Skip to content
Euro Tech Talk

Euro Tech Talk

Business Success Through Cutting-Edge Tech Gadgets

  • Home
  • Gadgets
  • Techs
  • Games
  • Socials
    • Latest Trends
  • Businesses
  • Gifts
  • Travels
  • Contacts
  • Home
  • Techs
  • What Apple’s fix for the Safari IndexedDB data leak entails

What Apple’s fix for the Safari IndexedDB data leak entails

Madison Genthry February 17, 2023 5 min read
2362
apple ios homepodmiller9to5mac monterey indexeddb safari

Data leaks are common for browser-based applications that store large amounts of data within the user’s environment. In 2020, Apple released a Safari update to address the IndexedDB data leak, which raises an important question: what is the nature of this fix?

This article will explain what the Apple Safari IndexedDB data leak entails and how the fix released by Apple addresses this vulnerability. This article will also provide other recommendations on taking precautions against potential future breaches and data loss.

First, we’ll discuss the circumstances that caused this vulnerability. It will then discuss Apple’s solution to address it and other measures that users can take to better protect themselves from future security vulnerabilities.

What is IndexedDB?

IndexedDB is a web standard that allows websites to store and access data. It is a powerful way to store data and is quite useful for web development, but it can also be a privacy risk. Apple recently released iOS 15.3 and macOS 12.2 Release Candidates, which patches a data leak issue in Safari’s IndexedDB feature. So let’s take a look at what IndexedDB is and how Apple’s fix works.

How IndexedDB works

IndexedDB is an API in browsers that lets web applications store data locally. It is a client-side database, meaning all data and operations are locally on the user’s device. While other local storage solutions such as LocalStorage and WebSQL provide basic support for different types of data, IndexedDB offers robust support and functionality for large, structured datasets.

IndexedDB creates a database containing stores of objects that are directly linked to an index. This allows the store to quickly query a subset of records by their respective attributes, making it ideal for querying large datasets as it can quickly narrow down results with just a few simple queries. IndexedDB also supports transactions, ensuring data integrity when multiple processes access the same store.

In terms of implementation, IndexedDB works best when used with a library such as React Native’s AsyncStorage library or Mongo-JS (a MongoDB client-side JavaScript library) to map structured data from server-to-client or vice versa. Thus, IndexedDB applications have powerful control over their stored application data on each user device with much less effort than external databases like Google Cloud Firestore or conventional relational databases like MySQL or Oracle Database etc.

What is the data leak?

IndexedDB is a web storage technology which stores data and related metadata in a persistent memory, much like a traditional database or spreadsheet. The data stored by IndexedDB is accessed by an index, similar to an SQL query and can be searched over indexed properties.

apple ios macos monterey tvosespoacute9to5mac

Apple developed IndexedDB to store large amounts of data across multiple devices and platforms with better security than cookies, which were susceptible to cross-site request forgery (CSRF) attacks.

The problem with storing such large amounts of data on browsers was discovered when hackers discovered a way to bypass the security measures within Safari browsers. Essentially, attackers could use manipulation techniques to access sensitive customer information stored by Safari webpages using what was known as “the Safari IndexedDB Data Leak”.

Apple reacted quickly and released a Safari update designed to close the security loophole and prevent further threats from accessing personal customer data stored in this way.

The update included numerous changes aimed at addressing the potential for attacks enabled by the Data Leak, including changes to how certain files containing sensitive content were treated in certain situations and how certain operations could be performed within the IndexedDB architecture. Curbing these vulnerabilities will help ensure customers’ private information is secured when taking advantage of IndexedDB’s capabilities on their macOS or iOS devices running Safari.

Apple fixes Safari IndexedDB data leak in iOS 15.3 and macOS 12.2 Release Candidates

Apple recently released iOS 15.3 and macOS 12.2 Release Candidates, fixing Safari IndexedDB data leak. This new update aims to shore up security and privacy on iOS devices and Macs by addressing the underlying issue that caused the leaked data. Here, we will explore the details of Apple’s fix and what it entails.

What Apple has done

Apple has recognized the potential security risk posed by the Safari IndexedDB data leak. As such, it has released a set of updates to address the privacy loophole.

Firstly, Apple has rolled out an update that will inform users when websites try to access their personal information. This update is available for Mac OS Lion v10.7.4 and up and iOS 5.0 and later versions for smartphone users. By providing this information, users can take appropriate action – such as changing the intended website’s permission settings or opting not to permit at all – that can keep their private data secure.

apple ios homepodmiller9to5mac indexeddb api safari

Moreover, Apple is bringing some changes within Safari’s JavaScript render engine by replacing “indexedDB” with a new browser storage system called AppCache. This new addition prevents websites from storing data on viewers’ devices without their consent and limits third-party organisations’ ability to access it without their approval.

Finally, Apple recommends that users regularly clear out their stored browser data through its ‘Clear History & Website Data’ feature or a privacy-focused third-party cleaning tool designed specifically for this task, such as CleanMyMac X or Conexis Mobile Phone Cleaner software programs available at the App Store respectively.

Overall, these specific solutions implemented by Apple help promote safer browsing experiences by safeguarding end-users’ privacy in terms of how their personal information is securely handled on digital platforms and devices connected to them moving forward.

What this means for users

This Safari IndexedDB data leak saga reminds Apple users to think carefully before opting into any new features. Monitoring your data usage and managing your privacy settings can go a long way to ensure that the application and services you use safeguard your important personal information.

apple ios relayespoacute9to5mac

For Apple specifically, this fix means deleting all IndexedDB WKWebsiteDataRecords from Safari databases created by third-party websites. Though these records have previously been present in Safari 12.1 and all variants if iOS 12.2 or earlier, with the addition of iOS 12.3, the issue should be resolved for now — however it is possible for indexing and searching of websites with WebKit to resume should Apple enable it again in an upcoming software release. To ensure that such an incident does not repeat itself, users are advised to regularly check their version of Safari and keep up-to-date with any subsequent security patches released at regular intervals by Apple.

It is also important for developers of web applications that use IndexedDB API methods to periodically review how their websites utilise this technology and consider how it might be necessary to revise their implementation accordingly as Safari updates arise or when feature roadmaps change over time. In addition, in future issues with similar security leaks being identified Apple may need the help of these developers to fully resolve them going forward.

tags = IndexedDB, homepod, 9to5Mac, iphone reviews, iphone preferences, apple ios icloud relayespoacute9to5mac, apple ios private relayespoacute9to5mac,

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
Tags: side

Continue Reading

Previous: FAQs about iOS 14 Updates
Next: The Challenges of 5G Technology

Trending

What is Genshin Impact and how to run it on Mac 1

What is Genshin Impact and how to run it on Mac

April 29, 2022
$700 Gaming PC Build 2

$700 Gaming PC Build

November 23, 2021
Battlefield 1 guide 3

Battlefield 1 guide

November 14, 2021
5 Best RGB Fans (2020) 4

5 Best RGB Fans (2020)

November 9, 2021

Related Stories

The Role of ABBYY Vantage in Modern Document Intelligence
5 min read

The Role of ABBYY Vantage in Modern Document Intelligence

April 30, 2025 46
How HR Teams Can Use AI Tools to Transform Their Workflow Image3
5 min read

How HR Teams Can Use AI Tools to Transform Their Workflow

April 30, 2025 47
The Evolution of Cloud Threats: What Tech Leaders Need to Prioritise in 2025 Image1
3 min read

The Evolution of Cloud Threats: What Tech Leaders Need to Prioritise in 2025

April 29, 2025 49
Using Free Chat PDF Tools: Transform How You Interact With Documents Image2
5 min read

Using Free Chat PDF Tools: Transform How You Interact With Documents

April 18, 2025 105
Intelligent Document Processing Solutions: A Comparative Analysis Image2
6 min read

Intelligent Document Processing Solutions: A Comparative Analysis

April 1, 2025 171
The Ultimate Guide to Hreflang Tags for International SEO Image2
10 min read

The Ultimate Guide to Hreflang Tags for International SEO

March 27, 2025 199

recent

Everything you need to know: Airpods 1

Everything you need to know: Airpods

August 10, 2022
Charge iPhone Faster 2

Charge iPhone Faster

August 10, 2022
2360 Vexalor Lane
Qyntharil, DE 48293
  • About The Crew
  • Contact Us
  • Privacy Policy
  • T/C
  • Latest Trends
© 2023 Eurotechtalk.com
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT