Read Full Article here… lifehacker.com

Photo: Nicole Lienemann (Shutterstock) Despite some recent negative press about AirTags revolutionizing the stalking industry, Apple has developed a good reputation compared to other big tech companies when it comes to privacy and security. Knowing this, you might be surprised to learn that Apple’s own web browser, Safari, isn’t safe to use right now on any of the company’s platforms, including Mac, iOS, and iPadOS. A critical Safari issue can leave some of your Google Account data and browsing history open for theft through an IndexedDB implementation bug. When you normally visit a website, that site should only be able to access any databases created by its own domain name. This bug, however, allows websites to see other databases—and to scrape those databases for information like your Google Account avatar, personal data, or browsing history. Using FingerprintJS’ test site Safari Leaks , you can see this issue in action. When you open it in Safari, the site might be able to grab your Google User ID right away. Even if it can’t, you can open any of its test websites in a new tab, and return to Safari Leaks to see that browsing history reported almost immediately. If Safari were working properly, this type of information wouldn’t be accessible to Safari Leaks, since the site would only be able to access data from databases created by its domain. But it can scrape information from Alibaba, Instagram, Twitter, and potentially other websites that use the IndexedDB JavaScript API. FingerprintJS was […]