Here's What the New Safari Will (and Won't) Do to Protect Your Privacy
Apple's Safari browser will limit 'fingerprinting' and flag tracking cookies, but it won't take additional steps to protect your privacy.
At WWDC 2018 yesterday (June 4), Apple gave thousands of developers a sneak peek at upcoming Safari features. The next version of Apple's browser on macOS 10.14 Mojave and iOS 12 will aim to push back against the ad-tracking and browser-fingerprinting techniques that, in the wake of Facebook's Cambridge Analytica scandal, the internet is so afraid of.
The new features are a big deal -- but perhaps not as big of a deal as Apple says they are.
The most noticeable change is that users will receive popups prompting them to grant (or revoke) permission for websites (such as, ahem, Facebook) to use cookies while they browse.
"You can decide to keep your information private," explained Apple VP Craig Federighi onstage.
MORE: 10 Worst Data Breaches of All Time
Apple also announced that Safari will try to block advertisers from using browser fingerprinting, which lets them track users who delete their cookies. (All these features involved Safari on Mojave and iOS 12, but there's no indication they won't also be available for earlier Apple OS's.)
Fingerprinting involves using the information that browsers provide web servers about individual devices, including time zones and installed extensions, fonts and ad blockers. Get enough information, and you can identify individual browsers and track them even without tracking cookies.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!
To combat this, the new Safari will tell web servers only the browser version, operating system, default fonts and generic configurations, making your Mac indistinguishable from many others.
Finally, the new Safari will offer to generate and auto-fill strong passwords and discourage you from using the same password in multiple places. (If you want to save your passwords in more than one browser, try a stand-alone password manager.)
There's no question that these modifications are a good start and may justifiably ease some people's post-Cambridge Analytica fears.
But contrary to what Apple would like you to believe, you can hardly rest easy at this point. For one, as Facebook Chief Security Officer Alex Stamos pointed out on Twitter, the new Safari will still be vulnerable to some other major tracking techniques.
These include tracking pixels, which are tiny invisible images that advertisers can hide in the background of a web page or email message to alert them when you load the content. Safari also won't block sites from using third-party scripts which can also track your browsing.
If you're worried about your browsing data, Firefox and Chrome may still be your best bets.
Mozilla has begun work on integrating a technology called DNS over HTTPS (DoH) into its browser, a technology which encrypts Domain Name Service (DNS) queries to keep ISPs from receiving them (and crooks from tampering with them). Mozilla has also partnered with Cloudflare, an internet infrastructure company known for high standards of security and a publicly available DNS service.
Google is taking a similar approach with Chrome and Android P as well. Its tool of choice, DNS over TLS, uses a protocol called Transport Layer Security (TLS) to establish a secure channel between clients and DNS servers to prevent snoops from obtaining (and tampering with) them. Chrome also features a native ad blocker, but it stops only ads that Google finds too annoying.
Both browsers also support extensions to increase your privacy and security. NoScript on Firefox makes sure no JavaScript runs without your permission, and ScriptSafe offers similar protection in Chrome. Ghostery lets you detect and block trackers on both Firefox and Chrome.
Monica Chin is a writer at The Verge, covering computers. Previously, she was a staff writer for Tom's Guide, where she wrote about everything from artificial intelligence to social media and the internet of things to. She had a particular focus on smart home, reviewing multiple devices. In her downtime, you can usually find her at poetry slams, attempting to exercise, or yelling at people on Twitter.