Home

Aug 13, 2019

Google said they had fixed the Incognito loophole in Chrome ...

authorarticle: Master3395
Skjermbilde-2019-08-09-kl.-17.22.29.jpg
video: 
youtube: 
sources: Neowin
keywords: chrome, inkognito
Category: Google
Posted by: Admin

But websites have found a different solution.

But websites have found a different solution.

In earlier versions of Chrome, web pages had the option of checking if visitors have Incognito mode turned on.

However, as of Chrome 76, web pages cannot check whether the FileSystem API is available. When websites lose this opportunity, it means that it becomes impossible to determine whether or not the user has Incognito mode.

We thought.

Sealed holes, but it was not enough
The New York Times still able to identify whether or not the user is in Incognito mode.

TechDows thinks they have the answer to why. Security experts Vikas Mishra and Jesse Li have figured out how websites can get past Google's protections. Previously, web pages about FileSystem API, which asks to write directly to the hard disk, returned an error. If an error message was received, Incognito mode was turned on.

Google fixed this problem by having Chrome write data to the computer's memory instead.

Wondering past
But now websites can use the Quota Management API to exploit differences in the way temporary storage quotas behave between Incognito mode and regular browsing. In addition, web pages can also track write speeds to determine whether the data is written to the hard disk or memory (RAM). As the speed of writing is faster through memory, this may be an indicator of whether the user has enabled Incognito mode or not.

Probably fixed
Google has previously promised that Chrome should not reveal whether or not the user has private browsing turned on. Chrome developers have already created an error report for both of these gaps, so we should not overlook the fact that the company is launching a bug fix shortly.

authorarticle: Master3395
Skjermbilde-2019-08-09-kl.-17.22.29.jpg
video: 
youtube: 
sources: Neowin
keywords: chrome, inkognito

Comments:

comments powered by Disqus

Return

Sponsored Ads:

Discord

Page 1 of 586  >  >>

Microsoft may have solved customers' console chaos if they did this

xbox.webp

Nov 27, 2020 | Category: Microsoft | Comments

During a lengthy interview with The Verge, Phil Spencer reveals that the Xbox team has been thinking about how to solve the pre-order chaos.

read more…

Microsoft discounts M365 Business Premium by 25%

Microsoft.jpg

Nov 26, 2020 | Category: Microsoft | Comments

Citing "Small Business Saturday," an upcoming American Express-created promotional event, Microsoft is cutting Business Premium's per-user per-month cost to $15.

read more…

Now Chrome extensions have to answer for themselves

chrome.webp

Nov 25, 2020 | Category: Google | Comments

From January next year, Google will require extensions to Chrome to explain what user data is used for.

read more…

Page 1 of 586  >  >>