Apple Responds To Reports That It is Sharing Data With Tencent 124
Over the weekend, reports emerged that claimed that Apple was sending users' browsing details to Tencent to run it against Chinese company's safe browsing feature. In a statement on Monday, an Apple spokesperson has offered a clarification: Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing. To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of website you visit is never shared with a safe browsing provider and the feature can be turned off.
Trust (Score:4, Informative)
Why are they sending the user's IP address? That's a whole different kettle o' fish.
Re:Trust (Score:4, Informative)
They - Apple - aren't sending anything. YOU are requesting a current blacklist, and Tencent needs your IP to deliver your data to you. It doesn't go through Apple.
You could spoof your IP, but the quality of the response might decline below usefulness ;)
Re: Trust (Score:2)
Why isn't Apple acting as the middleman / GateKeeper
Re: (Score:2)
Why should they? Your IP address is handed to every Internet site you communicate with. It's not private. Any evil authoritarian regime seeking to do you harm already knows your IP address, 'cause they control the telecom that gave you that IP address.
APPLE decided to connect to this service NOT YOU (Score:2)
Why isn't Apple acting as the middleman
Why should they?
Because APPLE decided to connect to this service NOT YOU.
Re: (Score:2)
You're right! Apple totally should have told you about this feature!! ....Oh wait, they did. ....Oh wait, they did.
Well, Apple should have totally given you a way to disable this feature!!
Disused lavatory marked Beware of the Snow Leopard (Score:2)
You're right! Apple totally should have told you about this feature!! ....Oh wait, they did.
What steps did Apple explicitly notify each user, including guest users of a device, that the device would be performing fraud blocklist lookups? Whether these steps constitute adequate notification depends on the exact nature of these steps. Otherwise, it's like posting a public notice "in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard,'" as the late SF author Douglas Adams put it.
Re: (Score:2)
What steps did Apple explicitly notify each user, including guest users of a device, that the device would be performing fraud blocklist lookups?
It's listed in the new features of the iOS update that introduced it.
You do actually read what you're running, and don't just blindly trust Apple, right?
Re: (Score:2)
Thank you for clarifying. But in the case of a device used by multiple people, users other than the owner are even less likely to have read the release notes.
Re: (Score:2)
That a users requests and has some control over.
Apple products, Apple setting, Apple can offer the lists and keep the users IP safe for that service.
Re "Any evil authoritarian regime seeking to do you harm already knows your IP address"
Why keep feeding and supporting an evil authoritarian regime? By giving it user ip's...
YOU are **NOT** requesting ... (Score:2)
They - Apple - aren't sending anything. YOU are requesting a current blacklist, ...
NO NO NO. YOU are not, Apple made that decision, not YOU. The fact that it is your device does not change this. Apple made this decision, Apple should have acted as the middleman.
APPLE is requesting not YOU (Score:2)
They - Apple - aren't sending anything. YOU are requesting a current blacklist, and Tencent needs your IP to deliver your data to you.
No. The request is coming from Apple. You confuse "your device" with "you". Apple made the decision to send your IP to that service. They introduced a new step into the processes of visiting a website, they decided to enable that step by default, they did not properly inform users of this change. Yeah, sure, the info is buried somewhere in a long agreement no one reads, paired with a mandatory "I AGREE" button that is the only way you may use your device.
Re:Trust (Score:5, Informative)
Why is TenCent a part of -anything- I'm doing? This should be handled by something in the country, or at least the region. I'm sure Russia wouldn't want all their traffic going through some .nsa.gov site for no real reason.
It is something in the country -- this only applies if you are in China. If you're anywhere in the US it uses Google.
Re: (Score:2)
Re: (Score:2)
And this is why I am disabling "Fraudulent Website Warning" from my Safari settings.
Talk about the ultimate example of cutting of your not to spite your face...
Re: (Score:2)
Re:Trust (Score:4, Informative)
How do you think data gets back to you when you request it from a server?
You put a URL in your web browser and hit enter. How does the data that is the web page get back to you?
(The answer is the server sends the data to your IP address. If you "spoof your IP", then the data is sent to that address instead of your address. Kinda like "spoofing" the return address on a physical letter will result in the response not coming to your house)
Apple should have been the middleman (Score:2)
Re: (Score:3)
Why?
Your IP address is not private. You literally send it to everyone on the Internet you communicate with, and every router between you and them. Any evil authoritarian regime controls the telecom that gave you that IP address, so they already know it's you.
Why no VPN, Apple? (Score:2)
Apple acts as the middleman, that's how the data gets back to you. Apple decided to make this connection, not the user. Apple should therefore act as the middleman to shield your IP.
Your IP address is not private. You literally send it to everyone on the Internet you communicate with
Not if you use a VPN or a web proxy. I think drnb is trying to claim that Apple ought to act as a proxy for fraud blocklist lookups and for all other network communication that Safari performs and the user did not explicitly request.
Re: (Score:3)
Not if you use a VPN or a web proxy.
Because you can connect to those via fairies?
I think drnb is trying to claim that Apple ought to act as a proxy
I think drnb doesn't understand IP networking and sees an opening to get his hate on towards Apple.
Re: (Score:2)
[The provider of a service doesn't need to see your IP address] if you use a VPN or a web proxy.
Because you can connect to those via fairies?
No. But you don't need fairies to run a web proxy. In the case of a fraud lookup performed through a web proxy, you and the proxy know each other's IP address, and the proxy and Google or Tencent know each other's IP address. But you don't know the IP address of Google or Tencent, nor do they know yours.
Re: (Score:2)
. In the case of a fraud lookup performed through a web proxy, you and the proxy know each other's IP address, and the proxy and Google or Tencent know each other's IP address
Which gets you nothing when you're approaching this as "My IP Address must be protected". All you've done is moved who you trust to a much smaller and less-watched company.
Re: (Score:2)
. In the case of a fraud lookup performed through a web proxy, you and the proxy know each other's IP address, and the proxy and Google or Tencent know each other's IP address
Which gets you nothing when you're approaching this as "My IP Address must be protected". All you've done is moved who you trust to a much smaller and less-watched company.
As said at the start. A company that is less likely to be building a profile on you using that info and less likely to be handing that info over the the government, especially the Chinese Communist Party. Apple bills itself and its products as enhancing your privacy, its part of their sales pitch. Their actions here directly contradict that sales pitch they rightfully deserve to be called on it.
Re: (Score:2)
The provider of the list sends the list to Apple.
Apple sends the list to its users.
No outside group, nation, brand gets users ip for the lists.
Re: (Score:2)
Its an Apple software product. Why not get the data sets for Apple art have Apple be the ip hop in the middle?
They could do that, they could do the same for the search bar too. But if you really want to hide your IP then you use a VPN, Apple could offer a VPN service I suppose but there are already a lot of them out there.
The question in this instance is really "why bother?", if Tencent has an IP address what use it that? If you do a traceroute on some of your traffic you will see many different servers owned by different companies get your IP address.
Re: (Score:2)
No outside group, nation, brand gets users ip for the lists.
How about literally every other part of the web page, which also hands out the user's IP address to a large number of different companies and every router between the user and them?
Lots and lots and lots of outside groups and brands, and a surprising number of nations, get the user's IP. So blocking it from one Google API does what exactly?
Re: (Score:2)
Re: (Score:2)
Its internal to an Apple product. Why not just protect that list and the users ip and make it network from Apple?
Because there's no reason to protect the user's IP address, all they know is it is an IP address, I could give them lots of them, they could even make them up if they wanted to and maybe it's the IP address assigned to a machine, or a router employing NAT or a VPN or some other kind of proxy, who cares? What are you protecting? And it's not internal to an Apple product, they even clearly state that in the settings.
Re: (Score:2)
They could do that ... The question in this instance is really "why bother?"
Because they are introducing a new step into the process of visiting a website that degrades privacy. And increased privacy is part of Apple's sales pitch.
Re: (Score:2)
How about literally every other part of the web page, which also hands out the user's IP address to a large number of different companies ...
That's "part" of the web page the user decided to visit. That is not part of a new process that Apple in injecting into that visit.
Re: (Score:2)
They could do that ... The question in this instance is really "why bother?"
Because they are introducing a new step into the process of visiting a website that degrades privacy.
Specifically how does it degrade privacy?
Knowing both the client IP and the HTTP path (Score:2)
Routers have the client IP address, but not both the client IP and the HTTP path. I understand the argument of drnb and others as being that an IP address alone is harmless if the same entity doesn't also know the HTTP path. If fraud lookups are turned off, only the destination web server (which the user explicitly chose to visit) knows both. But if fraud lookups are turned on and not proxied, the fraud blocklist provider also knows both.
Re: (Score:2)
They could do that ... The question in this instance is really "why bother?"
Because they are introducing a new step into the process of visiting a website that degrades privacy.
Specifically how does it degrade privacy?
It sends your IP and the URL to a party who would not otherwise have that information. This other party may now effectively log the web sites you visit.
Re: (Score:2)
Specifically how does it degrade privacy?
It sends your IP and the URL to a party who would not otherwise have that information. This other party may now effectively log the web sites you visit.
No, it doesn't send the URL, you're mistaken.
Re: (Score:2)
Routers have the client IP address, but not both the client IP and the HTTP path.
They do. The HTTP path isn't obscured in the packets.
Also, Tencent or Google don't have the path either. They have a hash of the path, which collides with lots of others. That's why the final fraud check is done on the client.
Re: (Score:2)
That's "part" of the web page the user decided to visit.
The user decided to visit Google Analytics? I don't think so.
Re: (Score:2)
The HTTP path isn't obscured in the packets.
The hostname is visible in the SNI field of the ClientHello, but everything after that is encrypted with TLS.
Also, Tencent or Google don't have the path either. They have a hash of the path, which collides with lots of others.
The hash could be enough to correlate which alleged dissidents (in the case of Tencent) or which ad viewers (in the case of Google) have likely visited a given page.
Re: (Score:2)
Specifically how does it degrade privacy?
It sends your IP and the URL to a party who would not otherwise have that information. This other party may now effectively log the web sites you visit.
No, it doesn't send the URL, you're mistaken.
A hash doesn't really disguise the URL. A visit by state security to that domain will let them know its hash. The hash still associates you with any other visitor of that website.
Re: (Score:2)
Not if you use a VPN or a web proxy.
Because you can connect to those via fairies?
I think drnb is trying to claim that Apple ought to act as a proxy
I think drnb doesn't understand IP networking and sees an opening to get his hate on towards Apple.
Bad guess, you simply fail to make the connection between Apple injecting additional messages into the process of visiting a website and Apple's subsequent responsibilities for privacy. **Especially** since privacy is part of the sales pitch for their devices and in other areas Apple does make efforts to keep personal identifiers hidden from entities on the internet.
2nd bad guess, Apple use since 1983. I simply am honest enough to call Apple mistakes as mistakes. The only fanboy in this conversation is y
Re: (Score:2)
Apple acts as the middleman, that's how the data gets back to you. Apple decided to make this connection, not the user. Apple should therefore act as the middleman to shield your IP.
Your IP address is not private. You literally send it to everyone on the Internet you communicate with
Not if you use a VPN or a web proxy. I think drnb is trying to claim that Apple ought to act as a proxy for fraud blocklist lookups and for all other network communication that Safari performs and the user did not explicitly request.
Not every request, but for requests regarding a service Apple is inserting into the process of visiting a web page
Re: (Score:2)
Apple offers other services to hide the ID of users, they should be doing so here as well.
To what end? In the other cases I'm aware of (e.g. iMessages, Apple login), Apple inserting itself as a middleman provides a meaningful gain to privacy or security. Not so here. The data being sent to Google/Tencent is effectively being poisoned, rendering it useless by design.
To make an attempt at an analogy, imagine if an international travel agency got a request for all threat assessments on "T" locations, along with a self-addressed, stamped envelope in which to enclose their reply. They dutifully send
Re: (Score:2)
Re: (Score:2)
Your IP often effectively identifies you
No it doesn't, my IP changes all the time but even if it didn't that information alone is of no value. Here, 231.53.123.31. What can you do with that? Oh and bear in mind because the router on this network uses NAT, every person connected to this network has that IP address.
Re: (Score:2)
Your IP often effectively identifies you
No it doesn't, my IP changes all the time ...
If so that is quite the outlier and therefore irrelevant.
... but even if it didn't that information alone is of no value. Here, 231.53.123.31. What can you do with that?
Now pair that IP with every website you visit and a timestamp.
Oh and bear in mind because the router on this network uses NAT, every person connected to this network has that IP address.
And that's how we can have situations were Dad begins seeing ads designed for pregnant women after his teenage daughter visits a pregnancy website.
Thank you for the assist in proving my point.
Re: (Score:2)
No it doesn't, my IP changes all the time ...
If so that is quite the outlier and therefore irrelevant.
Maybe if you think everybody is confined to their mom's basement with an ISP that offers a static IP address. Do you have the same IP address at home, at various public wifi spots, on cellular, at work, etc...?
... but even if it didn't that information alone is of no value. Here, 231.53.123.31. What can you do with that?
Now pair that IP with every website you visit and a timestamp.
And what do you get? Even if you did have every website I visit that log doesn't identify a person, as you make clear with your example below.
Oh and bear in mind because the router on this network uses NAT, every person connected to this network has that IP address.
And that's how we can have situations were Dad begins seeing ads designed for pregnant women after his teenage daughter visits a pregnancy website.
Yes! Exactly! An IP address does not identify a person, so giving Tencent your IP address doesn't help them do anything.
What exactly are you worried about here?
Re: (Score:2)
No it doesn't, my IP changes all the time ...
If so that is quite the outlier and therefore irrelevant.
Maybe if you think everybody is confined to their mom's basement with an ISP that offers a static IP address. Do you have the same IP address at home, at various public wifi spots, on cellular, at work, etc...?
On cellular, state security knows who owns the phone.
At home they just correlated the number to an exceptionally small number of people.
At a public wifi spot they correlated you to a small number of people appearing in their city wide surveillance cameras.
... but even if it didn't that information alone is of no value. Here, 231.53.123.31. What can you do with that?
Now pair that IP with every website you visit and a timestamp.
And what do you get? Even if you did have every website I visit that log doesn't identify a person, as you make clear with your example below.
For the ministry of state security purposes it is more than close enough.
Oh and bear in mind because the router on this network uses NAT, every person connected to this network has that IP address.
And that's how we can have situations were Dad begins seeing ads designed for pregnant women after his teenage daughter visits a pregnancy website.
Yes! Exactly! An IP address does not identify a person, so giving Tencent your IP address doesn't help them do anything. What exactly are you worried about here? You have just demonstrated that you understand that an IP address isn't personally identifying.
You have just demonstrated you don't understand privacy.
Re: (Score:2)
is effectively a log of every website you visit held by Google or Tencent.
Given that they’re unable to make logs ex nihilo, from nothing, no, they don’t. Your statement does not resemble what is happening in the least. Re-read my analogy above for a layman’s explanation.
If we want to get more technical, all that is being sent to Google or Tencent is a prefix of a hash. Not the full hash, and certainly not the URL itself. Moreover, they only get the prefix after an on-device check to see if it’s in a blacklist that’s pre-loaded on your device (it
Re: (Score:2)
... all that is being sent to Google or Tencent is a prefix of a hash. Not the full hash, and certainly not the URL itself ...
Tencent may still associate you with other visitors to the website, say one is a known political activist. Your IP is now on a suspect list. Say a brand new server goes up indicating where police are in Hong Kong. All protesters who begin using the server may now be associated.
Furthermore the server is not necessarily unknown. State security visiting the website can see the hash sent.
Read up on traffic analysis in military and intelligence contexts to better understand where you are going wrong.
Re: (Score:2)
Tencent may still associate you with other visitors to the website
No, they can't. As I've already explained to you several times, they don't know the sites you're visiting, or even if you're visiting any at all. There is no way to map the hash prefixes you're submitting to a specific site you're visiting, nor is there any way to know what action you took based on their response. Conflating sites with prefixes, as you're doing here and suggesting Tencent could do, would result in "associating" you with orders upon orders of magnitude more people than ever actually visited
Re: (Score:2)
Tencent may still associate you with other visitors to the website
No, they can't. As I've already explained to you several times, they don't know the sites you're visiting, or even if you're visiting any at all. There is no way to map the hash prefixes you're submitting to a specific site you're visiting, ...
That is simply untrue. They know the domain or IP of a server. Given the control that the CCP has, info can be taken down from social media or the social media sites blocked in a region where riots are occurring. Ad hoc servers may be put up to offer the prohibited info and accessing those will be direct evidence of involvement in something prohibited. Apple is contributing to logging of such behavior for the CCP.
Say a brand new server goes up indicating where police are in Hong Kong. All protesters who begin using the server may now be associated.
No, they can't. All Tencent knows is that you asked for a particular hash prefix. That hash prefix was already associated with potentially billions of sites on the day before the new server went up ...
That is also untrue. That would make the identification of sites hosting malware impossible. Th
Re: (Score:2)
I'm going to take a step back, because it seems as if there's some confusion regarding the distinction between hashes and hash prefixes and how the two are used differently (you keep referring to hashes and their need to uniquely identify sites, which is true, but requests to Google/Tencent are based on non-unique hash prefixes, rather than full hashes, specifically to sidestep the privacy concerns you're raising). In an attempt to clear up how this stuff works, let me walk through the four possible outcome
Re: (Score:2)
As described above, the Safe Browsing feature makes an overly-broad request for anything matching a non-specific hash prefix ... so we can use the 32-bit hash prefix to ask about 2^224 domains at a time, and they can reply back with what they know about all of those 2^224 domains ... nor will they even know whether I visited the site at all ...
No, no, and irrelevant.
Your "overly-broad" characterization is a fiction. In reality the collisions of actual existing domains or ip numbers in that 2^224 theoretical domain space will be quite small. Collisions are rare, that is what makes hashing useful.
In the same way that Apple can quickly, so much so to be imperceptible on a mobile device, process the small set of returned hashes so can the ministry of state security. Should that relatively small number of domains contain one on a state security
Re: (Score:2)
Your "overly-broad" characterization is a fiction. In reality the collisions of actual existing domains or ip numbers in that 2^224 theoretical domain space will be quite small. Collisions are rare, that is what makes hashing useful.
You’re confused. The domain space is not 2^224 in size. It is 2^256 in size, and, as you said, collisions will be rare in that space. 2^224 is the possible number of collisions you get by only looking at the first 32 bits of the 256-bit hash (i.e. by stripping away the last 224 bits of the 256-bit hash). In practice, we don’t expect 2^224 collisions for any given prefix, of course, but we should be getting a decent number, otherwise you’ll admittedly have a very good point.
I was also confu
Re: (Score:2)
Correction: I have no recollection what the accepted average number of pages per website was back in 2007. I used to, but I’ve apparently forgotten it (it might have been more like 40-50? We crawled 4.3B pages, I firmly recall, but I’m less certain about how many domains we crawled), since I realized after I submitted my post that the “200” I remembered was actually for an unrelated statistic (the branching factor of second-degree neighbors, which were a focus of some of my research)
Re:Trust (Score:5, Informative)
Explain?
You're asking a server to provide you with information. If you want a response from that server, you MUST provide your IP address so that they know where to send the reply. Failure to do so would be like sending snail mail without writing a return address on the outside of the envelope, hence why the previous poster joked that it might not be too useful to you. Spoofing your IP address would be like putting a fake return address on the envelope: someone will get the response that you asked for, but it won't be you.
Why couldn't it?
I'm not sure what you're getting at, but adding an unnecessary middleman sounds like an anti-feature, like if phones murdered us in our sleep or drained our bank accounts whenever we entered payment details. Apple generally avoids making a middleman of itself except where doing so provides tangible benefits. I suppose you could argue that proxying the request through Apple could help anonymize your device, but there's nothing meaningful to gain there. IP addresses are only useful inasmuch as they can be tied to something of value, but the data in these requests is useless by design to these companies. Using Apple as a proxy would add overhead without meaningfully improving anything.
Taking a step back, the way this feature works is that if your device has its region set to mainland China and you've enabled the "Fraudulent Website Warning" toggle, your device will create a hash of the URL you are visiting and will check it against a blacklist of hashes that it previously pulled down. The hashes frequently collide (i.e. they aren't uniquely tied to a particular URL) so if the hash shows up in your local blacklist your device will need to query Tencent for the specific URLs that correspond to that hash. When that happens, Tencent sends back those URLs so that you can check them locally on your device to see if any of them match the URL you are actually visiting (hence why you need to provide your IP address, else they won't know where to send those URLs). Because the URL you are visiting may or may not be in the list that Tencent sends back, and because the checking is done on-device instead of on their servers, Tencent has no way of knowing which, if any, of those URLs match up with the one you are actually visiting. This was done by design to prevent Tencent from being able to use this feature to track user's browsing behavior.
For everyone outside of mainland China, swap "Tencent" for "Google". It's the same design with them as well.
To opt-out, do one or both of the following:
1) Set your region somewhere other than mainland China if you want to use Google instead of Tencent
2) Disable the Fraudulent Website Warning feature to disable sending the data altogether
Re: (Score:2)
You're asking a server to provide you with information. If you want a response from that server, you MUST provide your IP address so that they know where to send the reply. Failure to do so would be like sending snail mail without writing a return address on the outside of the envelope
Consider the following situations:
A. I send mail to Google in Mountain View, and Google sends a reply to my address.
B. I send mail to Apple in Cupertino, Apple forwards it to Google in Mountain View, Google sends a reply to Apple, and Apple forwards the reply to my address.
C. I send a fraud lookup to Google's or Tencent's server, and Google sends the reply to my IP address.
D. I send a fraud lookup to Apple's proxy server, Apple forwards it to Google's or Tencent's server, Google or Tencent sends the reply t
Re: (Score:2)
I already specifically addressed proxying in my reply above, as well as why it provides nothing of value in this particular instance. I'm all for better privacy, but there's nothing to be gained here by adding that overhead.
Re: (Score:2)
I see, caching is an anti-feature.
I think you're nuts.
Don't put words in people's mouth. I said I wasn't sure what the previous AC (you?) was getting at, made it clear that I understood it to mean proxying, and (with a bit of snark) answered the question as best I could based on my understanding. In looking back, I have a hard time interpreting the question as a reference to caching, but that's neither here nor there.
Anyway, I'd actually be fine with Apple caching this data (or proxying it, or setting up a competing service, etc.). It gives people the benefit
Re: Trust (Score:2)
Re: (Score:2)
Re: (Score:2)
....you might want to brush up on the basics of TCP/IP networking.
APPLE made the TCP/IP connection not the USER (Score:2)
....you might want to brush up on the basics of TCP/IP networking.
You might want to brush up on why this TCP/IP connection was made. APPLE decided to connect to this service, the USER did not.
Re: (Score:3)
Actually, the USER did when they used this service. Don't want it? Turn it off.
This is a little like claiming APPLE should proxy every Internet request an iOS device makes.
Document-related requests vs. ancillary requests (Score:2)
It's like saying Apple should proxy every ancillary request that a web browser makes. Ancillary requests are requests other than to the web servers responsible for serving a particular HTML document and the resources that it transcludes.
Re: (Score:2)
Ancillary requests are requests other than to the web servers responsible for serving a particular HTML document and the resources that it transcludes.
So, every iOS request.
(Or you've spent very, very little time looking at a modern web page)
Re: (Score:2)
All the CDNs and adtech scripts in a modern web page are technically part of "the resources that [a document] transcludes." The fraud lookup is not.
Re: (Score:2)
So sending the user's IP to Google when the client does a fraud lookup is bad. Sending the user's IP to Google to retrieve an ad is good.
Nope, was an Apple specific service (Score:2)
It's like saying Apple should proxy every ancillary request that a web browser makes. Ancillary requests are requests other than to the web servers responsible for serving a particular HTML document and the resources that it transcludes.
No, it is not. This request was not "part" of the web page the user requested nor part of standard protocols for looking up a web page. It is an Apple specific service added to the process. Their creation, their responsibility.
Re: (Score:2)
I sense violent agreement here.
This request was not "part" of the web page the user requested nor part of standard protocols for looking up a web page. It is an Apple specific service added to the process.
That's sort of what I was trying to get at by defining "ancillary" request.
Re: (Score:2)
A) It's an optional feature
B) It has an obvious toggle in Settings > Safari
C) Immediately under that group of toggle buttons is an "About Safari & Privacy" link to a plain-English explanation of the feature, which I've reproduced below in its entirety
Fraudulent Website Warning
When Fraudulent Website Warning is enabled, Safari will display a warning if the website you are visiting is a suspected phishing website. Phishing is a fraudulent attempt to steal your personal information, such as user names, passwords, and other account information. A fraudulent website masquerades as a legitimate one, such as a bank financial institution, or email service provider. before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent.
Given all of that, I don't think it's so clear-cut as you make it out to be. The feature is enabled by default (i.e. it's opt-out), so there's an argument to be made that, as you said, Apple made the choice for users who never see the toggle. On the othe
Re: (Score:2)
Re: (Score:2)
That Apple was reporting every website visit to Tencent was most like a surprise to most users in China.
As well it should be, since that’s not what’s happening. Apple doesn’t report any website to Tencent, let alone every website.
They only report a hash prefix of the URL, and they only do even that if that hash prefix happens to be listed in the baked-in blacklist that’s already on the device. I.e. For the vast majority of clicks, they hear nothing from you, but when they do hear from you, all they get is a gibberish string that corresponds to any one of a multitude of URLs, any one of
Re: (Score:2)
Almost as sad as a person on a supposedly technically oriented website not understanding that when you request a piece of data from a server your IP address goes with it so the server knows where to send the response.
Or the fact that several people have seen fit to mod up the original post.....
This is true (Score:2)
Apple is basically saying they use the update API variant of Safebrowsing. It works by checking hashes on the client:
https://developers.google.com/... [google.com]
One concern might be if Apple provides any metrics back to Tencent as a provider regarding Safebrowsing hits, but there is no link in TFA so it's hard to know what was actually said.
Re: (Score:2)
Spoke too soon. If there is a hit:
To check if a URL is on a Safe Browsing list, the client must first compute the hash and hash prefix of the URL (see URLs and Hashing). The client then queries the local database to determine if there is a match. If the hash prefix is not present in the local database, then the URL is considered safe (not on the Safe Browsing lists).
If the hash prefix is present in the local database (a hash prefix collision), the client must send the hash prefix to the Safe Browsing servers for verification. The servers will return all full-length SHA 256 hashes that contain the given hash prefix.
https://developers.google.com/... [google.com]
So unless there are a lot of collisions (unlikely), the provider could reasonably know which site you were trying to visit, if this final step is performed on a hit.
Re: (Score:2)
Re: This is true (Score:2)
Re: (Score:2)
I'm gonna have to repeat that other poster's question: Do you understand how TCP/IP works?
Hint: How does the server send data back to the client?
Re: (Score:2)
Hint: How does the server send data back to the client?
The client should be the end user. Full stop.
This isnt rocket science.
Re: (Score:2)
How, exactly, do you think data reaches that end user?
The end user types in a URL and hits enter. Packet(s) go out and request data from the server. How does the data get back to that end user?
In other words, you're either having a massive blind spot, or you have no idea how IP networking works.
Re: (Score:2)
When the end user types in https://slashdot.org/ [slashdot.org] and presses Return, the end user expects packets containing the end user's IP address to go to Slashdot, not to Tencent. There is no conspicuous, persistent notice that Google or Tencent is being used as a fraud lookup provider.
Re: (Score:2)
the end user expects packets containing the end user's IP address to go to Slashdot, not to Tencent
Why? Are they directly connected to the computer hosting slashdot? Do they have slashdot.org in their hosts file?
Your IP address is thrown all over the place any time a web browser opens a page. Pretending it's super-secret information is flat out wrong. Pretending that an authoritarian regime doesn't already have your IP address is also wrong, because they're the ones that gave it to you and control the routing equipment for anything you send out over the Internet.
There is no conspicuous, persistent notice that Google or Tencent is being used as a fraud lookup provider.
Are you also proposing a conspicuous,
Re: (Score:2)
Why? Are they directly connected to the computer hosting slashdot? Do they have slashdot.org in their hosts file?
One scenario involves a recursive resolver on the client that uses DNS over TLS (DoT) or DNS over HTTPS (DoH) to hide the query from intermediate routers, along with QNAME minimization (RFC 7816) to replace name parts out of a particular server's bailiwick with "_.example".
1. Client requests a fraud lookup from a fraud lookup proxy. .org.
2. Client requests _.example.org from a root server.
3. Client requests slashdot.org from
4. Client requests slashdot.org from Slashdot.
5. Client connects to Slashdot's web s
Re: (Score:2)
In either case, only Slashdot and the fraud lookup proxy can see that this IP was requesting a particular path on Slashdot
You know what other case hides requesting a particular path on Slashdot? The one Apple is sending to Google or Tencent. It even has the advantage of only the client knowing what the full URL is.
Oh, and the IP is still not hidden in your scenarios. You just trust the proxy for some reason.
Re: (Score:2)
Oh, and the IP is still not hidden in your scenarios.
If Apple operates a proxy, It's hidden from Google or Tencent and not hidden from Apple.
You just trust the proxy for some reason.
In the paradigm that drnb and friends are promoting, this is fine because Apple has a better reputation than Google or Tencent of not using the (IP, path) pair for intrusive targeting of advertising or communist oppression respectively.
Re: (Score:2)
Should Apple be sending its in application lists to Apple or some other nation/brand?
Re: (Score:2)
The claim is not that they are sending what sites you visit to tencent, but thats the claim they defended against.
Based on the swath of news headlines and Apple's response I think it's fairly clear they are responding to news headlines like this:
Apple criticised for sending browsing data to WeChat owner Tencent [smh.com.au]
Safari in iOS sends some Safe Browsing data to Tencent [engadget.com]
Apple Criticized for Sending Some Browsing Data to Tencent [bloomberg.com]
Another China controversy for Apple: sending user browsing data to Tencent [9to5mac.com]
Apple under scrutiny for sending Safari browsing data to China’s Tencent [thenextweb.com]
Their "denial" .. the denial of the strawman, confirms the claim.
What claim do you think they are respond
Re:This is true (Score:4, Informative)
On top of that, the claim wasnt that they send the address you are interested in to tencent, the claim was that they send YOUR IP ADDREESS to tencent
Your device is directly making the query to tencent (or google) - that’s how they get your IP address. Tencent (or google) can’t exactly respond to your query without it.
DigitAI56K is explaining how the protocol is designed to keep tencent (or google) from determining the specific site URL you’re interested in from your query. Then he speculates that those protections may not actually be effective.
Re: (Score:2)
Your device is directly making the query to tencent (or google)
Yes, thats the claim made against Apple: Instead of Apple handling it, they are sending it to a 3rd party handle, such as tencent.
But they didnt defend against this claim. They defended against a different claim.
DO YOU SEE HOW THIS WORKS?
Re: (Score:2)
Even as a strawman, in their account they only tell on you if you tried to visit a URL China didn't like. That isn't a very good defence. That's the whole, entire risk of sharing the URL! "Oh, don't worry, we only told them that you may have tried to visit a banned URL."
Absolutely disgusted.
Re: (Score:2)
in order for this to work wouldn't all accessed URLs have to be checked against this list... so the list is likely downloaded on a regular basis to keep it up to date and every attempt to access a site would be tested against it (I wouldn't think it would be downloaded on every URL access)
the point is, Tencent and google don't know when you have attempted to access a questionable site, only that you downloaded this list to check some URL against. Thats damn little to go on since all iPhones would be doing
Re: (Score:2)
You do understand that Tencent is considered worse by more people on the planet than Russia's IRC? Yes? No?
How about if the 3rd party was the Donald Trumps Whitehouse?
How about if the 3rd party was a KKK-operated website?
How about if the 3rd party was the Vatican?
Sorry pal. Apple's software is sending your IP address to specific 3rd parties, and for over a billion people t
Re: (Score:3)
OK one last time Strawboy. What info is getting sent to Tencent that is dangerous to anyone.
The only question is, is the list of websites that are suspected scams any good. In the rest of the world we get that list from google... Given the effectiveness of the great firewall I don't really see why tencents' list should be any worse but I'm sure someone could look into that if necessary... maybe thats a good reason to not use their service. But the fact that your phone periodically requests an updated lis
Re: (Score:2)
OK one last time Strawboy. What info is getting sent to Tencent that is dangerous to anyone.
Another strawman.
You are just admitting that Safari does, in fact, send your IP address to tencent, which was the claim against them. The claim wasnt any of the other things you are handwaving about. The claim wasnt refuted by Apple. Apple refuted a different claim, called a strawman, one that you are also trying to make, still called a strawman.
Re: (Score:2)
What info is getting sent to Tencent that is dangerous to anyone.
Scenario:
- China tells Tencent to ban a bunch of sites and wants to know who visits them
- Tencent puts them in safe browsing list hashes
- Users hitting such a site now sent hash to Tencent for confirmation (a step in the safebrowsing API model). Tencent, as the hashlist provider, knows which full hashes belong to which sites. At this point it's only an honor system that they don't do a lookup.
- Tencent says "oh gee, this user/ip/whatever just sent the hash of a site on our na
Re: (Score:2)
- Tencent says "oh gee, this user/ip/whatever just sent the hash of a site on our naughty list, better tell the authorities!"
But your premise is flawed because the IP doesn't identify a user, it doesn't even identify a device. Over the course of the day the devices i use will have a number of different IP addresses and in terms of the public visibility of those - such as what Tencent or Google will see - many people will have that same IP address. IPv4 has a limit of just over 4 billion addresses which is why we have tools like NAT, the result is that many people have the same IP address and individuals often have many IP address
Re: (Score:2)
That is a stupid argument.
Even in the US, in copyright disputes, for years lawyers argued that an IP address did identify you, and only fairly recently the opposite opinion became common.
Here we are discussing China, a country that will take you away in the night if your neighbor tattles that you are the wrong religion.
Furthermore, China may only care that someone on your service subscription is accessing blocked content. We had articles only this week that you may need facial recognition to get online ther
Re: (Score:2)
That is a stupid argument.
It would only appear to be a stupid argument if you didn't understand networking, I've tried to explain to you that user-to-IP address is a many-to-many relationship but you simply don't seem to be able to understand that.
Even in the US, in copyright disputes, for years lawyers argued that an IP address did identify you, and only fairly recently the opposite opinion became common.
Yes lawyers argued something that is fundamentally wrong, again I challenge you to prove them right, but you can't because of the reality of networking. The opposite opinion became common because of exactly what I just explained to you, they used to make the same incorrect assumptions that
This makes perfect sense... (Score:5, Informative)
...since Google is banned in mainland China. Apple either has to use a local-to-them resource, or have a broken feature.
#FreeHongKong