"Google Finds Privacy Holes in Safari’s ITP Anti-Tracking System"

Google researchers have discovered that Apple's Intelligent Tracking Prevention (ITP) could leave users exposed to privacy issues, including being tracked. Some of the flaws found with Safari's ITP have gotten fixed by an update, but not all. The flaw in Safari's ITP creates a "global state" for a user's browsing history and can become accessible to any website a user visits. Websites used by adversaries can attempt to access this global state to work out if a given domain is on the list of what websites a user has visited. The unique state of a user's ITP database can be used against them as a "fingerprint" useful for cross-site tracking.

Naked Security reports: "Google Finds Privacy Holes in Safari’s ITP Anti-Tracking System"