Apple’s WebKit team has published a blog post on Private Browsing 2.0 – a collection of changes they have introduced to Safari since September 2023. Private Browsing, initially introduced in 2005, lets users browse the web without leaving traces on their devices.
From its inception, Private Browsing has been about maintaining user privacy on shared devices by not storing local browsing history, cookies, or cached files. The initial release was considered novel at the time, and other browsers quickly followed suit with similar “incognito” modes. However, as tracking technologies evolved, simply not storing local data wasn’t enough. Apple’s continuous efforts led to incremental improvements in privacy protections over the years.
Private Browsing 2.0 introduces several advanced privacy measures that aim to protect users from cross-site tracking and fingerprinting:
- Link Tracking Protection: Safari now strips tracking parameters from URLs and hides document referrers, preventing third-party scripts from correlating user activity across sites.
- Blocking Known Trackers: Safari blocks network requests to known trackers, ensuring that personal information or tracking parameters are not sent over the network. This content blocker is built using data from DuckDuckGo and EasyPrivacy.
- Encrypted DNS and Proxying HTTP: Private Browsing uses Oblivious DNS over HTTPS to encrypt DNS queries, protecting them from being tracked or manipulated by network operators. It also proxies unencrypted HTTP traffic through a multi-hop network to secure user data from local network attackers.
The updated Private Browsing also integrates Web AdAttributionKit, allowing privacy-preserving ad click measurement, for which Mozilla is in the news. This ensures advertisers can track the performance of their campaigns without compromising user privacy. Attribution is confined to individual Private Browsing tabs and does not persist across tabs or sessions, maintaining the ephemeral nature of Private Browsing.
Advanced Fingerprinting Protection
Safari’s new fingerprinting protections thwart attempts to create unique user profiles based on device characteristics, network connections, and user behavior. These measures include injecting noise into APIs like 2D canvas and WebGL, and overriding screen and window metrics to standard values. By doing so, Safari makes it significantly harder for trackers to extract high-entropy data and build stable fingerprints.
Types of Fingerprinting Addressed:
- Device Fingerprinting: Involves identifying a device based on hardware and software characteristics.
- Network and Geographic Position Fingerprinting: Uses IP addresses and network speeds to determine the device’s location.
- User Settings Fingerprinting: Exploits user-specific settings like locale and dark mode.
- User Behavior Fingerprinting: Tracks how users interact with a site, such as typing speed and mouse movements.
- User Traits Fingerprinting: Gleans personal attributes such as interests and demographics from browsing behavior.
Apple acknowledges the delicate balance between privacy and usability. Wilander and his colleagues note that “many ideas for how to protect privacy on the web may break the user’s experience.” To mitigate this, Safari allows users to reduce privacy protections on a per-site basis if necessary, ensuring functionality while maintaining overall privacy.
Users can also enable these new privacy features in regular browsing mode. On iOS, iPadOS, and visionOS, users can navigate to Settings > Apps > Safari > Advanced > Advanced Tracking and Fingerprinting Protection and enable “All Browsing.” On macOS, this can be found under Safari > Settings > Advanced.
The WebKit team also criticized Chrome’s recently implemented Topics API for its potential to facilitate fingerprinting and profiling. They cite a study by Yohan Beugin and Patrick McDaniel from the University of Wisconsin-Madison, which finds that “the Topics API can be used to fingerprint and re-identify users.”
Apple has a decent track record of standing up for what’s right, and these enhancements reflect its commitment to protecting user privacy against increasingly sophisticated tracking techniques. As Wilander emphasizes, “Users expect and deserve more.” And with these new protections, Safari is poised to deliver on that promise.
