Monday, October 19, 18:41
Home Updates Chrome changes the cache functionality to improve privacy

Chrome changes the cache functionality to improve privacy

Google has changed the way a key component of the Chrome browser works in order to add extra privacy to users.

Known as HTTP Cache or Shared Cache, this "Chrome component" works by storing copies of resources uploaded to a website, such as pictures, CSS files and JavaScript files.

The idea is that when a user visits the same site again or another site that uses the same files, Chrome will load them from its internal cache instead of wasting time repeating λήψη each file again.

Chrome
Chrome changes the cache functionality to improve privacy

This component has existed not only in Chrome but in all web browsers since its early days Internet and served as a bandwidth saving function.

In all browsers, the cache system usually works the same way. Any image, CSS or JS file stored in the cache receives a storage key which is usually the URL of the resource.

For example, the key to save an image would be the image URL itself: https: //x.example/doge.png.

When the browser loads a new page, it will look for the key (URL) in the internal cache database and see if it needs to download the picture or load it from cache.

Unfortunately, all these years, the advertising companies realized that this feature could be used to track users.

"This mechanism has worked well in terms of performance for a long time," said Eiji Kitamura, Google developer.

"However, the time it takes a website to respond to requests HTTP may reveal that the browser has had access to the same resource in the past, which leaves the browser open to attacks security and confidentiality. "

These include the following:

  • Detect if a user has visited a particular site: An opponent can locate a user's browsing history by checking if the cache has a resource that may be specific to a particular site or group of sites.
  • Cross-site search attack: An adversary can detect if an arbitrary string is in a user's search results by checking if a "no search results" image used by a particular site is in the browser cache.
  • Cross-site detection: The cache can be used to store cookies-like IDs as a tracking mechanism between websites.

However, with Chrome 86 released earlier this week, Google has made significant changes to this mechanism.

Known as "cache partitioning", this function works by changing the way resources are stored in HTTP cache based on two additional factors. From now on, the resource key of a resource will contain three items, instead of one:

  • The top level site domain (http: //a.example)
  • The current resource box (http: //c.example)
  • Resource URL (https: //x.example/doge.png)

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Windows 10: Microsoft has released a new task manager for gamers

If your computer games are slow or slow, you can free up resources in Windows 10 using the new task manager ...
00:01:51

NASA's Osiris-Rex is expected to land on the asteroid Bennu tomorrow

NASA's Osiris-Rex spacecraft will land on a large asteroid for a while on Tuesday and will collect some rocks and ...

How to turn off all vibrations on your iPhone completely

Some people are particularly sensitive to the vibrations of their iPhone, either for personal or medical reasons. Thanks to...

How to convert Keynote presentations to Microsoft PowerPoint

Apple presentation software does all the hard work when converting a PowerPoint presentation to Keynote. Doing the opposite, ...

QAnon Conspiracy Theories: YouTube removes them from the platform

YouTube is the latest social networking site to launch a campaign against the spread of QAnon conspiracy theories.

Vizom: New malware hijacks bank accounts

Vizom disguises itself as a popular "videoconferencing software", with meetings all online due to the pandemic. Investigators...

The Windows 10 Calculator has been ported to Linux

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. The ...

System breach exposes Kleenheat customer data

Australian-based gas company Kleenheat has warned some of its customers of data breaches, which may ...

US Election: Candidates manipulate voters via email!

The politicians who are candidates for the upcoming US elections use psychological tricks and "dark" patterns in their emails to ...

Google Chrome and Edge create random debug.log logs

An error in the latest version of Chrome and other Chromium-based browsers causes random debug.log files to be created ...