Google Under Fire for Circumvention of Cookie Settings in Safari for iOS to Track Users
The Wall Street Journal reports that Google and several other advertising agencies have been discovered to be circumventing privacy protections in Apple's Safari browser for iOS devices in order to track users through ads on numerous popular websites. Google implemented the technique in order to embed +1 buttons on its ads, tricking users' systems into allowing cookies by using an invisible form submission to make Google's third-party cookies, which are blocked by Safari, appear as first-party cookies that are allowed.
To get around Safari's default blocking, Google exploited a loophole in the browser's privacy settings. While Safari does block most tracking, it makes an exception for websites with which a person interacts in some way—for instance, by filling out a form. So Google added coding to some of its ads that made Safari think that a person was submitting an invisible form to Google. Safari would then let Google install a cookie on the phone or computer.
The cookie that Google installed on the computer was temporary; it expired in 12 to 24 hours. But it could sometimes result in extensive tracking of Safari users. This is because of a technical quirk in Safari that allows companies to easily add more cookies to a user's computer once the company has installed at least one cookie.
Google halted the practice once it was contacted by The Wall Street Journal about it, but has tried to downplay the impact of the issue.
In a statement, Google said: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
In a companion blog post, The Wall Street Journal notes that the loophole that had permitted Google to bypass Safari's privacy protections has been closed in WebKit, the open source engine behind Safari, with the change having been made by two Google engineers. Consequently, Apple could and appears to be preparing to bring that fix to the public version of Safari.
An Apple spokesman said: “We are aware that some third parties are circumventing Safari’s privacy features and we are working to put a stop to it.”
An update to the software that underlies Safari has closed the loophole that allows cookies to be set after the automatic submission of invisible forms. Future public versions of Safari could incorporate that update. The people who handled the proposed change, according to software documents: two engineers at Google.
The issue was discovered by Stanford graduate student Jonathan Mayer, who has also published an extensive blog post offering additional technical details on how Google and other advertising companies circumvented Safari's default cookie settings.
Popular Stories
Macworld's Filipe Espósito today revealed a handful of features that Apple is allegedly planning for iOS 26.4, iOS 27, and even iOS 28.
The report said the features are referenced within the code for a leaked internal build of iOS 26 that is not meant to be seen by the public. However, it appears that Espósito and/or his sources managed to gain access to it, providing us with a sneak peek...
Software from an iPhone prototype running an early build of iOS 26 leaked last week, giving us a glimpse at future Apple devices and iOS features. We recapped device codenames in our prior article, and now we have a list of some of the most notable feature flags that were found in the software code.
In some cases, it's obvious what the feature flags are referring to, while some are more...
Last week, details about unreleased Apple devices and future iOS features were shared by Macworld. This week, we learned where the information came from, plus we have more findings from the leak.
As it turns out, an Apple prototype device running an early build of iOS 26 was sold, and the person who bought it shared the software. The OS has a version number of 23A5234w, and the first...
The first foldable iPhone will feature a series of design and hardware firsts for Apple, according to details shared by the Weibo leaker known as Digital Chat Station.
According to a new post, via machine translation, Apple is developing what the leaker describes as a "wide foldable" device, a term used to refer to a horizontally oriented, book-style foldable with a large internal display....
Apple is testing iOS 26.3, the next version of iOS 26 that will launch around January. Since iOS 26.3's testing is happening over the holidays, it is a smaller update with fewer features than we've seen in prior betas.
We've rounded up what's new so far, and we'll add to our list with subsequent betas if we come across any other features.
Transfer to Android
Apple is making it simpler...
Apple today released iOS 26.2, the second major update to the iOS 26 operating system that came out in September, iOS 26.2 comes a little over a month after iOS 26.1 launched. iOS 26.2 is compatible with the iPhone 11 series and later, as well as the second-generation iPhone SE.
The new software can be downloaded on eligible iPhones over-the-air by going to Settings >...
Apple seeded the second iOS 26.2 Release Candidate to developers earlier this week, meaning the update will be released to the general public very soon.
Apple confirmed iOS 26.2 would be released in December, but it did not provide a specific date. We expect the update to be released by early next week.
iOS 26.2 includes a handful of new features and changes on the iPhone, such as a new...
Apple released the AirPods Max on December 15, 2020, meaning the over-ear headphones launched five years ago today. While the AirPods Max were updated with a USB-C port and new color options last year, followed by support for lossless audio and ultra-low latency audio this year, the headphones lack some of the features that have been introduced for newer generations of the regular AirPods and the ...
