1. Forum
  2. Fidonet
  3. MOBILE

  • *Safari bug exposes Apple users' browser history and Google account

    From August Abolins@2:460/256 to All on Tue Jan 18 14:53:26 2022
    Hi All...

    *Safari bug exposes Apple users' browser history and Google account details*

    A bug in Safari?s IndexedDB implementation on Mac and iOS means a website can see the names of databases for any domain, not just its own. (Independent)

    For instance, Google services store an IndexedDB instance for each of your logged in accounts, with the name of the database corresponding to your Google User ID.

    Using the exploit described in the blog post, a nefarious site could scrape your Google User ID and then use that ID to find out other personal information about you, as the ID is used to make API requests to Google services

    Ciao!
    /|ug (https://t.me/aabolins)

    --- Want fido for iOS/MacOS/Android/Win/Linux? Info=https://shrtco.de/tpJ9yV
    * Origin: Fido by Telegram BBS from Stas Mishchenkov (2:460/256)
  • From Erich Bublitz@1:153/757 to August Abolins on Wed Jan 19 19:57:48 2022
    Hi All...
    *Safari bug exposes Apple users' browser history and Google account details* A bug in Safari?s IndexedDB implementation on Mac and iOS means a website can see the names of databases for any domain, not just its own. (Independent) For instance, Google services store an IndexedDB instance for each of your
    logged in accounts, with the name of the database corresponding to your Google
    User ID.
    Using the exploit described in the blog post, a nefarious site could scrape
    your Google User ID and then use that ID to find out other personal informatio
    about you, as the ID is used to make API requests to Google services
    Ciao!
    /|ug (https://t.me/aabolins)

    Wow! Incredible story there.

    --- BBBS/Li6 v4.10 Toy-5
    * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)