The bug stems from Apple’s application of the IndexedDB API.
As explained by FingerprintJS, IndexedDB abides by the, which restricts one origin from interacting with data that was collected on other origins — essentially, only the website that generates data can access it. For example, if you open your email account in one tab and then open a malicious webpage in another, the same-origin policy prevents the malicious page from viewing and meddling with your email.
This means other websites can see the name of other databases created on other sites, which could contain details specific to your identity. FingerprintJS notes sites that use your Google account, like YouTube, Google Calendar, and Google Keep, all generate databases with your unique Google User ID in its name. Your Google User ID allows Google to access your publicly-available information, such as your profile picture, which the Safari bug can expose to other websites.
This is a huge bug. On OSX, Safari users can switch to another browser to avoid their data leaking across origins. iOS users have no such choice, because Apple imposes a ban on other browser engines.
México Últimas Noticias, México Titulares
Similar News:También puedes leer noticias similares a ésta que hemos recopilado de otras fuentes de noticias.
‘Devastated’: Crowds throng funeral service for 15 Bronx fire victims‘Devastated’: Crowds Throng Funeral Service for 15 Bronx Fire Victims
Leer más »
Top 50 daily boys basketball stat leaders for Saturday, Jan. 15Check out leaders in points, rebound, assists, blocks and steals.
Leer más »
Powerball results, numbers for Friday, January 15Earlier this month, two Powerball players split a $630 million prize, the seventh largest in Powerball history.
Leer más »
How to Make an NFT in 15 Lines of Code | HackerNoonHow to create an NFT in 15 Lines of Code and what will NFT stand in 2022 if you will invest your time in NFTs?
Leer más »