Security News > 2021 > February > Apple will proxy Safe Browsing requests to hide iOS users' IP from Google
Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google.
To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.
While the approach ensures that the actual URL of a website the user is attempting to visit is never shared with a safe browsing provider, it does leak the IP address of the device from which the check was made.
With iOS 14.5, all these verifications are expected to be re-routed through an Apple-owned proxy server, thereby making all requests appear as originating from the same IP address.
"In the new iOS beta, Safari does indeed proxy the service via Apple servers to limit the risk of information leak," said Maciej Stachowiak, head of WebKit engineering at Apple, last week in a tweet.
The new change in iOS and iPadOS is part of a number of privacy-oriented measures that Apple has been rolling out lately, including mandating app developers to disclose their data collection practices in App Store listings using "Privacy nutrition labels."
News URL
Related news
- Apple releases iOS 18, with security and privacy improvements (source)
- Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 (source)
- Fake Trading Apps Target Victims Globally via Apple App Store and Google Play (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)