Apple’s fraudulent website alert is intended to alert you when you’re about to visit a website that is known as malware, or that is believed to be a phishing website. Previously, the check consulted a database hosted on a Google server, but from iOS 14.5 onwards it instead uses an Apple proxy to better protect the privacy of users.
This adds an extra layer of privacy to the protection Apple already uses …
Background
When Google searches the web, it also looks at the sites it indexes for malware. If a site is found to contain malware, it is added to a database of sketchy sites. In addition, Google uses statistical models to identify suspected phishing sites and also adds them to the database.
Chrome checks this database every time you visit a website. If a URL is on the list, Chrome will display a warning asking if you really want to visit the site.
Apple uses the same database and takes steps to ensure that Google never sees the URL you tried to visit, but warns that Google may log your IP address.
When fraudulent website alert is enabled, Safari will display an alert if the website you are visiting becomes a website suspected of being phishing. Phishing is a fraudulent attempt to steal your personal information, such as usernames, passwords and other account information. A fraudulent website is a legitimate website, such as a bank, financial institution or email service provider.
Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing to see if the website is fraudulent. For users with mainland China as their region in Settings> General> Language and region, Safari can also use Tencent Safe Browsing to perform this check. The actual address of the website is never shared with the secure browsing provider. These secure browsers can also log your IP address when sending information to them.
Apple’s fraudulent website alert in iOS 14.5
Apple has tightened its privacy protection from iOS 14.5. The 8-bit explain how it works:
According to Apple, before visiting a website, Safari can send hash prefixes of the URL (Apple calls it ‘calculated information from the website address’) to Google Safe Browsing to see if there are any matches.
Because Apple uses a hash prefix, Google cannot determine which website the user is trying to visit. Up to and including iOS 14.5, Google could also see the IP address where the request came from. However, since Apple now uses Google Safe Browsing traffic, it protects the privacy of users while using Safari.
Apple WebKit CEO Maciej Stachowiak said on Twitter that the original explanation of the website was not entirely correct, but confirms that the core assertion – that Apple now uses its own copy of the database, which is kept on Apple servers – is correct. The 8-bit corrected the explanation afterwards.
Apple is in the midst of a genuine privacy battle over app privacy labels and future requirements for apps to ask users’ permission for ad tracking. At first glance, some programs seem to have the requirements to explain the identifiable data they capture by avoiding updates. For example, Google temporarily suspended a number of its programs when the requirement went into effect – something that led to some problems yesterday.
About the latter, Facebook has gone so far as to take out full-page newspaper ads attacking Apple, unconvincingly claiming that it stands up for small businesses rather than for its own advertising revenue. According to a Harvard analysis, Facebook’s numbers are misleading.
Graphic: WikiHow
FTC: We use revenue to earn automatically affiliate links. More.
Check out 9to5Mac on YouTube for more Apple news: