Google says Apple Safari's anti-tracking feature can be used to track users

The Safari browser icon on the dock of a computer running macOS.
(Image credit: PixieMe/Shutterstock)

In a bit of digital irony, the anti-tracking mechanisms that Apple builds into its Safari browser can themselves be used to track users, four Google researchers argued in an academic paper released yesterday (Jan. 22).

Safari's Intelligent Tracking Prevention (ITP) works differently from other browser anti-trackers in that it dynamically builds a list of every website a user interacts with. Safari keeps that list on the user's device and modifies the information sent to each website from Safari accordingly. 

Other browsers use a simpler method: They keep static, universal lists of naughty sites with which user data should not be shared, and apply that to all users.

The problem with Safari is that by creating individualized anti-tracking profiles for each user, the browser makes it possible for third parties to replicate that tracking profile and identify individual users simply by observing how a user interacts with multiple websites. 

In other words, users can be individually tracked through their Safari anti-tracking profiles.

We've reached out to Apple for comment and will update this story when we receive a reply.

'A personalized anti-tracking model'

"As a result of customizing the ITP list based on each user's individual browsing patterns," the researchers write, "Safari has introduced global state into the browser, which can be modified and detected by every document," i.e. every web page that Safari loads.

"What you end up with is a personalized anti-tracking model baked into your browser," Artur Janc, one of the research paper's authors, tweeted yesterday. "That model is not only a unique identifier, but also reveals information about sites you visited since last clearing browsing state. That's not great."

The Google researchers notified Apple of these problems in the fall of 2019. In a December blog post, Apple engineer John Wilander said some of the issues were resolved with updates to Safari on iOS and macOS. But the Google researchers believe that the short-term fixes Apple made "will not address the underlying problem."

"I can assure you that they still haven't fixed these issues, which is what made that blog post last year so weird," tweeted Google engineer Justin Schuh, who was not part of the research team, yesterday. "Apple didn't disclose the vulnerabilities or appropriately credit the researchers, but put out a post implying they fixed 'something'."

If you're very concerned about your privacy and don't want to be tracked online, browsers such as Brave and browser extensions such as Ghostery promise to minimize the amount of data you give websites. But there's no way they can block everything. 

By default, Safari clears your anti-tracking profile every time you clear your browser cookies and history, so you could do that frequently. You can also turn off the customized anti-tracking in Safari's preferences. But then of course, either way, Safari's anti-tracking mechanisms might not work at all.

Google tried this but gave up

In a different tweet, Schuh disclosed that Google had been working on its own dynamically updated anti-tracking mechanism for Chrome, but gave it up after finding out that it created its own tracking mechanism.

But it's not all bad blood between the Google and Apple browser teams.

"It's clear that Apple is trying to do the right thing and the WebKit folks we've interacted with care deeply about privacy," Janc tweeted. "We hope that these results will help Safari & guide other browser vendors in the long run."

"The authors of this report believe strongly in improving the privacy posture of the web and applaud Safari developers' ongoing efforts in this area," the Google research paper states in an endnote. "We look forward to collaborating with Apple on future security and privacy improvements to the web."

How Safari gets squeezed to squeal on users

The big privacy issue with web browsing today is that when you load a web page on a given website, you're often actually loading content from dozens of other websites that you had no intention of visiting. 

For example, if you're reading this very story on the Tom's Guide website in a desktop browser, you're probably loading content from Google's DoubleClick ad network and several other ad networks, a few different analytics services, our video-streaming partner, and some other sites. We do this because we need to make money, as we don't charge you for our content.

You'll see the same thing on most other commercial news websites, from Fox News to the New York Times. Not all of those hidden links are tracking you, but a fair number are. 

It's that kind of cross-site tracking that Safari tries to limit. If you're visiting Site A, then Safari lets Site A see everything it should about your browser, including the site you just came from and the cookies you have already loaded that pertain to Site A.

But if Site A quietly loads content from Sites B, C, D and E without telling you, then Safari won't let those sites see the same kind of data that Site A gets. The idea is that you didn't intend to visit Sites B through E, and hence they shouldn't get your information.

As noted above, most browsers keep lists of the most commonly used third-party trackers and limit the amount of data that those trackers can get -- for all users. It's a one-size-fits-all, top-down approach. 

Safari's Intelligent Tracking Prevention works from the bottom up instead. It counts how often a given third-party tracker is loaded by the websites a user visits. 

Each time a specific tracker is loaded, that's an "ITP strike." And, yep, after three strikes (according to the Google researchers), the tracker is called out and Safari drastically limits the amount of information the tracker can get about the user and the browser.

The problem is that this block list is going to be different for each user. By deliberately forcing ITP strikes from specific websites and seeing what kind of information is blocked, an external party such as an ad network can get a pretty good idea of what each user's ITP block list looks like. 

Or, in the Google research paper's academic language, "because the ITP list implicitly stores information about the websites visited by the user, leaking its state reveals sensitive private information about the user's browsing habits."

In other words, say the Google researchers, Safari's anti-tracking mechanism unintentionally reveals so much about each individual user that it itself becomes a tracking mechanism.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.