Apple’s Safari 5 is first major browser to purge decade-old browser history privacy defect

“Apple Safari has become the first major browser to be purged of one of the web’s longest-running privacy defects: The ability for any site owner to effortlessly steal a compete copy of your recent browsing history,” Dan Goodin reports for The Register.

“The browser history disclosure leak is as old as the World Wide Web itself, and it afflicted every major browser – until now,” Goodin reports. “Starting with versions released Monday, Safari no longer coughs up the list of websites a user has visited. The change is one of almost 50 security fixes Apple engineers added to versions 4.1 and 5.0 of the browser.”

Goodin reports, “In characteristic Apple fashion, the company buried news of the change at the bottom of this page. We pointed the new Safari version at sites here and here, which exploit the weakness, and neither worked. The attacks succeeded just fine against Google Chrome and Firefox, and one of them succeeded even when Firefox was running the NoScript add-on.”

Full article here.

[Thanks to MacDailyNews Reader “Lava_Head_UK” for the heads up.]


  1. @Tommy Boy
    I would like Verizon as an option but only to advance the iPhone platform. ATT service around here is great. Better than Verizon. Well, okay – I just lied. I have zero bars at my house but no carrier has service here. Okay, I just lied again – I have 5 bars of 3G at my house. As of 6 weeks ago when I bought the ATT MicroCell that is.

  2. @switcheroo
    I’ve got zero bars at home, 5 bars pretty much everywhere else.

    How is the microcell working for you? Thinking about getting one but don’t want to pay a monthly fee for it. I’d like to hear your thoughts on it.

  3. @Lotus Eleven

    The ATT MicroCell has been fantastic for me. I went 14 months with zero bars then immediately had 5 bars of 3G. It was easy to setup and it’s very reliable. I haven’t dropped a call in 6 weeks or had to use my landline.

    There are no monthly fees – just the $150 one time cost.

    Highly recommended.

  4. @switcheroo

    That’s great! I thought there was a monthly fee. Thanks for the comment. I’ll be getting one for sure now. I have a small biz I run from the home and it’s terrible not being able to use my cell

    Now if MobileMe would only support personal domain emails I’d be content. Thanks!

  5. Actually, it looks like Safari 5 is also preventing profiling via the Flash plug-in as well. Flash was being used to gather various system setting and being used to profile your browser ( or Haven’t tested this 100% yet, but it looks promising. Kudo’s to Apple on fixing this as well.

  6. @CitizenX;

    While I’m certain you actually *do* enjoy knowing every website you visit tracks your browsing history, the vast majority of us think it’s no one’s damned business what site I last browsed.

    Thank you Apple!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.