Tue. Nov 19th, 2019

Apple clarifies rumors about leaking user information to Tencent

2 min read

Apple issued a statement to clarify the false rumors about Apple leaking user information to Tencent. It is understood that Apple uses Tencent’s safe browsing service in Safari. Such a service compares the URL that the user is trying to access with a list of known malicious websites to ensure that the user has secure access. However, last week, it was reported that Apple was sending its user browsing history to Tencent through the Safari browser.

apple bug bounty

“SF Apple Store”by signal11 is licensed under CC BY 2.0

Experts pointed out that there are many doubts about this news. In fact, most of the secure browsing services are provided by Google, and Tencent is only responsible for providing such services to some users. Although the earlier version of the safe browsing mechanism did require a URL to be sent to the relevant contractor, Apple’s current secure browsing mechanism first sends a copy of the database to the user’s browser, then lets the browser compare the local database and check the URL. Therefore, relevant suppliers do not have access to the user’s browsing history.

Apple explains:

Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.

To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.

Via: macrumors