Google Chrome Privacy Loophole
A Google indicates that there is a privacy issue in incognito Chrome. News editors can detect if the browser is incognito and use this information to provide other options to the user. This violates the web standard of an ever-changing privacy model.
According to Google:
“This will affect some publishers who use this vulnerability to avoid circumventing accounts…
Unlike the payment or registration wall, which requires users to log in to view content, the auditor provides several free articles before logging in. The model is porous because it is based on the site’s ability to track its quantity. Objects that are visible by one person, usually using cookies.
Private browsing mode is one of many strategies for managing users of their cookies and, therefore, “zeroing out” the number of counters. “
What is the Chrome Privacy Loophole?
Chrome has a feature called File System API. This feature will be disabled when Chrome is in incognito mode. News editors use this information to locate visitors in incognito mode. Then the news editor forces the user to turn off incognito mode or enter his site.
The problem with this action is that it violates the web standard that applies to browser privacy mode.
Contact our content marketing company to tell your story.
Here’s how Google explains it:
“With the release of Chrome 76 on July 30, the behavior of the File System API will change following this method of detecting private browsing.”
This means that news publishers who provide items to the counter will not be able to detect the browser in private browsing mode, giving them unlimited access to the content.
Google claims that news publishers can choose, but these offers are not the right solution for unlimited access to articles.
“There are several options for sites that want to block bypass counters. For example, reducing the number of free items that a person can see before logging in, requesting a free registration to view content or improving their goals.”
Standard online privacy mode
The web standard of browser privacy mode indicates that the website should not detect that the visitor is in privacy mode.
“…The site should not detect the use of the private browsing mode.
When differences in browsing behavior between privacy modes and default modes can be detected due to standardization or implementation details, the site may decide to reduce browser capabilities (for example, by not showing when users discover in private browsing mode rather than content). This is not a recommendation. “
Google Did not Address Tracking Protection.
In June 2019, Firefox secretly accused Chrome of giving a false sense of security and allowing private tracking. According to Firefox:
“Byre moving the story, this function may prevent your wife from knowing what you are going to do on her birthday, but this does not interfere with third-party tracking.”
Today’s post did not eliminate this vulnerability. There is nothing in the web standard that could reduce vulnerability.
The W3CNetwork Standard recognizes that browsers can join tracking features for competitive reasons. Instead of disabling the W3C ad, it allows the needs of the market and users to force the browser to do this.
Read also: SEO: What SEOs Should Be Aware Of Third-Party Site Metrics.
Here’s the official standard:
“Network security is an area of competition between browsers; for example, some browsers offer more powerful protection for tracking and blocking….”
Today’sannouncement shows that Chrome has made significant strides in protecting consumer privacy. It would be interesting if Firefox’s more certain security features began undermining Chrome’s market dominance.