On the market for an iPhone? Here's a breakdown of all the currently shipping iPhones from Apple.
Apple Clarifies Tencent's Role in Fraudulent Website Warnings, Says No URL Data is Shared and Checks are Limited to Mainland China
Following user concern over Apple using Chinese company Tencent as one of its Safe Browsing partners for Safari, Apple has issued a statement assuring customers that website URLs are not shared with its safe browsing partners.
For those unfamiliar with the feature, Safari sends data to Google Safe Browsing to cross reference URLs against a blacklist to protect users against scams and malicious sites. It recently came to light that Apple is also using Tencent for this purpose, and there was concern that data from users outside of China was being sent to Tencent.
According to Apple's statement, that is not the case, and Tencent is used for devices that have their region code set to mainland China. Users in the United States, the UK, and other countries do not have their website browsing checked against Tencent's safe list.
Prior to loading a website, when the fraudulent website warning feature is toggled on, Safari checks whether a website URL has a hash prefix to match the hash prefixes of malicious sites. If a match is found, Safari sends the hash prefix to its safe browsing provider and then asks for the full list of URLs that have a hash prefix that matches the suspicious one.
When Safari receives the list of URLs, it checks the original suspicious URL against the list, and if there is a match, Safari shows the warning pop up suggesting users stay away from the site. The check happens on the user's device, and the URL itself is not shared with the safe browsing provider, but because Safari communicates directly with the safe browsing provider, the providers do receive device IP addresses.
Information about Apple's safe browsing partners can be found in the About Safari and Privacy screen, available in the Privacy and Security section of the Safari portion of the Settings app. Fraudulent website protection is enabled by default, and those still concerned about the safety check feature can turn it off by deselecting the "Fraudulent Website Warning" toggle.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
For those unfamiliar with the feature, Safari sends data to Google Safe Browsing to cross reference URLs against a blacklist to protect users against scams and malicious sites. It recently came to light that Apple is also using Tencent for this purpose, and there was concern that data from users outside of China was being sent to Tencent.
According to Apple's statement, that is not the case, and Tencent is used for devices that have their region code set to mainland China. Users in the United States, the UK, and other countries do not have their website browsing checked against Tencent's safe list.
Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.Safari occasionally receives a list of hash prefixes of URLs known to be malicious from Google or Tencent, choosing between them based on the device's region setting (Tencent for China, Google for other countries). Hash prefixes are the same across multiple URLs, which means the hash prefix received by Safari does not uniquely identify a URL.
To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.
Prior to loading a website, when the fraudulent website warning feature is toggled on, Safari checks whether a website URL has a hash prefix to match the hash prefixes of malicious sites. If a match is found, Safari sends the hash prefix to its safe browsing provider and then asks for the full list of URLs that have a hash prefix that matches the suspicious one.
When Safari receives the list of URLs, it checks the original suspicious URL against the list, and if there is a match, Safari shows the warning pop up suggesting users stay away from the site. The check happens on the user's device, and the URL itself is not shared with the safe browsing provider, but because Safari communicates directly with the safe browsing provider, the providers do receive device IP addresses.
Information about Apple's safe browsing partners can be found in the About Safari and Privacy screen, available in the Privacy and Security section of the Safari portion of the Settings app. Fraudulent website protection is enabled by default, and those still concerned about the safety check feature can turn it off by deselecting the "Fraudulent Website Warning" toggle.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
[ 168 comments ]
Top Rated Comments
(View all)
14 weeks ago
A Chinese company is your "safe" browsing partner ... what are you smoking Apple.
[automerge]1571070868[/automerge]
... for Chinese users.
14 weeks ago
Looks like i8t's slowly the time to depart from Safari.
If they continue hugging this much with China, looks like it will soon be the time to depart from Apple as well.
I mean, seriously, what the heck, Apple???
How is it "hugging with China" if literally the only people that (voluntarily) deal with the Chinese provider are... people in China? Also, you can turn it off, so this isn't a Safari thing either.
I swear people either don't read or just choose to take out of it what they want lol. This is absolutely a non-issue, but people are seeing trigger words and running with it.
14 weeks ago
A Chinese company is your "safe" browsing partner ... what are you smoking Apple.
[automerge]1571070868[/automerge]
[automerge]1571070868[/automerge]
14 weeks ago
Apple is digging its own grave with all of the recent pro-China (aka pro-CCP) narrative.
First, it was Apple's direct anti-democracy stance against HK and now this. Shame on them. I'm very glad to not have upgraded my iPhone in almost 3 years.
Given that Google is blocked in China, what would you suggest they do in this instance?
14 weeks ago
so everyone freaked out about privacy when in reality the list is cached and evaluated locally for both China and the rest of the world and only those that match a list of known problem sites are sent for further evaluation. OK.
14 weeks ago
It is so infuriating to read all the posts from people who think this is any kind of privacy concern. There is no problem here at all. Nothing interesting or personal from your device is being sent to Google or Tencent. The system is designed with privacy in mind and the way it works is not suspicious at all.
14 weeks ago
Apple is digging its own grave with all of the recent pro-China (aka pro-CCP) narrative.
First, it was Apple's direct anti-democracy stance against HK and now this. Shame on them. I'm very glad to not have upgraded my iPhone in almost 3 years.
First, it was Apple's direct anti-democracy stance against HK and now this. Shame on them. I'm very glad to not have upgraded my iPhone in almost 3 years.
14 weeks ago
so everyone freaked out about privacy when in reality the list is cached and evaluated locally for both China and the rest of the world. OK.
I wouldn't say '"everyone," just those ignorant enough to not wait for the full/both sides of the story.
I dont want to get political, but since this is in that section, this is EXACTLY why many many people agree with the President on that topic. There is FAR too much sloppy reporting/rereporting of news that isnt fully vetted before putting out there.
And once a juicy story gets out there statically far far more people see the original story than retraction. The damage is done
14 weeks ago
The thing is that with this Apple basically supports everything that China is doing with their people.
First, they allowed China to be able to sift through data on iCloud servers as they wish. Second, banning app that helped Hong Kong protesters to gather and organize their protest, using lame excuse that protestors used app to "target individual police officers and harass and assault them (how little of brain do you have to have to actually believe this).
Now this, this is another in a row of supporting China's oppression towards Chinese people. Tencent's "fraudulent website list" can be anything that Chinese doesn't see fit. Anything. If Chinese government is uncomfortable with it, than it is gonna be on "fraudulent sites list".
I am wondering where is the limit to Apple's hypocrisy?
First, they allowed China to be able to sift through data on iCloud servers as they wish. Second, banning app that helped Hong Kong protesters to gather and organize their protest, using lame excuse that protestors used app to "target individual police officers and harass and assault them (how little of brain do you have to have to actually believe this).
Now this, this is another in a row of supporting China's oppression towards Chinese people. Tencent's "fraudulent website list" can be anything that Chinese doesn't see fit. Anything. If Chinese government is uncomfortable with it, than it is gonna be on "fraudulent sites list".
I am wondering where is the limit to Apple's hypocrisy?
[ Read All Comments ]
Accessory makers Anker and Aukey have a new batch of discounts on popular charging and audio accessories this week, with prices starting as low as $9.99 for wireless chargers. In total you can...
Amazon and Best Buy today are offering a couple of solid discounts on the MacBook Pro in various configurations. In the sales, there are lowest-ever prices on the 15-inch MacBook Pro and 16-inch...
Back in 2015, Tim Cook threw his weight behind a water-efficient shower head called Nebia, which sprays in a way that uses less water, but still keeps people warm. It doesn't have an Apple logo...
Nintendo has announced that a second round of multiplayer testing for Mario Kart Tour is "on the way," and this time everyone's invited.
Nintendo first began testing a multiplayer...
Minimalist sleep tracking app NapBot has received an update that brings a range of improvements for both watchOS and iOS components of the app.
The app uses the new CoreML on-device...
Instagram is dropping the IGTV button from the top-right corner of the app's home screen because not enough people are interacting with it.
First launched in June 2018, IGTV is...
Epic Games' latest update to the iOS version of popular battle royale title Fortnite that enables iPad Pro owners to run the game at 120 frames per second.
iPad Pro owners wanting to make...
Apple CEO Tim Cook has taken to Twitter this weekend to share a behind-the-scenes look at the making of new Apple TV+ show "Little America."
The entire first season of the immigrant...
