Here's how Apple protects your privacy in Safari with Intelligent Tracking Protection 2.0
Apple released a new Safari Tech Preview on Wednesday, and it includes the Intelligent Tracking Protection 2.0 that was promised at WWDC. AppleInsider looks at what Apple is doing to ensure your protection and privacy as you go about your business on the web.
The new version of Intelligent Tracking Protection kills the old 24-hour window that Safari used to keep tracking cookies from sites you visit. Instead, a website can request tracking privileges, but the user has to specifically opt in.
If the user allows the cookie, it is deleted after the user stops visiting the site after 30 days of Safari use. If you go on vacation and don't use Safari at all, those days aren't counted.
Users can also opt in to permanent tracking, without a 30-day cookie purge. For example, if you subscribe to YouTube Music, the cookies won't be purged -- assuming you stay logged into the service and keep using it by actively clicking on a link, using the service, or making an entry in a form on the site.
The new Safari also isn't fooled by a "first party bounce tracker" across multiple browser redirects. The quick redirects won't be allowed to deposit cookies at all, and Safari won't log them as having user interaction, nor will it reset any day counter.
Widgets or embeds in a website have independent tracking of the site visited. For example, if you watched one of our videos embedded in the corresponding article on AppleInsider, you'd have to grant YouTube permission to deposit a tracking cookie independently if you haven't already.
As a result of all this, "federated logins" from social media sites will be less able, or prevented entirely, from tracking a user across the web. With the new Safari, the user can only be identified and request tracking authorization when the user actually interacts with the social media content, like writing a comment or playing a video.
So, if you've shopped on Amazon for something, you'll only see related ads if you've granted FaceBook the permission to do so in Safari explicitly.
And, if you have regrets after granting one website or another tracking access, the new Safari will retract all granted permissions when the user clears Safari history.
Intelligent Tracking Protection 2.0 debuted on stage at WWDC earlier in June, and didn't roll out to Safari Tech Preview testers until Wednesday. It will come to all users on macOS Mojave and iOS 12 in the fall on all devices that support the new operating systems.
The new version of Intelligent Tracking Protection kills the old 24-hour window that Safari used to keep tracking cookies from sites you visit. Instead, a website can request tracking privileges, but the user has to specifically opt in.
If the user allows the cookie, it is deleted after the user stops visiting the site after 30 days of Safari use. If you go on vacation and don't use Safari at all, those days aren't counted.
Users can also opt in to permanent tracking, without a 30-day cookie purge. For example, if you subscribe to YouTube Music, the cookies won't be purged -- assuming you stay logged into the service and keep using it by actively clicking on a link, using the service, or making an entry in a form on the site.
The new Safari also isn't fooled by a "first party bounce tracker" across multiple browser redirects. The quick redirects won't be allowed to deposit cookies at all, and Safari won't log them as having user interaction, nor will it reset any day counter.
Widgets or embeds in a website have independent tracking of the site visited. For example, if you watched one of our videos embedded in the corresponding article on AppleInsider, you'd have to grant YouTube permission to deposit a tracking cookie independently if you haven't already.
As a result of all this, "federated logins" from social media sites will be less able, or prevented entirely, from tracking a user across the web. With the new Safari, the user can only be identified and request tracking authorization when the user actually interacts with the social media content, like writing a comment or playing a video.
So, if you've shopped on Amazon for something, you'll only see related ads if you've granted FaceBook the permission to do so in Safari explicitly.
And, if you have regrets after granting one website or another tracking access, the new Safari will retract all granted permissions when the user clears Safari history.
Intelligent Tracking Protection 2.0 debuted on stage at WWDC earlier in June, and didn't roll out to Safari Tech Preview testers until Wednesday. It will come to all users on macOS Mojave and iOS 12 in the fall on all devices that support the new operating systems.
Comments
We'll be talking more about VPNs, private browsing, and incognito mode very soon.
Off topic: A modest request. I love that macOS is named because going by a version number isn't very consumer friendly, but I'd like that same system to be applied to all of Apple's major OSes. We don't drop the version numbers (and build numbers), we just keep them as part of the system. The name Mojave is marketable, and since we now these OSes being launched all at the same time because of how connected all these OSes are, I'd love to see them drop adopt something like: macOS Mojave, iOS Mojave: tvOS Mojave, watchOS Mojave.
This reminds me of a few years ago when everyone was talking about backups. But with Apple's, TimeMachine, iCloud Backup, DropBox, etc. Backups have almost become automatic.
This is where web security should be.
Best
EDIT: Okay, this is either humorous or an actual cause for concern. Wait, unless this isn’t the real website; it seems uBlock Origin only has a GitHub page...
Oh, I’m sure they will. Apple updates Safari for several past versions of OS X today.
Aside, in looking for the Safari download page to confirm that it does go to several past versions, I found that the Dashboard widget page is still up. Simpler times.
I recently tried to create a secondary gmail account. I didn't want to leave breadcrumbs all over my digital space, so tried to do it via the TOR browser. Unfortunately, Google now asks for a mobile number so the whole process was moot. It did think that I was in Scandinavia, but I couldn't move ahead.