You are reading the article Another China Controversy For Apple: Sending User Browsing Data To Tencent updated in September 2023 on the website Nhahang12h.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested October 2023 Another China Controversy For Apple: Sending User Browsing Data To Tencent
Apple has found itself embroiled in yet another China-related controversy, as it appears to be sending user browsing data to Tencent, a Chinese company. That data includes the website visited and the IP address of the iOS user.
Apple has the best of intentions here – the data sharing is done to help protect users from fraudulent websites – but the fact that the company now uses a Chinese conglomerate to do so is raising eyebrows…
Update: Apple has shared an official response stating that actual URLs aren’t shared with third-parties and only users with their devices set the mainland China region will use Tencent for the safe browsing service.
Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.
Johns Hopkins University professor and cryptographer Matthew Green says this is problematic because it may reveal both the webpage you are trying to visit and your IP address. It may also drop a cookie on your device. This data could potentially be used to build up a profile of your browsing behavior.
There is some evidence to suggest that Apple sends browsing data to Tencent only when its iOS region is set to China. However, this is unclear. As Green notes, the warning appears on US-registered iPhones as well as Chinese ones.
Green explains that there are some protections in use, at least by Google.
Google quickly came up with a safer approach to, um, “safe browsing”. The new approach was called the “Update API”, and it works like this:
Google first computes the SHA256 hash of each unsafe URL in its database, and truncates each hash down to a 32-bit prefix to save space.
Google sends the database of truncated hashes down to your browser.
Each time you visit a URL, your browser hashes it and checks if its 32-bit prefix is contained in your local database.
If the prefix is found in the browser’s local copy, your browser now sends the prefix to Google’s servers, which ship back a list of all full 256-bit hashes of the matching URLs, so your browser can check for an exact match.
So Google doesn’t know the exact webpage you are attempting to visit in any particular case, but we are putting a lot of trust in Google not to mine the data.
The typical user won’t just visit a single URL, they’ll browse thousands of URLs over time. This means a malicious provider will have many “bites at the apple” (no pun intended) in order to de-anonymize that user. A user who browses many related websites — say, these websites — will gradually leak details about their browsing history to the provider, assuming the provider is malicious and can link the requests. (Updated to add: There has been some academic research on such threats.)
And now Apple is sending browsing data to Tencent, we are extending that trust to a Chinese company too, and not being consulted about it as the protection is on by default. That, argues Green, is difficult for Apple to justify.
In the Safe Browsing change we have another example of Apple making significant modifications to its privacy infrastructure, largely without publicity or announcement. We have learn about this stuff from the fine print. This approach to privacy issues does users around the world a disservice.
It increasingly feels like Apple is two different companies: one that puts the freedom of its users first, and another that treats its users very differently. Maybe Apple feels it can navigate this split personality disorder and still maintain its integrity. I very much doubt it will work.
Apple came under fire last week for banning then allowing then again banning an app which shows protest trouble-spots in Hong Kong.
FTC: We use income earning auto affiliate links. More.
You're reading Another China Controversy For Apple: Sending User Browsing Data To Tencent
Update the detailed information about Another China Controversy For Apple: Sending User Browsing Data To Tencent on the Nhahang12h.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!