Google inadvertently opens two new 'Incognito' mode detection methods to publishers after patch

Discussion in 'Finance and Traffic' started by R0binHood, Aug 10, 2019.

Tags:
  1. R0binHood

    R0binHood Habitué

    1,222
    432
    +951
    Fascinating article here on how Google accidentally opened two new methods for sites, of particular use to paywalled ones, to detect if a user is in incognito mode after they tried to patch another method. One of these is already being used in production by the NYT.

    Quite cleverly one uses the Chrome Filesystem API to check the RAM available to the browser, which is restricted in incognito mode. The other measures filesystem access times, which are different in incognito mode due to is using a memory filesystem, vs a disk filesystem.

    https://www.bleepingcomputer.com/ne...-mode-can-still-be-detected-by-these-methods/
     
    Last edited: Aug 10, 2019
    • Informative! Informative! x 1
    • List
  2. Alex.

    Alex. The Ancient Dragon

    11,569
    1,322
    +1,190
    "Inadvertently." :morganna:
     
  3. LeadCrow

    LeadCrow Apocalypse Admin

    6,383
    1,232
    +2,154
    Chrome is engineered to leak user data in unbypassable ways, dont use it or Google services expecting any modicum of privacy. Chromium-powered browsers are just slightly less bad, Firefox and Safari are pretty much the lnly serious options nowadays.
     
    • Agree Agree x 1
    • Informative! Informative! x 1
    • List
  4. Alfa1

    Alfa1 Administrator

    3,795
    1,702
    +2,662
    Google and incognito do not belong in the same sentence.
     
  5. doubt

    doubt Tazmanian

    4,731
    562
    +2,030
    And Microsoft wants their browser to be based on Chromium as well.
     
  6. doubt

    doubt Tazmanian

    4,731
    562
    +2,030
    I have it on my PC but staying away from its use.
    It's there only for the kids.
     
  7. LeadCrow

    LeadCrow Apocalypse Admin

    6,383
    1,232
    +2,154
    Microsoft's angle is not as obvious as it may appear initially. Electron is based on chromium right now, powers a lot of desktop apps and is Microsoft's trojan horse to ensure websites conform to their implementation of chromium rather than the google-controlled one, and end running better on it.

    Note there are more developpers familiar with web technologies than native code like c++, and these figures are bound to increase now that tech curriculums are abandoning native code courses in favour of modern languages and frameworks in actual demand in the job market.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.