A software bug in Apple's Safari 15 browser might allow any website to track your online activities and possibly reveal your identity on macOS, iOS, and iPadOS 15. Your Google User ID can be exposed to other websites as a result of the problem. The issue is also reported to affect private mode viewing on the Safari 15 browser in this scenario. The bug is due to an issue with Apple's implementation of IndexedDB, an application programming interface (API) that keeps data in your browser.

According to FingerprintJS, a browser fingerprinting and fraud detection service. "IndexedDB is a client-side storage API for browsers that can handle large volumes of data. All major browsers support it, and it's widely used," FingerprintJS stated in a statement.

According to the report, over 30 websites directly interact with indexed databases on their homepage, with no additional user involvement or authentication required. "We estimate this figure to be substantially larger in real-world circumstances," the FingerprintJS team added, "since websites can connect with databases on subpages, after specific user actions, or on authenticated areas of the page." IndexedDB follows the same-origin principle like most modern web browser technologies do. The same-origin policy is a basic security feature that limits how documents or scripts loaded from one origin interact with resources from other origins.

The same-origin policy, for example, stops a malicious webpage from infecting your email if you open your email account in one tab and a malicious URL in another. "The IndexedDB API violates the same-origin restriction in Safari 15 on macOS and all browsers on iOS and iPadOS 15," according to FingerprintJS. When a website interacts with a database, all other active frames, tabs, and windows within the same browser session establish a new (empty) database with the same name.

Unless you move to a separate profile, such as in Chrome, or open a private window, windows and tabs normally share the same session. This means that other websites can see the names of databases created on other sites, which may contain personal information about you. The leak was discovered by FingerprintJS, however, Safari has yet to be updated. "The fact that database names are leaked from many sources is a clear breach of privacy." It allows any website to learn which websites a person visits in multiple tabs or windows," they explained.

Your iPhone Browsing History on Safari Exposed?

Read More:

Tim Cook extends Holi wishes with colourful picture shot on iPhone

Veddas of Sri Lanka have close genetic affinity with Indians, reveals study

Boosting R&D spending key to make India a science powerhouse: Report

Aurionpro Solutions to acquire PaaS startup Arya.ai

IIT Roorkee team finds giant ancient snake fossil in Gujarat

Apple pulls Meta-owned WhatsApp and Threads from App Store in China

Intel appoints Santhosh Viswanathan as India region head

Elon Musk calls for peace in cryptic post amid Iran-Israel war

New smart biodegradable microgels to boost sustainable agriculture

HP introduces 'Innovation & Digital Education Academy' programme in India

Having a driving skill highly desirable for job seekers: Report

Balakrishna's Wife Vasundhara Richer Than Him, Family Assets at Rs 483 crore

Ranveer Singh, the latest Bollywood victim, advises fans: 'deepfake se bacho doston'

Latest Update On Prabhas’ Spirit

Vicky looks back at V-Day with Katrina: 'Our goal was to spend quality time together'

Buzz:Suriya and Jyothika's Acting Reunion After 18 Years

Allu Arjun Spotted in Casual Airport Look Before Jetting Off