Lately macOS is getting criticism regarding privacy of the information we have on our Mac. On this occasion, it is not private or sensitive information, but it is information from our browsing history and the use of it by third parties is unknown, even though these third parties are application developers that we have installed.
The discovery comes from Jeff Johnson. Johnson's expertise in computer security research began with the vulnerabilities in the RSS Vienna client and later created the content blocker StopThe Madness.
Jeff Johnson's discovery is the privacy that the library folder dedicated to Safari. It has found a defect that allows any software to consult the content of this file, which should be closed to the vast majority of applications. This query can be accessed without user intervention and without authorization dialogs. Therefore, although the information is not relevant, a malware can obtain information without our consent.
It is true that since the first version of macOS Mojave, the library folder that contains Safari information, received a limitation that made it impossible to access most applications. So far, any application can access the history without our consent. In Mojave, even the Terminal application cannot access the content. The problem comes with the dilemma of what information is fully available and what is not. For example, it must be available for a Spotlight query, but not for a third-party application.
Given that Johnson has an important reputation, he is probably correct and Apple already worked to fix or strengthen security in this matter, in a future update. Perhaps the reason why increasingly small slots appear in macOS security is due to the increasing spread of macOS. This makes developers, but also hackers or security analysts look at the Mac operating system.