apple关闭双重验证
If you use Safari on certain versions of iOS, then your IP address is being sent to Google or Tencent by default. Tencent is the Chinese equivalent of Facebook, who owns the popular WeChat mobile app. Tencent also works closely with the Chinese government. It is possible to stop your data from being sent to these companies.
如果您在某些版本的iOS上使用Safari,则默认情况下会将您的IP地址发送给Google或腾讯。 腾讯的中文版相当于拥有流行的微信移动应用程序的Facebook。 腾讯还与中国政府紧密合作。 可以阻止将您的数据发送给这些公司。
Devices send data to Tencent if the region code is set to mainland China. All other devices send data to Google.
如果将地区代码设置为中国大陆,则设备会将数据发送到腾讯。 所有其他设备将数据发送到Google。
Here is what an Apple spokesperson said about this feature in a statement to The Register:
以下是苹果发言人在向The Register发表的声明中对此功能的评价 :
Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature.
Apple通过Safari Fraudulent Website Warning(Safari欺诈网站警告)保护用户隐私并保护您的数据,该安全功能会标记已知为恶意的网站。
When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing. To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent.
启用此功能后,Safari会根据已知网站列表检查网站URL,并在警告用户访问的URL被怀疑存在欺诈行为(例如网络钓鱼)时显示警告。 为了完成此任务,Safari收到了来自Google的已知恶意网站列表,对于区域码设置为中国大陆的设备,它也收到了腾讯的列表。
The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.
您访问的网站的实际URL永远不会与安全的浏览提供商共享,并且可以关闭该功能。
While the actual URL you visit is not shared, your IP address is shared. Your IP address can reveal your general location and other details about you. It is shared in order to determine if the website you are visiting is a fraudulent site.
虽然您访问的实际URL未共享,但您的IP地址却共享。 您的IP地址可以显示您的一般位置和其他有关您的详细信息。 为了确定您访问的网站是否为欺诈性网站,将其共享。
This data is being shared automatically by a lot of people. Safari has a U.S. market share of over 50% since it is the default browser on iOS devices.
许多人会自动共享此数据。 由于Safari是iOS设备上的默认浏览器,因此在美国的市场份额超过50%。
Also, even if you use a third-party browser on your iOS device, your data may be still sent to Google and Tencent. When you view a web page from inside an app, the pages open inside a version of the Safari browser. Since many apps open Safari from within the app, it is almost impossible to avoid Safari.
另外,即使您在iOS设备上使用了第三方浏览器,您的数据也可能仍会发送到Google和腾讯。 当您从应用程序内部查看网页时,这些页面会在Safari浏览器的一个版本中打开。 由于许多应用程序都从应用程序内部打开Safari,因此几乎不可能避免使用Safari。
To stop your IP address from being sent to Google and Tencent, you must disable the "Fraudulent Website Warning". Keep in mind that disabling this feature can make you more vulnerable to accessing fraudulent websites.
要停止将您的IP地址发送给Google和腾讯,您必须禁用“欺诈网站警告”。 请记住,禁用此功能会使您更容易访问欺诈性网站。
Here is how to disable the "Fraudulent Website Warning" in iOS:
以下是在iOS中禁用“欺诈性网站警告”的方法:
- In iOS settings, select "Safari". 在iOS设置中,选择“ Safari”。
- Scroll down a bit and toggle "Fraudulent Website Warning" to the off position. 向下滚动一点,然后将“欺诈性网站警告”切换到关闭位置。
什么是“安全浏览”? (What is "Safe Browsing"?)
The "Fraudulent Website Warning" service uses Google Safe Browsing and Tencent Safe Browsing. This is a service originally developed by Google. Users sometimes come across malicious sites and phishing pages. Google has a big list of these sites and created "safe browsing" to help notify users when the site they are accessing could be malicious.
“欺诈网站警告”服务使用Google安全浏览和腾讯安全浏览。 这是最初由Google开发的服务。 用户有时会遇到恶意站点和网络钓鱼页面。 Google在这些网站上列出了大量清单,并创建了“安全浏览”功能,以在用户访问的网站可能为恶意网站时通知用户。
Here is how Google provides this service, called the "Update API", according to cryptography researcher Matthew Green:
根据密码学研究人员Matthew Green的说法,Google提供此服务的方式称为“更新API”:
1. Google first computes the SHA256 hash of each unsafe URL in its database, and truncates each hash down to a 32-bit prefix to save space.
1. Google首先计算其数据库中每个不安全URL的SHA256 哈希值 ,然后将每个哈希值截断为32位前缀以节省空间。
2. Google sends the database of truncated hashes down to your browser.
2. Google将截短的哈希数据库发送到您的浏览器。
3. Each time you visit a URL, your browser hashes it and checks if its 32-bit prefix is contained in your local database.
3.每次访问URL时,浏览器都会对其进行哈希处理,并检查其32位前缀是否包含在本地数据库中。
4. If the prefix is found in the browser’s local copy, your browser now sends the prefix to Google’s servers, which ship back a list of all full 256-bit hashes of the matching URLs, so your browser can check for an exact match.
4.如果在浏览器的本地副本中找到了前缀,则您的浏览器现在会将前缀发送到Google的服务器,这些服务器会返回匹配URL的所有完整 256位哈希值的列表,因此您的浏览器可以检查是否完全匹配。
Presumably, the same method is used by Tencent in China. But instead of the hashed prefix being sent to Google, it is sent to Tencent.
据推测,腾讯在中国使用了相同的方法。 但是,不是将哈希前缀发送给Google,而是发送给腾讯。
This process should be secure since the actual URLs you visit are not sent over, just a hashed version of the URL. However, some security researchers have pointed out that by analyzing the hundreds of hashed URLs sent to this service by a single user, it could be possible to de-anonymize that user.
此过程应该是安全的,因为您访问的实际URL不会发送出去,而只是URL的哈希版本。 但是,一些安全研究人员指出,通过分析单个用户发送给该服务的数百个哈希URL,可以使该用户匿名。
Safari isn't the only browser using Google Safe Browsing. The Google Chrome, Firefox, Vivaldi, and GNOME Web browsers use the Google Safe Browsing service. So if you don't want your data sent to Google, choose a browser not on that list or disable the service within the browser settings.
Safari不是唯一使用Google安全浏览的浏览器。 Google Chrome,Firefox,Vivaldi和GNOME Web浏览器使用Google安全浏览服务。 因此,如果您不希望将数据发送给Google,请选择不在该列表中的浏览器,或者在浏览器设置中禁用该服务。
Many people believe that it is worth sharing their IP addresses with Google and/or Tencent to get more protection from malicious sites. You have to decide for yourself if it is worth the risk.
许多人认为,值得与Google和/或腾讯共享IP地址,以从恶意站点获得更多保护。 您必须自己决定是否值得冒险。
apple关闭双重验证
3611
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
