Category: Google|Aug 13, 2019 | Author: Admin

Google said they had fixed the Incognito loophole in Chrome ...

Share on

But websites have found a different solution.

But websites have found a different solution.

In earlier versions of Chrome, web pages had the option of checking if visitors have Incognito mode turned on.

However, as of Chrome 76, web pages cannot check whether the FileSystem API is available. When websites lose this opportunity, it means that it becomes impossible to determine whether or not the user has Incognito mode.

We thought.

Sealed holes, but it was not enough
The New York Times still able to identify whether or not the user is in Incognito mode.

TechDows thinks they have the answer to why. Security experts Vikas Mishra and Jesse Li have figured out how websites can get past Google's protections. Previously, web pages about FileSystem API, which asks to write directly to the hard disk, returned an error. If an error message was received, Incognito mode was turned on.

Google fixed this problem by having Chrome write data to the computer's memory instead.

Wondering past
But now websites can use the Quota Management API to exploit differences in the way temporary storage quotas behave between Incognito mode and regular browsing. In addition, web pages can also track write speeds to determine whether the data is written to the hard disk or memory (RAM). As the speed of writing is faster through memory, this may be an indicator of whether the user has enabled Incognito mode or not.

Probably fixed
Google has previously promised that Chrome should not reveal whether or not the user has private browsing turned on. Chrome developers have already created an error report for both of these gaps, so we should not overlook the fact that the company is launching a bug fix shortly.

Sponsored Ads:

Comments:


Android's underappreciated upgrade advantage

Category: Google|Sep 24, 2021 | Author: Admin

No Electricity? A New Cooling System Uses Sunlight and Saltwater

Category: General|Sep 23, 2021 | Author: Admin

Slack begins rolling out video and audio message ‘clips’

Category: General|Sep 22, 2021 | Author: Admin

Roku's free OS 10.5 lets you dictate passwords, fixes pesky sound lags on headphones

Category: IT|Sep 21, 2021 | Author: Admin

Some good news and some strange news from Apple

Category: Apple|Sep 20, 2021 | Author: Admin

New Windows security updates break network printing

Category: Microsoft|Sep 19, 2021 | Author: Admin

Sent 700tb over 4 km of laser technology

Category: IT|Sep 18, 2021 | Author: Admin

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin

iPhone 13 unveiled in Ukraine

Category: Apple|Sep 10, 2021 | Author: Admin
more