Skip to main content

Is Safari Safe?

Is Safari Safe?

Laura Martisiute

August 30, 2024

Reading time: 11 minutes

If you use or plan to use Safari, you need to know: Is Safari safe? 

Below, we explain whether Safari is: 

  • Safe to use. 
  • Good for privacy. 

We also look at some steps you can take to improve both your safety and privacy when using this web browser. 

What Is Safari?

Safari is a web browser developed by Apple Inc. It is the default browser for Apple’s devices, including iPhones, iPads, Mac computers, and iPods. 

Safari

Safari was first released in 2003 and has since become one of the most popular browsers worldwide, particularly among Apple users.

Safari is known for its fast browsing speeds, thanks to its efficient use of system resources and advanced optimization techniques. It’s also designed to be energy-efficient, which is particularly important for mobile devices like iPhones and iPads. This helps extend battery life during browsing sessions.

Safari offers a clean and minimalistic user interface with easy access to features like Reader Mode, which simplifies web pages for easier reading, and a customizable Start Page.

Is Safari Safe?

Safari is generally considered to be a safe and secure web browser. 

By default, the browser prioritizes secure connections using HTTPS, ensuring that data exchanged between you and the websites you visit is encrypted.

Safari employs sandboxing to isolate each web page you visit, preventing malicious code on one page from affecting the rest of your system. 

The browser has a built-in feature that warns you if you are about to visit a known phishing or fraudulent website. It also blocks pop-ups and harmful content automatically, reducing the risk of encountering malicious websites.

The software is regularly updated with the latest security patches and improvements via macOS and iOS updates.

It integrates with Apple’s Keychain, allowing users to store and autofill strong, unique passwords securely across their devices. Safari monitors your saved passwords against known data breaches. If a password you use has appeared in a breach, Safari will alert you to change it, helping to protect your accounts.

Safari’s extension library is more curated than many other browsers, reducing the risk of installing malicious or poorly-coded extensions. Apple reviews these extensions to ensure they meet security standards.

Safari relies heavily on WebKit, the underlying browser engine. Over the years, several vulnerabilities have been discovered in WebKit that exposed Safari users to potential attacks. In 2022, for instance, Apple patched a WebKit-related zero-day that could allow hackers to gain control over users’ devices.

No major data breaches have been associated with Safari at the time of writing. 

Is Safari safe, according to Reddit?

Yes, the general consensus on Reddit is that Safari is safe and also more private than other popular browsers. However, Redditors also say there are better (i.e., more private) browsers out there. 

Reddit post on the safety and privacy of Safari

Is Safari safer than Chrome?

Both browsers are generally secure, but Safari has a stronger emphasis on privacy. Chrome offers more extensions and plugins than Safari but is more focused on data collection and advertising. 

That said, some users say that Safari updates tend to come later than Chrome updates. 

Safari vs Chrome forum discussion

Neither Safari nor Chrome appear in PC Mag’s “Best Private Browsers for 2024” list. Both browsers are also absent from ZDNET’s list.

Is Private Mode on Safari safe?

Yes, Private Mode (also known as Private Browsing) on Safari is generally safe as long as you understand what it does and does not protect you from.

What Safari’s Private Mode does:

  • Prevents local data storage. When you browse in Private Mode, Safari does not store your browsing history, cookies, or autofill data once the session is closed. This means that websites you visit won’t appear in your history, and cookies or cached data won’t persist once you close the private window.
  • Blocks some trackers. Safari’s Private Mode works alongside Intelligent Tracking Prevention (ITP), which blocks cross-site trackers from profiling your browsing habits. This adds a layer of protection against being tracked across different websites.
  • Temporary privacy. Any tabs or searches made within a Private Mode session are isolated from your regular browsing. They won’t influence suggestions in your search bar or be linked to your usual browsing data.

What Safari’s Private Mode does NOT do:

  • Make you anonymous. Private Mode does not hide your IP address, location, or browsing activity from your Internet Service Provider (ISP), employer, or the websites you visit. It only prevents local data storage on your device.
  • Bypass network-level monitoring: If you are on a monitored network (e.g., a school, workplace, or public Wi-Fi), administrators can still track your browsing activity. Private Mode does not encrypt or hide your traffic from network-level tracking tools.
  • Protect against malware or phishing. Private Mode does not provide additional protection against malicious websites, downloads, or phishing attacks. You still need to be cautious and rely on built-in security features like Safari’s Safe Browsing.

Apple has instructions on how to enable Safari Private Mode on its website

Is Safari password manager safe?

Yes, Safari’s password manager, which is integrated into Apple’s ecosystem as iCloud Keychain, is generally considered safe.

iCloud Keychain employs end-to-end encryption, meaning your passwords are encrypted on your device before being uploaded to iCloud. Only your devices can decrypt this information, ensuring that even Apple cannot access your passwords.

Information about Safari password manager's data protection

iCloud Keychain supports two-factor authentication (2FA) codes, which can be generated and autofilled within Safari. 

Access to your stored passwords is protected by your device’s biometric authentication (Face ID, Touch ID) or passcode, providing another layer of security. 

Safari’s password manager includes features like password monitoring. If a password you’ve stored in the iCloud Keychain is involved in a known data breach, you’ll receive a warning suggesting that you change it.

However, iCloud Keychain may lack some of the advanced features found in dedicated password managers, such as secure sharing of credentials or detailed security audits.

Safari password manager gets favorable mentions from publications like WIRED and TechRadar

Is Safari Private?

Depends on your definition of “private.” 

Overall, Safari is well-regarded for its privacy features, though internet users note that there are more private browsers out there. 

Some privacy features that Safari offers include:

  • Intelligent Tracking Prevention. Limits how websites and advertisers track your browsing activity across different sites. It works by reducing the ability of third-party cookies to track you, making it harder for companies to create detailed profiles based on your online behavior.
  • Protections against “fingerprinting.” By limiting the amount of information shared with websites, Safari reduces the effectiveness of fingerprinting, a technique some websites use to identify and track you based on your device’s unique characteristics (like screen resolution, installed fonts, etc.). However, researchers have found methods to bypass some of these protections
  • Private Browsing Mode. When using Private Browsing, your browsing history, search history, and cookies are not saved. 
  • Privacy Report. This shows you how many trackers have been blocked on each website you visit, giving you more transparency into how your data is being protected. You can access this directly from the Safari toolbar.
  • Ad and pop-up blocking. Safari has built-in options to block pop-ups and content that might be trying to track or target you with ads. This helps to reduce your exposure to ads that may also serve as trackers.
  • Third-party cookie blocking. Safari automatically blocks third-party cookies by default. This prevents websites from storing cookies that are primarily used to track your browsing across different sites.
  • DuckDuckGo integration. Safari offers DuckDuckGo as a built-in search engine option, which is a privacy-focused search engine that does not track your search history.
  • iCloud Private Relay. When using iCloud+, Safari can take advantage of iCloud Private Relay. This feature encrypts your web traffic and routes it through two different relays to obscure your IP address and browsing activity from websites and networks.

In 2024, The Wall Street Journal fact-checked some of Safari’s privacy claims. The columnist Shira Ovide took the “Cover Your Tracks” privacy test from the nonprofit Electronic Frontier Foundation and found that she only had partial protection from common types of data tracking while using the Safari browser on her iPhone.

Apple was allegedly involved with PRISM, a surveillance program run by the U.S. National Security Agency (NSA). At the time, Apple stated that it had never heard of the program before it was reported in the media.

In 2017, it was discovered that Apple retained deleted Safari browsing history in iCloud for over a year despite users believing the data had been permanently erased. A Russian security firm found that this data, including URLs and metadata, was stored in a hidden database and could be retrieved using specialized tools. After the issue was publicized, Apple shortened the retention period. 

In its privacy policy, Apple outlines what personal data it collects from you, how it uses it, and how it shares it. 

Terms of Service; Didn’t Read (ToS;DR), a project that rates internet services’ terms of service and privacy policies, gives Apple Services’ a “Grade D.” This means “The terms of service are very uneven or there are some important issues that need your attention.”

ToS;DR notes that the service:

  • May collect, use, and share location date.
  • Collects many different types of personal data.
  • Tracks which web page referred you to it.
  • Uses your personal data for advertising. 

On a positive note, ToS;DR says that the service does not sell your data, allows users to request access and deletion of their personal data, and keeps its retention period to the minimum necessary for fulfilling its purposes. 

How to Improve Your Safety and Privacy On Safari

Follow the steps below for a more private and secure experience on Safari. 

  • Enable Private Browsing Mode. Whenever you want to keep your browsing history, searches, and cookies from being saved, use Safari’s Private Browsing Mode. You can open a private window by selecting “File” > “New Private Window” from the Safari menu.
  • Enable cross-site tracking prevention. Safari automatically blocks cross-site tracking, but you can double-check that it’s enabled by going to “Safari” > “Settings” (or “Preferences”) > “Privacy” and ensuring “Prevent cross-site tracking” is checked.
  • Block all cookies. For maximum privacy, you can block all cookies by going to “Safari” > “Settings” > “Privacy” and selecting “Block all cookies.” Note that this might affect how some websites function.
  • Disable location services for Safari. If you don’t want websites to access your location, go to “System Preferences” > “Security & Privacy” > “Privacy” > “Location Services” and uncheck Safari.
  • Use DuckDuckGo as your default search engine. DuckDuckGo doesn’t track your searches or store personal information. To set it as your default search engine, go to “Safari” > “Settings” > “Search” and select DuckDuckGo.
  • Limit Safari extensions. Only install trusted extensions that you absolutely need. You can manage extensions by going to “Safari” > “Settings” > “Extensions.”
  • Clear browsing data regularly. Periodically clear your browsing history, cookies, and other website data by going to “Safari” > “Clear History” and choosing how far back you want to clear.
  • Disable autofill. Turn off Safari’s Autofill feature for things like credit cards, passwords, and contact information by going to “Safari” > “Settings” > “Autofill” and unchecking the options you want to disable.
  • Use content blockers. Install content blockers to prevent ads, trackers, and other unwanted content from loading on websites. To enable them, go to “Safari” > “Settings” > “Extensions” and check the content blocker you want to use.
  • Disable JavaScript for enhanced privacy. Turn off JavaScript to prevent certain types of tracking and reduce the risk of malicious scripts by going to “Safari” > “Settings” > “Security” and unchecking “Enable JavaScript.” Note that this may affect some websites’ functionality.
  • Disable website notifications. Prevent websites from requesting to send you notifications by going to “Safari” > “Settings” > “Websites” > “Notifications” and unchecking “Allow websites to ask for permission to send notifications.”
  • Use a VPN. Use a Virtual Private Network (VPN) to mask your IP address and encrypt your internet connection. Choose a reputable VPN service and enable it while browsing in Safari.
SHARE THIS ARTICLE
Laura Martisiute is DeleteMe’s content marketing specialist. Her job is to help DeleteMe communicate vital privacy information to the people that need it. Since joining DeleteMe in 2020, Laura h…
Laura Martisiute is DeleteMe’s content marketing specialist. Her job is to help DeleteMe communicate vital privacy information to the people that need it. Since joining DeleteMe in 2020, Laura h…
Hundreds of companies collect and sell your private data online. DeleteMe removes it for you.

Our privacy advisors: 

  • Continuously find and remove your sensitive data online
  • Stop companies from selling your data – all year long
  • Have removed 35M+ records
    of personal data from the web
Special Offer

Save 10% on any individual and
family privacy plan
with code: BLOG10

Want more privacy
news?
Join Incognito, our monthly newsletter from DeleteMe that keeps you posted on all things privacy and security.

Don’t have the time?

DeleteMe is our premium privacy service that removes you from more than 750 data brokers like Whitepages, Spokeo, BeenVerified, plus many more.

Save 10% on DeleteMe when you use the code BLOG10.

Related Posts

Is Brave Browser Safe?

If you use or plan to use Brave browser, you need to know: Is Brave browser safe?  Below, we explain whether Brave browser is:  We also g…
Laura Martisiute
June 25, 2024

Is Tor Safe?

If you use or plan to use Tor, you need to know: Is Tor safe?  Below, we explain whether Tor is:  We also give some steps you can take to…
Laura Martisiute
June 25, 2024

Is Etsy Safe?

If you use or plan to use Etsy, you need to know: Is Etsy safe?  Below, we explain whether Etsy is:  We also give some steps you can take…
Laura Martisiute
June 25, 2024