Apple's Keeping Google's Prying Eyes Out Of iOS 14

Illustration for article titled Apple's Keeping Google's Prying Eyes Out Of iOS 14
Photo: Justin Sullivan (Getty Images)

If you regularly use Apple’s Safari browser, you’re probably familiar with its Fraudulent Website Warning,” which gives you a heads up if the site you’re about to visit might be, say, an elaborate phishing scam. What you probably didn’t know is that until now, this safety feature relied on an obscure Google database to operate. Now, as part of the privacy features soon rolling out in iOS 14, it looks like Apple’s severing those ties entirely.

MacRumors was the first to notice some screenshots of the iOS 14.5 beta being swapped over Reddit that clearly show Apple using its own servers as a middleman between your phone and Google’s databases. As the original poster laid out, it seems that any web traffic on Safari makes a pit stop to a new URL— “proxy.safebrowsing.apple”—before hitting Google’s own service.

In a nutshell, the “Google Safe Browsing” database is essentially a list of sites that are known to be scammy or unsafe in some way that Google constantly updates by crawling the web. Non-Google apps—like, say, Safari—can hook themselves up to Google’s servers and receive either a hashed or non-hashed list of prefixes from these scammy sites. Upon doing so, any clicks instinctively ping Google’s servers to see if the web address being visited match with any of the names on this list. If they do, a warning flag goes up.

Advertisement

The issue here is that Google is, well, Google, and Apple has been making a solid effort to put privacy and data protections at the core of the iOS 14 updates. Pinging Google’s servers in this way–especially if those addresses are hashed—might not expose too much information besides your IP address or other bits of so-called “unidentifiable data,” but at the end of the day, data is still data, and that data is still going to Google.

Earlier this week, the Apple’s engineering head for WebKit confirmed that Apple’s attempt to intercept this traffic is a way to “limit the risk of information leak.” In other words, it’s a way to keep Google’s grubby hands off of any user data, no matter how innocuous the reason may seem.

I cover the business of data for Gizmodo. Send your worst tips to swodinsky@gizmodo.com.

Share This Story

Get our `newsletter`

DISCUSSION

Young_Griff
Young_Griff

Not that I’m complaining about Apple being sticklers on privacy, but it feels kind of messed up for Apple to be purposefully circumventing their part of the bargain when using Google’s database... can you imagine if Apple Maps was just a quick redirect to Google Maps that anonymized user data?

All I’m saying is, don’t be surprised if traffic through Apple’s servers gets blocked real damn quick.