If you regularly use Apple’s Safari browser, you are probably familiar with Fraudulent website warning” which gives you a warning if the site you are about to visit isFor example, an extensive phishing scamsWhat you probably didn’t know is that until now this security feature relied on an obscure Google database to work. Now, as part of the privacy features rolling out soon out in iOS 14, it looks like Apple is cutting those ties completely.
MacRumors it was first to notice some screenshots from the iOS 14.5 beta that are swapped via Reddit Which clearly show Apple uses its own servers as an intermediary between your phone and Google’s databases. As the original poster pointed out, it appears that all web traffic on Safari is pitstop to a new URL – “proxy.safebrowsing.apple” – before going to Google’s own service.
In short, the “Google Safe BrowsingDatabase is essentially a list of sites that are known to be scam or unsafe in some way and that Google constantly updates by crawling the web. Non-Google apps, such as Safari, can do that. connects itself to Google’s servers and receive a hashed or unhashed prefix list from these scam sites. When you do this, all clicks instinctively ping Google’s servers to see if the visited web address matches one of the names in this list. When they do, a warning flag will go up.
The problem here is that Google, well, Google, and Apple has made every effort to provide privacy and data protection in the core of the iOS 14 updates. Pinging Google’s servers in this way – especially if those addresses are hashed – may not reveal too much information in addition to your IP address or other bits of so-called ‘non-identifiable data, ”But ultimately, data is still data, and that data still goes to Google.
Earlier this week was Apple’s technical head for WebKit confirmed that Apple’s attempt to intercept this traffic is one way to “mitigate the risk of information leaks.” In other words, it’s a way to keep Google’s grubby hands off user data, no matter how harmless the reason seems
G / O Media can receive a commission