iOS 12.2 and Safari 12.1 for macOS Include Updated Intelligent Tracking Prevention Feature

safari iconSafari in the iOS 12.2 beta and Safari 12.1 for macOS High Sierra and Mojave includes an updated version of Intelligent Tracking Prevention, according to details shared on Apple's WebKit blog.

ITP 2.1, as Apple is calling it, caps client-side cookie storage to seven days. After this time period, cookies expire. As outlined by Apple, this offers improvements in privacy, security, and performance. From Apple's WebKit blog:

- Cross-site trackers have started using first-party sites' own cookie jars for the purpose of persistent tracking. The first-party storage space is especially troublesome for privacy since all tracker scripts in the first-party context can read and write each other's data. Say social.example writes a user tracking ID as a news.example first-party cookie. Now analytics.example, adnetwork.example, and video.example can leverage or cross pollinate that user tracking ID through their scripts on news.example.

- Cookies available in document.cookie can be stolen by speculative execution attacks on memory. Therefore, they should not carry sensitive information such as credentials.

- Cookies available in document.cookie can be stolen by cross-site scripting attacks. Again, therefore, they should not carry sensitive information such as credentials.

- The proliferation of cookies slows down page and resource loads since cookies are added to every applicable HTTP request. Additionally, many cookies have high entropy values which means they cannot be compressed efficiently. We come across sites with kilobytes of cookies sent in every resource request.

- There is a size limit on outgoing cookie headers for performance reasons, and websites risk hitting this limit when cross-site trackers add first-party cookies. We've investigated reports of news site subscribers getting spuriously logged out, and found that trackers were adding so many cookies that the news site's legitimate login cookie got pushed out.

The cookie storage limits will not log users out as long as websites are using the appropriate authentication cookies because it only affects cookies created through document.cookie.

ITP 2.1 also allows for just a single set of cookies per site rather than multiples, and third party tools with cross-site tracking capabilities need to use the Storage Access API to get cookie access.

Apple says this change simplifies cookie behavior for developers, lowers the memory footprint of Safari, and makes Intelligent Tracking Prevention compatible with more platforms.

A verified partitioned cache for cutting down on cache abuse for tracking purposes is also included, and as we covered earlier this month, support for Do Not Track has been disabled.

Apple says that it is removing Do Not Track because most websites never paid any attention to it since it was opt-in and could be ignored.

The DNT project recently ended without the publication of a standard, in part "because there has not been sufficient deployment of these extensions (as defined) to justify further advancement." Given the lack of deployment of DNT and Safari's on by default privacy protections such as ITP, Safari removed support for DNT so that users are not presented with a misleading and ineffective privacy control that, if anything, only offered additional browser fingerprinting entropy.

Additional details on the Intelligent Tracking Prevention updates being introduced are available via Apple's full WebKit blog post.

Tag: Safari

Top Rated Comments

AngerDanger Avatar
49 months ago
Eh, I never liked that tracking prevention stuff. Just be smart, and advertisers won't learn a thing about you.



Attachment Image
Score: 39 Votes (Like | Disagree)
IRockThat828pScreen Avatar
49 months ago
Can you elaborate? Your screenshot doesn't seem to illustrate much other than you being interested in Singles sites.

Some ideas for people:
[LIST=1]
* Use Private Browsing for sites you don't want tracking you. This loads the site into a blank slate, with no existing cookies in place.
* Use /etc/hosts to block common ad-serving hosts. These load from 127.0.0.1 (localhost) and the requests will never leave your computer.

wooosh
Score: 16 Votes (Like | Disagree)
techguy9 Avatar
49 months ago
Can you elaborate? Your screenshot doesn't seem to illustrate much other than you being interested in Singles sites.

Some ideas for people:
[LIST=1]
* Use Private Browsing for sites you don't want tracking you. This loads the site into a blank slate, with no existing cookies in place.
* Use /etc/hosts to block common ad-serving hosts. These load from 127.0.0.1 (localhost) and the requests will never leave your computer.

It’s a joke comment.
Score: 10 Votes (Like | Disagree)
keysofanxiety Avatar
49 months ago
Eh, I never liked that tracking prevention stuff. Just be smart, and advertisers won't be able to learn a thing about you.

This made my evening. Thank you.

Can you elaborate? Your screenshot doesn't seem to illustrate much other than you being interested in Singles sites.

Some ideas for people:
[LIST=1]
* Use Private Browsing for sites you don't want tracking you. This loads the site into a blank slate, with no existing cookies in place.
* Use /etc/hosts to block common ad-serving hosts. These load from 127.0.0.1 (localhost) and the requests will never leave your computer.

I know of two things that can break the speed of sound: the Concorde, and that joke flying over your head.
Score: 9 Votes (Like | Disagree)
swanseaboy Avatar
49 months ago
If only we could have a functional cookie manager...
Score: 7 Votes (Like | Disagree)
smithrh Avatar
49 months ago
I completely wipe cookies every time I think of it - say, every 1-3 days.

It's never been a negative.

Cookies aren't for users, they're for advertisers and people who want to track you.

Passwords aren't an issue with password fill.
Score: 5 Votes (Like | Disagree)

Popular Stories

iOS 16

Apple Releases iOS 16.1.2 With Carrier Improvements and Crash Detection Optimizations

Wednesday November 30, 2022 10:09 am PST by
Apple today released iOS 16.1.2, another minor bug fix update that comes one week after the release of iOS 16.1.1 and three weeks after the launch of iOS 16.1, an update that added support for iCloud Shared Photo Library, Matter, Live Activities, and more. The iOS 16.1.2 update can be downloaded on eligible iPhones over-the-air by going to Settings > General > Software Update. According...
Emergency SOS via Satellite iPhone YT

Apple's iPhone 14 Emergency SOS via Satellite Feature Saves Stranded Man in Alaska

Thursday December 1, 2022 4:37 pm PST by
With the launch of iOS 16.1, Apple rolled out a Emergency SOS via Satellite, which is designed to allow iPhone 14 owners to contact emergency services using satellite connectivity when no cellular or WiFi connection is available. The feature was put to the test in Alaska today, when a man became stranded in a rural area. In the early hours of the morning on December 1, Alaska State Troopers ...
General iOS 16 Feature Yellow

iOS 16.2 for iPhone Launching This Month With These 8 New Features

Thursday December 1, 2022 8:44 am PST by
Apple plans to publicly release iOS 16.2 for the iPhone in mid-December, according to Bloomberg's Mark Gurman. The update remains in beta testing for now, with at least eight new features and changes already uncovered so far. iOS 16.2 introduces a number of new features, including Apple's new whiteboard app Freeform, two new Lock Screen widgets for Sleep and Medications, the ability to hide...
applefifthavenue

Man Robbed After Buying 300 iPhones From Apple Fifth Avenue

Tuesday November 29, 2022 11:54 am PST by
An unnamed 27-year-old man who purchased 300 iPhones from Apple Fifth Avenue on Monday morning was robbed shortly after leaving the store, according to 1010Wins Radio in New York. He was carrying 300 iPhone 13s in three bags and walking to his car at 1:45 a.m. when another car pulled up next to him. Two men jumped out and demanded that he hand over the bags. Not wanting to hand over 300...
14 vs 16 inch mbp m2 pro and max feature 1

'M2 Max' Geekbench Scores Leak Online, Revealing Rumored Specs and Performance

Wednesday November 30, 2022 2:39 am PST by
Geekbench scores allegedly for the upcoming "M2 Max" chip have surfaced online, offering a closer look at the performance levels and specific details of the forthcoming Apple silicon processor. The Geekbench results, first spotted on Twitter, are for a Mac configuration of with the M2 Max chip, a 12-core CPU, and 96GB of memory. The Mac listed has an identifier "Mac14,6," which could be...
iPad 10 Battery Pull Tabs

iPad 10 Teardown Reveals Why Device Isn't Compatible With Apple Pencil 2

Thursday December 1, 2022 10:48 am PST by
Do-it-yourself repair website iFixit today shared a video teardown of Apple's new 10th-generation iPad, providing a closer look inside the tablet and revealing why the device lacks support for the second-generation Apple Pencil. The teardown reveals the internal layout of the iPad, including its two-cell 7,606 mAh battery, logic board with the A14 Bionic chip, and more. As suspected, the...
Apple Park View

Elon Musk Meets With Apple CEO Tim Cook Amid Claims of Twitter App Store Dispute [Updated]

Wednesday November 30, 2022 12:43 pm PST by
Twitter CEO Elon Musk today met with Apple CEO Tim Cook at the Apple Park campus in Cupertino, California, according to a tweet shared by Musk this afternoon. Musk thanked Cook for taking him around Apple's headquarters, with no mention of what the two might have discussed. The meeting comes just after Musk on Monday claimed that Apple has "mostly stopped" offering ads on Twitter, and that...
eufy camera

Anker's Eufy Cameras Caught Uploading Content to the Cloud Without User Consent [Updated]

Tuesday November 29, 2022 1:01 pm PST by
Anker's popular Eufy-branded security cameras appear to be sending some data to the cloud, even when cloud storage is disabled and local only storage settings are turned on. The information comes from security consultant Paul Moore, who last week published a video outlining the issue. According to Moore, he purchased a Eufy Doorbell Dual, which was meant to be a device that stored video...
app store awards 2021

Apple Announces 2022 App Store Award Winners, Highlighting Best Apps of the Year

Tuesday November 29, 2022 3:10 am PST by
Apple today announced its 2022 App Store Award winners, highlighting the 16 best apps and games selected by Apple's global App Store editorial team. The top apps were chosen by Apple for their quality, innovative technology, creative design, positive cultural impact, and ability to deliver "exceptional experiences." Apple CEO Tim Cook said: This year's App Store Award winners reimagined...
iOS 16

Apple Still Has These 5 Things to Release Heading Into 2023

Thursday December 1, 2022 7:12 am PST by
The calendar has turned to December and that means Apple has only one month left to fulfill its promises of releasing an Apple Music Classical app and expanding its self-service repair program to Europe before the end of 2022. Delays are always possible, of course, so the plans could be pushed back to 2023. In any case, we have put together a list of five things that Apple still has to release...