Safari Private Browsing Non Existent on iOS 10
The iOS 10 came amidst big fanfare but now it’s time to review the software. Shortly after it arrived, researchers noticed that there was a problem with the software as it unexpectedly started having problems and forced Apple to bring out a new update, the iOS 10.0.2 sooner than later. Now another problem seems to have come up. It turns out that in the new software, the privacy mode of the Safari browser does not offer the same level of browsing as it did in the past software, according to one researcher.
Unlike the previous software updates, Safari is now saving the website links visited even when you are using the privacy mode, meaning that the links are now easily traced back even when the session closes. The Digital Forensic Analyst for IntaForensics, Stacey Jury said that some commercially available tools could be easily used to get back the accessed pages even when they are deleted from the device.
This is due to the recover suspend state that is received from the iOS 10 devices and works within both the private and normal browser. The Suspend State is made to create a list of the links within the browser itself which makes it easy to switch from back to front the recent pages which will be in the currently accessed pages.
The Suspend State was previously put in a way that it would prevent any information recovery, but it seems the iOS 10 update has changed all that. Previously, Safari was storing the information in a Plist, which meant the web page entry would then also be removed from that list as soon as the session ended, which therefore prevented any link recoveries after the session.
Suspend State is however stored in a database in the new iOS 10 software, which means that deleted records can easily be recovered. The Jury said she ran an experiment on an iPhone 5s and she managed to retrieve all the web pages she had visited from the private browsing session, through the use of a commercial tool.
She then tried to extract the web links from the Private Mode and then closed it, and they were no longer on the BrowserState.db database of the phone. The approach was successful at extracting data meaning that the new method is not efficient at keeping user data in private browser mode.
Over the past few weeks since the release of the iOS update, researchers have noticed that there have been some problems. Local backups on computers through iTunes are now easy to brute force giving attackers numerous chances to guess the password. Just last week, the iMessage platform was seen to be sending information on who users attempt to message and actually message with.
Apple must surely do better if they are going to continue being the most valuable company in the world.