What you need to know
- Yesterday, Apple released iOS 13.4 to the public.
- It brought with it new security and privacy features for Safari on both iOS and Mac.
- Apple now blocks all third-party cookies by default.
Apple released iOS 13.4 to the public yesterday, and with it a swathe of new privacy and security features to better protect the privacy of its users whilst browsing.
The new release comes with several improvements to Apple's Intelligent Tracking Prevention features and also Safari on macOS. Apple's John Wilander described the changes in a blog post:
Cookies for cross-site resources are now blocked by default across the board. This is a significant improvement for privacy since it removes any sense of exceptions or "a little bit of cross-site tracking is allowed."
It might seem like a bigger change than it is. But we've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari. To keep supporting cross-site integration, we shipped the Storage Access API two years ago to provide the means for authenticated embeds to get cookie access with mandatory user control. It is going through the standards process in the W3C Privacy Community Group right now.
In a tweeted summary of the changes Wilander said:
This update takes several important steps to fight cross-site tracking and make it more safe to browse the web. First of all, it paves the way. We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap... Second, full third-party cookie blocking removes statefulness in cookie blocking. There were many who raised concerns over ITP's future back in January. Hopefully, they'll now help spread the message that ITP is not only OK, it's leading the way.
This update takes several important steps to fight cross-site tracking and make it more safe to browse the web. First of all, it paves the way. We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap.— John Wilander (@johnwilander) March 24, 2020
Full third-party cookie blocking also full disables login fingerprinting, which would be used to track which websites you're logged into and use it as a fingerprint. Wilander says Apple's new updates have also solved "cross-site request forgeries" and that all script-writeable storage will now expire after seven days as client-side cookies do.
Developer interview: Steve Troughton-Smith talks iOS 14, WWDC, and more
We caught up with Steve Troughton-Smith to talk about WWDC as a remote conference, and his hopes and dreams for iOS 14.
Apple loses appeal in Italy over iPhone slow down scandal
A court in Italy has upheld a ruling that Apple slowed down iPhones unlawfully, for which Apple was made to pay 10 million euros in fines.
Apple unveils 'Ted Lasso' first look for TV+, debuting August 14
Apple has given its first look at TV+ comedy 'Ted Lasso', which it has announced will debut on August 14.
Add some extra protection with these waterproof cases for iPad Air 3
Splish, splash, don't let your iPad take a bath! Keep your iPad Air 3 (2019) clean and dry with a waterproof case.