In iOS 11 Apple has added new privacy features to its default browser Safari. Most iOS users use Safari as their everyday browser. In these article I’m going to explain what changes with the new Safari features and if your privacy protection is improved.
Apple’s iOS Safari is infamous for its lack of privacy and security features. With the default settings it is incredibly easy for companies to track Safari users around the internet. Various techniques like cookies, tracking scripts, hsts supercookies, canvas fingerprinting and many more allow companies to easily identify and track users. The Safari user cannot even influence the effect of some of the techniques, like canvas fingerprinting or hsts supercookies. Safari does not offer a way to “change” a “placed” hsts supercookie or a canvas fingerprint. The tracking of Apple users does not only affect the Safari iOS, because bookmarks, browser settings, the history and cookies are shared across Apple devices with the same Apple ID. Linking different devices together makes the gathered data even more powerful, as different times, locations and aspects of life can be tracked and linked together.
With iOS 11, Apple has introduced a new function in Safari that is advertised as a tracking and privacy protection. Basically, the function is a cookie blocker that blocks some third party cookies. Third party cookies are cookies that are not set by the website you are currently visiting. Instead, a different website, that has some content on the website you’re visiting is setting a cookie. Whenever you visit a website that contains content from the same website, this third party website can read out its cookies. This means this third party can track you around the internet through its cookies, even though you have never actually visited that website. Let’s make a quick example: you visit the website A which hosts advertisement from the ad network B. By visiting A, both A and B are able to place a cookie on your device. The cookie placed by B is called a third party cookie, as B is not the actual website you’re visiting. Now, whenever you visit a website that hosts advertisement from B on their website, the website B is able to read out their cookies on your device. This means they can track you around the internet. This is for example what Facebook does with the share and like buttons you find on many websites. Another example is Google Analytics, a tool for websites to track users which also allows Google to track users.
As explained in the last paragraph, third party cookies can be nasty. Therefore, Apple decided to introduce a function that will block some third party cookies. Yes, you read correctly, for some. Apple has some sort of algorithm to sort between appropriate and inappropriate third party cookies. Assuming that this algorithm acts in the best interest of the user, is blocking some third party cookies good for your privacy? Blocking some third party cookies is probably better than not blocking any at all. However, we should not overestimate this protection. There are still third party cookies that are not blocked by Safari and first party cookies are not even considered. Every website you actually visit can still place a cookie on your machine. It does not matter at all whether this benefits you or not. These websites will still be able to track you across the internet, even when you are not visiting their site, but they only act as a third party content provider on the website you visit. So blocking some third party cookies is not going to hurt you. But it is not going to do much to protect you either.
Even when blocking every single bad third party cookie, your overall protection is still frighteningly low with the standard configuration of Safari. Blocking some third party cookies does not hurt you, but it does not really protect you either. First party cookies can still be placed and they can be used to uniquely identify you and track you around the internet. Thus, users should stay away from Safari on iOS, because its overall privacy protection remains too low.
Related Posts
Download SnowHaze
