Apple’s upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google.
A built-in security-focused feature in the Safari browser, “Fraudulent Website Warning,” alerts users about dangerous websites that have been reported as deceptive, malicious, or harmful.
To achieve this, Apple relies on Google Safe Browsing — or Tencent Safe Browsing for users in Mainland China — a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.
Any match against the database will prompt Safari to request Google or Tencent for the full list of URLs that correspond to the hashed prefix and subsequently block a user’s access to the site with a warning.
While the approach ensures that the actual URL of a website the user is attempting to visit is never shared with a safe browsing provider, it does leak the IP address of the device from which the check was made.
images from Hacker News