Monday, November 16, 13:47
Home inet Safari: Feature may be used to spread "fake news"

Safari: Feature may be used to spread "fake news"

A link sharing feature in iOS versions of Safari allows iPhone, iPad, and iPod Touch users to change their titles when sharing parts of webpages.

One researcher has expressed concern that this feature could be used to spread "fake news" that have a wider impact.

Safari

What is the feature?

When browsing web pages, such as articles in the Safari web browser on iPhone or iPad, users can select and share a snippet of text from the page instead of the entire page.

However, the text snippet can also come from a "text input field" that the user can control and edit.

When you share a snippet of a page with other iPhone users via iMessage, the link preview generated changes and the original title of the webpage is not obvious.

In other words, users can enter an arbitrary text value in its field search bar news sites and then "share" this text value through iMessage.

The link preview created by iMessage, as shown below, will falsely give the impression that user-generated text is the actual title of the page.

Behavior can be played especially when the Apple device is in “landscape orientation ”and when sharing links with iMessage among iPhone users.

So sharing content this way from iPhone to Android would not result in this behavior.

This "feature" was previously reported by MacRumours in 2019, which pointed out that there were some legal cases of using this feature.

However, Josh Long, who is the chief security analyst at Intego, believes that in addition to some harmless pranks, this feature can have a wider impact if used to spread false information (so-called fake news).

"At the moment there is nothing to stop a user from entering a misleading title or other misleading text in a field and making it part of the page preview," Long explained on the Intego 2019 blog.

The issue was made public months ago and Apple has not fixed it

Although findings related to this issue have been made public since 2019, the latest Apple devices continue to ship with this feature enabled.

On November 5, Apple released iOS 14.2, iPadOS 14.2 and iOS 12.4.9, none of which fixed error of Safari.

We do not know whether this feature has actually been used on a large scale to carry out activities such as manipulating the public or interfering with elections, but that does not mean it should overlooked The worries raised by Intego.

For those interested in trying out this feature for yourself, there is a detail PoC video on YouTube.

Source of information: bleepingcomputer.com

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Safari: Feature may be used to spread "fake news"

A link sharing feature in iOS versions of the Safari browser allows iPhone, iPad and iPod Touch users to change ...

Caution! The new TroubleGrabber Discord malware steals passwords

Netskope security researchers have discovered a new malware called TroubleGrabber that steals credentials and spreads through Discord attachments. In addition,...

Pluto TV: ShinyHunters "hit" the service. Millions of user files are on display

A hacker provides free of charge to an underground forum 3,2 million files of Pluto TV users that are said to have been stolen during a ...

Malwarebytes is a problem for Windows printers

In recent weeks, Malwarebytes users have complained that Windows network printers continue to go offline.

Hacker steals $ 2 million from cryptocurrency service Akropolis

The cryptocurrency lending service Akropolis reports that a hacker carried out a "flash loan" attack on its platform and stole cryptocurrency Dai worth ...

Cencosud: Egregor ransomware has hit multinational retailer

The multinational retail company "Cencosud" based in Chile was attacked over the weekend by the hacking gang of Egregor ransomware, with ...

Arrests of 113 people for publishing child sexual abuse material

A joint operation of Brazil and the United States has led to the arrest of 113 people suspected of creating, producing and ...

Windows ransomware RegretLocker also encrypts virtual disks

As security researchers have discovered, ransomware teams are keeping pace with the trends of the IT industry and have created a new ransomware strain ...

DPH: 10.000 COVID-19 test data have been leaked

According to an announcement made by the Delaware Division of Public Health (DPH) on Sunday, November 15, the organization suffered a data breach ...

How to automatically end meetings in Microsoft Outlook

If you are in meetings all day, let Microsoft Outlook help you by automatically changing the end time so that you can ...