
Intelligent Tracking Prevention 2.2 is an update that changes the duration of certain cookies created under certain conditions.
In the future, I hope Apple puts restrictions on the kind of app tracking developers use. We already have Safari’s Intelligent Tracking Prevention. I’d like to see that for the App Store.
SDKs present a solution to Apple’s pesky tracking restriction for advertisers. They can connect who you are between apps, provided the developer of each app uses the same SDK and the advertiser is able to use signals to figure out who you are. If we look at the top 200 apps on the iOS App Store, it’s interesting to see how broad the reach of most SDKs actually is.
Andrew Orr and Charlotte Henry join host Kelly Guimont to discuss the latest in Safari security, and a proposed UK law addressing online harm.
Click tracking, a.k.a. hyperlink auditing, is an HTML standard that can be used to track clicks on web sites. Previous versions of Safari used to let you disable this, but Safari 12.1 changes that.
Despite several months notice from me, Apple shipped Safari 12.1 last week to the public with no way to disable hyperlink auditing. I hope to raise awareness about this issue, with the ultimate goal of getting hyperlink auditing disabled by default in Safari. Apple claims that Safari is supposed to protect your privacy and prevent cross-site tracking, but hyperlink auditing is a wide open door to cross-site tracking that still exists.