Apple Denies It Uses “Fraudulent Website Warning” to Spy on Users

News Apple Denied Warning Featured

In this world of the Internet and so many different ways you can be hacked or subjected to some type of a security breach, it makes people very non-trusting.

For instance, Apple offers a “Fraudulent Website Warning” when a user chances upon a website that may not be secure. But an explanation about what types of situations deem it necessary to use the warning has led some to believe that it’s sending information from every Safari browser on every Mac and iOS device to the Chinese company Tencent.

Fraudulent Website Warning

Apple spells out the practice in its “About Safari Search & Privacy” terms. It states, “Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.”

This produced a backlash of people suddenly worried that this warning is giving Apple the license to spy on them, that they are sending all their data to Tencent in China.

Apple released a statement verifying its practice: “Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature.

“When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.”

News Apple Spy On Users

The statement further explains that “Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China. It receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider, and the feature can be turned off.”

What Safari does is store a list of hashed URL prefixes for suspected phishing or spreading of malware. If a user tries to go to those sites that match with the prefix of a suspected site, Safari checks it against lists kept by Google or Tencent to see if they include the website. If it does, it shows the Fraudulent Website Warning.

All visited websites aren’t sent to Google or Tencent. Even if a website is sent, Google and Tencent don’t know the specific site a user intends to visit, as the URL prefixes are hashed. But Safari does communicate with Google or Tencent, meaning they get the user’s IP address.

But only in China does the warning get routed through Tencent. In all other areas it is handled by Google, which some people may still not appreciate.

User Choice

But this doesn’t have to be the case at all. Apple provides users the choice to turn this warning off. They can simply go to Settings > Safari > Fraudulent Website Warning to toggle it to Off.

Does this allay your fears, or are you still worried what Apple does with your Safari browsing history? Chime in through a comment below and let us know.

One comment

  1. “Apple provides users the choice to turn this warning off.”
    What does that accomplish? The culprit is not the warning, it is the Safe Browsing check. Is there a way to turn that off?

    On the face of it, Safe Browsing seems like an altruistic public service by Apple and Google. However, with Google involved, serious question of how much of the browsing history does Google retain for its own uses.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.