BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Privacy and Security a Top Priority in macOS Mojave and Safari 12

Privacy and Security a Top Priority in macOS Mojave and Safari 12

Leia em Português

This item in japanese

Bookmarks

At their annual Developer Conference WWDC Apple previewed macOS Mojave, the latest version of the company's desktop operating system, and Safari 12, the updated web browser. Apple has stated that enhanced privacy and security are a top priority with these releases.

Safari 12 will provide additional "Intelligent Tracking Prevention" and the automatic creation and storage of strong passwords. macOS Mojave (and iOS 12) will restrict the availability of device configuration available to third-parties in an effort to reduce device "fingerprinting" for tracking purposes, and also require apps to get user permission before using the Mac camera and microphone, or accessing personal data like user Mail history and Messages database.

Websites can fetch resources such as images and scripts from domains other than their own, which is referred to as cross-origin or cross-site loading, and is a powerful feature of the web. However, such fetching also enables cross-site tracking of users. Since June 2017, the WebKit open source web browser engine used by Safari (and many other apps on macOS, iOS and Linux) has provided Intelligent Tracking Prevention (ITP). This original version 1.0 of ITP reduces cross-site tracking by limiting and periodically purging associated browser cookies and other website tracking data. For example, after a 24 hour window from the original interaction with a website the associated cookies cannot be used in a third-party context, and are said to be "partitioned". After 30 days the cookies are deleted.

Tracking prevention was further enhanced in March 2018 with the release of ITP 1.1, which prevented "partitioned" cookies being persisted to disk and blocked cookies completely if they were determined as a candidate for immediate purging. The Storage Access API was also introduced, which allows for "authenticated embeds" of content while continuing to protect customers' privacy by default. At its core, the Storage Access API provides a mechanism for embedded third-party content to get out of cookie partitioning through user interaction.

Safari 12 introduces ITP 2.0, which removes the 24 hour window of third-party cookie re-use and instead immediately partitions cookies for domains determined to have tracking abilities. ITP 2.0 also adds a prompt to WebKit's implementation of the Storage Access API. If the user allows access, their choice is persisted. If the user declines, their choice is not persisted which allows them to change their mind if at a later point they tap a similar embedded widget that calls the Storage Access API. This functionality will prevent third-party "comment field" or "like button" embeds within a webpage being able to access cookie data without explicit user interaction and confirmation.

As previously covered on InfoQ, Firefox has also released an extension that it claims will provide similar functionality to the ITP and stop the company snooping on users' non-Facebook web traffic without explicit permission.

In regards to additional features in Safari 12, the browser will now automatically create, autofill and store strong passwords when users create new online accounts. Passwords that have been re-used will be flagged, so that users can change them.

Also announced at WWDC were several new data protection features to be included within macOS Mojave and iOS 12 that require apps to get user permission before using the Mac camera and microphone, accessing personal data like user Mail history and Messages database, or accessing sensitive parts of the file system.

Apple's new approach to restricting private information

macOS Mojave will also make it much harder for trackers to create a unique "fingerprint" that can be used to uniquely identify a device outside of the existing cookie- and content-based tracking features. Craig Federighi, senior vice president of Software Engineering, discussed the issue within the keynote:

Your device can be identified by a unique set of characteristics, like its configuration, the fonts that are installed, and the plugins you might have on the device. With Mojave we are making it much harder for trackers to create a unique fingerprint.

Reducing the effectiveness of fingerprinting requires that an individual device blends in with the crowd. This will be achieved by presenting to external viewers a simplified system configuration, by showing only built-in fonts, and by removing support for legacy plugins (outside of the Safari Extensions Gallery) so that these cannot contribute to a fingerprint. Federighi stated "as a result your Mac will look a lot like everyone else's Mac"

The full public release of macOS Mojave will be made available later this year. Safari Technology Preview Release 58 is now available for download for macOS High Sierra, and with this release Safari Technology Preview is now available for betas of macOS Mojave.

Rate this Article

Adoption
Style

BT