Google has changed the way a key component of the Chrome browser works in order to add extra privacy to users.
This component has existed not only in Chrome but in all web browsers since its early days Internet and served as a bandwidth saving function.
In all browsers, the cache system usually works the same way. Any image, CSS or JS file stored in the cache receives a storage key which is usually the URL of the resource.
For example, the key to save an image would be the image URL itself: https: //x.example/doge.png.
When the browser loads a new page, it will look for the key (URL) in the internal cache database and see if it needs to download the picture or load it from cache.
Unfortunately, all these years, the advertising companies realized that this feature could be used to track users.
"This mechanism has worked well in terms of performance for a long time," said Eiji Kitamura, Google developer.
"However, the time it takes a website to respond to requests HTTP may reveal that the browser has had access to the same resource in the past, which leaves the browser open to attacks security and confidentiality. "
These include the following:
- Detect if a user has visited a particular site: An opponent can locate a user's browsing history by checking if the cache has a resource that may be specific to a particular site or group of sites.
- Cross-site search attack: An adversary can detect if an arbitrary string is in a user's search results by checking if a "no search results" image used by a particular site is in the browser cache.
- Cross-site detection: The cache can be used to store cookies-like IDs as a tracking mechanism between websites.
However, with Chrome 86 released earlier this week, Google has made significant changes to this mechanism.
Known as "cache partitioning", this function works by changing the way resources are stored in HTTP cache based on two additional factors. From now on, the resource key of a resource will contain three items, instead of one:
- The top level site domain (http: //a.example)
- The current resource box (http: //c.example)
- Resource URL (https: //x.example/doge.png)