Apple proxies Google Safe Browsing traffic through its own servers in iOS 14.5

enaph

Level 29
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,861
Apple’s privacy push is much more widespread than it seems at the surface. A perfect example is the new privacy feature in iOS 14.5 Beta 1 (V2) which redirects Google Safe Browsing traffic through Apple’s own proxy servers to enhance users’ privacy and to not let Google see your IP address.

Google Safe Browsing is a security service created by Google that checks whether a website is malicious. When you access a website on the desktop version of Chrome on your Mac or PC, for instance, Google Safe Browsing checks if a website is safe to browse and displays a warning accordingly. The user ultimately has the choice, however.

As Reddit user u/jaydenkieran explains, Apple uses Google Safe Browsing when you enable “Fraudulent Website Warning” within the Safari settings in the Settings app on iPhone or iPad.

According to Google, its Safe Browsing system works by scanning sections of Google’s web index and “identifying potentially compromised websites.” Then, Google tests those websites by using a virtual machine to check if the website compromises the system. If it does, it’s added to Google’s online database. Google also identifies phishing websites by using statistical models.

According to Apple, before visiting a website, Safari may send hashed prefixes of the URL (Apple terms it “information calculated from the website address”) to Google Safe Browsing to check if there’s a match.

Since Apple uses a hashed prefix, Google cannot learn which website the user is trying to visit. Up until iOS 14.5, Google could also see the IP address of where that request is coming from. However, since Apple now proxies Google Safe Browsing traffic, it further safeguards users’ privacy while browsing using Safari.

Apple has been intensifying its push for privacy with iOS 14 what with the App Tracking Transparency update and the inclusion of App Privacy Reports in the App Store.

At the same time, companies like Facebook are actively opposing the Cupertino giant, accusing it of negatively affecting the advertising industry. Apple’s response has been simple:

“We believe that this is a simple matter of standing up for our users. Users should know when their data is being collected and shared across other apps and websites — and they should have the choice to allow that or not. App Tracking Transparency in iOS 14 does not require Facebook to change its approach to tracking users and creating targeted advertising, it simply requires they give users a choice.”

Google itself had been holding off on updating its host of apps on the App Store due to the App Privacy Health Reports in the App Store that lets users view how an app tracks them. However, Google later disclosed that it will update its apps to include as little tracking as possible.

Having said that, it’s interesting to see Apple focus on enhancing user privacy as much as they can. And setting up a proxy server to filter Google Safe Browsing traffic just so Google cannot users’ browsing activity will be a welcome move for a lot of users.
 

enaph

Level 29
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,861
Is this exclusive to iOS 14.5 and Safari, and not other browser apps? What about Safari on macOS 11.x?
As far as I understand this is iOS 14.5 and Safari exclusive.
And as per this info from Apple, Safari on macOS sends hashed website prefixes to Google Safe Browsing but not hiding user's IP.
I guess it's just a matter of time before this gets implemented across the whole Apple's ecosystem.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,267
I don't really see the point of this. Because, Apple is just changing who can see your IP address. I mean, surfing the web, Google will still get your IP address even if you aren't using their services cause of dependencies websites use from Google. That's something where Apple can't really protect you.

Also to keep in mind, Google Safe Browsing is actually really private since URLs of visited websites are never sent to Google. Even if you stumble upon malicious website, Google will only get hashed part of URL so they can't tell which website you have had visited.
 

enaph

Level 29
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,861
If Apple is so concerned in protecting one's privacy, why don't they offer free VPN for their devices and proxy all traffic? What good is proxying one service?
There are rumors saying that they might be working on their own search engine and VPN.
Are they true?
 
  • Like
Reactions: Balrog and Venustus

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,267
There are rumors saying that they might be working on their own search engine and VPN.
Are they true?
Even if they are true, search engine will suck unless they use Google's search engine and, knowing Apple, VPN could be limited in free version to small amount of data. That's the reason why I don't like Apple devices; the whole purpose of owning them is to get you to pay more.
 
  • Like
  • +Reputation
Reactions: Balrog and Venustus

Ink

Administrator
Verified
Jan 8, 2011
22,490
Even if they are true, search engine will suck unless they use Google's search engine and, knowing Apple, VPN could be limited in free version to small amount of data. That's the reason why I don't like Apple devices; the whole purpose of owning them is to get you to pay more.
Been using Bing / DDG for about 18 months, once you get used to the changes, you won't want to go back to Google's monopoly. Bing's UI is similar to Google Search, DuckDuckGo's feels more suited for Linux users.

It's highly unlikely for Apple to release a Free VPN, only one part of it's subscription services - just as Google VPN.

The reason you don't own or use Apple services is because you're kneeling for Google services.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,267
Been using Bing / DDG for about 18 months, once you get used to the changes, you won't want to go back to Google's monopoly. Bing's UI is similar to Google Search, DuckDuckGo's feels more suited for Linux users.
Bing just doesn't work here. You can set language and search region to Croatia, but results you're gonna get are not what you're looking for.

Two examples;
  • Searching term "index" (popular news website) shows me Hungarian news website and bunch of Google's links.
  • Searching term "nova" (popular private TV station) shows me Czech and Bulgarian TV channels of the same name.
  • Searching term "telegram" (popular news website), first links are for Telegram Messenger.
  • Searching term "split" (coastal city), first two links are to movie Split from 2016.
Situation with the term "index" is better now, because the first results used to be Google with links to their services (Images, Translate, Blogger etc.). It still isn't showing correct results for same search term, but at least there are few articles from the mentioned news site. I'll give them that.

DuckDuckGo, on the other hand, works okay. It doesn't have same issues like Bing, but I miss the info card and news Google have when searching for something.
It's highly unlikely for Apple to release a Free VPN, only one part of it's subscription services - just as Google VPN.
I guess we'll have to wait and see.
The reason you don't own or use Apple services is because you're kneeling for Google services.
That's not entirely true. There are couple of reasons, let me name a few;

1. Apple products are incredibly expensive (at least here)—1200$ for iPhone 12 64 GB. I can buy new PC and a new phone for that money, heck, maybe even some TV.
2. Apple products are extremely limited—I like customization and their devices doesn't allow me to do just that. You can't even sideload apps without jailbreaking the device.
3. I can access Android phone just by connecting it to the PC without needing special software. For iDevices, it's required to have iTunes installed.
4. Two magic words—expandable storage. I hope I don't have to explain this.
5. I'm not fan of their marketing moves—removing power brick and headphones from packaging so you have to buy them separately.

Those are SOME of the reasons why I use Android and never switching to Apple and their devices. NHF, but I feel like iPhone is made for children because it's so easy to use as Apple puts everything on plate for their users.
 
Last edited:

SpiderWeb

Level 13
Verified
Top Poster
Well-known
Aug 21, 2020
608
If Apple is so concerned in protecting one's privacy, why don't they offer free VPN for their devices and proxy all traffic? What good is proxying one service?
Because encrypting DNS requests (which is what they are already doing) and proxying Google safebrowsing is a tiny tiny fraction of traffic with a big privacy upside. VPN would mean Apple would have to take care of people's entire traffic which is just too cost prohibitive if you think about how many iPhones are out there. That would also make them the single point of failure and the company to sue if someone were to do something illegal on the Internet.

I like this approach. I already have my own VPN and Apple is adding another layer on top. The true freedom will come from Apple announcing their own search engine. It would hit Google where it hurts.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top