Teknoku.me – This week, Apple released an update to its iOS 14.5 public beta mobile operating system for compatible iPhone devices. One of the new things that were presented as a change in the “Fraudulent Website Warning” mechanism.
This feature implemented in the Safari browser aims to prevent users from visiting malicious sites – for example, those installed with phishing traps to steal data – by obtaining a list of these websites from the Google Safe Search service.
This allows Google to find out the IP address of the device requesting a list of malicious websites. Now, starting with iOS 14.5, traffic from the Safari browser does not go directly to the Google server (Safe Search) but is diverted to Apple’s servers first as a proxy.
Thus, the IP addresses detected by Google also belong to Apple servers, not the user’s device. The role of Apple’s servers as traffic intermediaries was only implemented in iOS 14.5 as part of efforts to increase user privacy.
Google Safe Browsing itself sends a list of malicious websites to Safari, not in the form of a URL, but encrypted with a 32-bit hash prefix.
Safari then matches the 32-bit hash prefix of the site the user is trying to visit with Google Safe Search’s list of malicious site prefix hashes. If it turns out to be on the list, user access to the site will be blocked because it is considered dangerous.
This way, Google can’t know the URL addresses of the websites the user wants to visit, but can still see the IP addresses of the devices.
Now, with the use of Apple’s server as a proxy for Google Safe Search in an update.
Apart from the above changes, Safari on iOS 14.5 also requires applications to ask permission first before tracking users while using other applications or surfing the internet.