https://www.theverge.com/2022/1/16/22886809/safari-15-bug-leak-browsing-history-personal-information
Safari 15 bug can leak your browsing activity and personal identifiers

Apple's application of the IndexedDB API in Safari 15 violates the
same-origin policy according to research published today by FingerprintJS.

When a website interacts with a database in Safari, FingerprintJS says that
"a new (empty) database with the same name is created in all other active
frames, tabs, and windows within the same browser session."

This means other websites can see the name of other databases created on
other sites, which could contain details specific to your identity.

All Apple browsers are affected by this flaw which was reported to Apple in
November and Apple hasn't done anything about it as far as we know.

The article is a little misleading when they say Apple restricts
browsers in iOS to Safari. The iOS App Store includes Brave (my browser
of choice in all devices), Chrome (Which I never use unless a client is
having an issue with Chrome and wants me to troubleshoot it), Duck Duck
Go, Aloha, Firefox, Edge, Epic, and others.

Now, another name change and thread to add to my kill file to miss Arlen
and his Apple hate threads. He'll make his response personal, but I'll
miss it.

YK

On 1/16/22 11:09 PM, NewsKrawler wrote:
> https://www.theverge.com/2022/1/16/22886809/safari-15-bug-leak-browsing-history-personal-information
> Safari 15 bug can leak your browsing activity and personal identifiers
>
> Apple's application of the IndexedDB API in Safari 15 violates the
> same-origin policy according to research published today by FingerprintJS.
>
> When a website interacts with a database in Safari, FingerprintJS says that
> "a new (empty) database with the same name is created in all other active
> frames, tabs, and windows within the same browser session."
>
> This means other websites can see the name of other databases created on
> other sites, which could contain details specific to your identity.
>
> All Apple browsers are affected by this flaw which was reported to Apple in
> November and Apple hasn't done anything about it as far as we know.

On 1/16/2022 8:34 PM, YK wrote:
> The article is a little misleading when they say Apple restricts
> browsers in iOS to Safari. The iOS App Store includes Brave (my browser
> of choice in all devices), Chrome (Which I never use unless a client is
> having an issue with Chrome and wants me to troubleshoot it), Duck Duck
> Go, Aloha, Firefox, Edge, Epic, and others.

Not quite.

Remember on iOS Brave ≠ Brave, Chrome ≠ Chrome, etc.. Apple _requires_
that all browsers for iOS be based on WebKit, which means that
functionality that is present on the same browser on Android or Windows
or OSx, is not necessarily present on the iOS version.

See: <https://9to5google.com/2021/05/03/ios-browsers-underpowered-apple/>.

I added this as #135a on the document
<https://tinyurl.com/iOS-Android-Features>.

On Sun, 16 Jan 2022 21:53:30 -0800, sms wrote:

> Remember on iOS Brave �� Brave, Chrome �� Chrome, etc.. Apple _requires_
> that all browsers for iOS be based on WebKit,

YK is as ignorant as all the other apologists if he doesn't even know that
Apple requires browsers to use that untested insecure webkit
(which has so many holes in the code you can drive a truck through it).

FACT:
WebKit is so "underpowered" (as Google engineers called it) that even the
Tor Project had to make these excuses for the lack of privacy in WebKit.
*Can I run Tor Browser on an iOS device?*
<https://support.torproject.org/tormobile/tormobile-3/>
"Apple requires browsers on iOS to use something called Webkit,
which prevents [any browser] from having the same privacy
protections as Tor Browser"

ASSESSMENT:
Apple merely _advertises_ privacy without ever actually delivering it.
--
No high tech company has _lower_ R&D costs overall, than does Apple.
Part of that low R&D is because Apple testing is almost not existent.

Am 17.01.22 um 05:34 schrieb YK:
> The article is a little misleading when they say Apple restricts
> browsers in iOS to Safari. The iOS App Store includes Brave (my browser
> of choice in all devices), Chrome (Which I never use unless a client is
> having an issue with Chrome and wants me to troubleshoot it), Duck Duck
> Go, Aloha, Firefox, Edge, Epic, and others.
>
> Now, another name change and thread to add to my kill file to miss Arlen
> and his Apple hate threads. He'll make his response personal, but I'll
> miss it.
>
> YK
>
> On 1/16/22 11:09 PM, NewsKrawler wrote:
>> https://www.theverge.com/2022/1/16/22886809/safari-15-bug-leak-browsing-history-personal-information
>> Safari 15 bug can leak your browsing activity and personal identifiers
>>
>> Apple's application of the IndexedDB API in Safari 15 violates the
>> same-origin policy according to research published today by FingerprintJS.
>>
>> When a website interacts with a database in Safari, FingerprintJS says that
>> "a new (empty) database with the same name is created in all other active
>> frames, tabs, and windows within the same browser session."
>>
>> This means other websites can see the name of other databases created on
>> other sites, which could contain details specific to your identity.
>>
>> All Apple browsers are affected by this flaw which was reported to Apple in
>> November and Apple hasn't done anything about it as far as we know.
>

First: Your top posting sucks. *You* run the risk to appear in killfiles.

Second: You do not understand the limitations imposed by Apple on other
browser developpers.

--
De gustibus non est disputandum

In message <ss308r$em9$1@dont-email.me> sms <scharf.steven@geemail.com> wrote:
> On 1/16/2022 8:34 PM, YK wrote:
>> The article is a little misleading when they say Apple restricts
>> browsers in iOS to Safari. The iOS App Store includes Brave (my browser
>> of choice in all devices), Chrome (Which I never use unless a client is
>> having an issue with Chrome and wants me to troubleshoot it), Duck Duck
>> Go, Aloha, Firefox, Edge, Epic, and others.

> Not quite.

> Remember on iOS Brave ≠ Brave, Chrome ≠ Chrome, etc.. Apple _requires_
> that all browsers for iOS be based on WebKit, which means that
> functionality that is present on the same browser on Android or Windows
> or OSx, is not necessarily present on the iOS version.

Thinks like data harvesting, private certs so they can spy on your
encrypted communication, super cookies, and ad injection.

> I added this

Of course you did.

--
Spontaneity has its time and place.

Am 17.01.22 um 06:53 schrieb sms:
> See: <https://9to5google.com/2021/05/03/ios-browsers-underpowered-apple/>.
>
> I added this as #135a on the document
> <https://tinyurl.com/iOS-Android-Features>.

You are simply a *stupid Troll*

Intelligent Trolls switch the product when they have so much to
complain. But even to understand this inherent logic is too ambitious
for you. Have fun with your iPhone.

--
De gustibus non est disputandum

In article <slrnsua76s.200n.g.kreme@zephyrus.local>, Lewis
<g.kreme@kreme.dont-email.me> wrote:

> In message <ss308r$em9$1@dont-email.me> sms <scharf.steven@geemail.com> wrote:
> > Remember on iOS Brave ‚ Brave, Chrome ‚ Chrome, etc.. Apple _requires_
> > that all browsers for iOS be based on WebKit, which means that
> > functionality that is present on the same browser on Android or Windows
> > or OSx, is not necessarily present on the iOS version.
>
> Thinks like data harvesting, private certs so they can spy on your
> encrypted communication, super cookies, and ad injection.

in addition to webkit's better security, there is also javascript
acceleration.

On Mon, 17 Jan 2022 06:08:18 -0500, nospam wrote:

> in addition to webkit's better security, there is also javascript
> acceleration.

The sure mark of a bullshitter is he can't cite even a _single_ fact that
underlies his statements, like that above, of "better security" for webkit.

Can nospam cite even a _single_ source outside of Apple for that assessment?
*Name Just One*

I can cite _plenty_ of reliable sources that say otherwise, e.g.,
*Can I run Tor Browser on an iOS device?*
<https://support.torproject.org/tormobile/tormobile-3/>
"Apple requires browsers on iOS to use something called Webkit,
which prevents [any browser] from having the same privacy
protections as Tor Browser"

And there are scores to hundreds more found by a simple search:
<https://duckduckgo.com/?q=apple+huge+webkit+security+flaws>

To the bullshitter nospam (and Lewis & Jolly Roger of the same ilk).
*Name just one fact underlying your _entire_ belief system.*

Name just one.

On Mon, 17 Jan 2022 08:40:21 +0100, Joerg Lorenz wrote:

> switch the product when they have so much to
> complain.

Hi Joerg,

What you don't understand is that there are people out there who own a
product who simply want the company to do a better job of QA testing.

As you well know, there are _zero_ high tech companies out there that
have _lower_ R&D development as a function of revenue than Apple and
even worse - there are plenty of far smaller high tech companies with
far greater R&D.

One huge way Apple eliminates R&D costs is that Apple never tests sufficiently
and these vast and varied and repeated webkit flaws prove it.

*WebKit security flaws haunt Apple's iTunes*
<https://www.zdnet.com/article/webkit-security-flaws-haunt-apples-itunes/>

*Apple Update Fixes WebKit Flaws in iOS*
<https://threatpost.com/apple-update-fixes-webkit-flaws-in-ios-safari/154155/>

*To fix WebKit security flaws, Apple releases updates to iOS, macOS, and watchOS*
<https://www.bollyinside.com/news/to-fix-webkit-security-flaws-apple-releases-updates-to-ios-macos-and-watchos>

*No patch in sight for Safari 15 webkit serious security flaw*
<https://www.techradar.com/news/safari-15-may-have-a-serious-security-flaw-no-patch-in-sight>

The list goes on forever.
Just run a search for "webkit security flaw" and you'll be reading for weeks.