In-App iOS Browsers Are Insecure: Use Safari For Sensitive Browsing

In-App iOS Browsers Are Insecure: Use Safari For Sensitive Browsing

iOS: In-app browsers like you find on Twitter or Facebook on iOS are great when you just want to browse content. But Twitterrific developer Craig Hockenberry shows off an exploit that allows any app to grab sensitive data that you type into it.

Essentially, when you use an in-app browser, the app can easily record your key inputs and log them without you knowing a thing. This works in both iOS 7 and iOS 8. It’s not necessarily Apple’s fault either — it’s just the way the coding works for in-app browsers. The solution? Don’t type sensitive content in those browsers. Hockenberry explains:

An in-app browser is a great tool for quickly viewing web content, especially for things like links in Twitterrific’s timeline. But you should always open a link in Safari if you have any concern that your information might be collected. Safari is the only app on iOS that comes with Apple’s guarantee of security.

Just because it’s possible doesn’t mean any apps actually do this, but it’s better to be safe than sorry. Head over to Hockenberry’s blog for all the technical details.

In-App Browsers Considered Harmful [Furbo]

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


Leave a Reply