Google has changed how one of the basic components of the Google Chrome browser works in order to add new means to protect the privacy of its users. The Chrome component known as “HTTP Cache” or “Shared Cache” works by saving a copy of the resources that are loaded on a web page, such as Images, “CSS” files, and “JavaScript” files, the idea goes: When a user visits the site itself, Google Chrome will download the files from its internal cache, instead of wasting time re-downloading each file again.
This component has been present – not just inside Chrome – but within all web browsers since the early days of the internet, as it served as a bandwidth saving feature.
The cache system usually works in the same way in all browsers. Each file receives an image, “CSS” or “JS” saved in the cache, a storage key that is usually the “URL” of the resource.
When the browser downloads a new page, it will search for the “URL” key within its internal cache database, knowing that it needs to download the image or download it from the storage memory.
Web advertising and analytics companies have realized that this feature can also be misused to track users, says Iggy Kitamura, a developer attorney at Google: “This mechanism works well from a performance perspective for a long time, however, the time it takes for the website to respond to requests.” HTTP “can reveal that the browser accessed the same resource in the past, opening the browser to security and privacy attacks.”
This includes:
Detect that a user has visited a specific site: A user’s browsing history can be discovered by checking that the cache contains a resource that may be specific to a specific site or group of sites.
Cross-site search attack: The presence of a random string in a user’s search results can be detected by verifying that the “not in search results” image used by a particular website is in the browser’s cache.
Cross-site tracking: Memory storage can be used to store identifiers similar to cookies as a mechanism for cross-site tracking.
Activate the cache partition in Chrome 86:
With the release of Google Chrome 86 browser during the past week, Google has made important changes to the work of this feature. This feature, known as “partitioning the cache,” works by changing how resources are saved in the HTTP cache based on two additional factors, From now on, the resource storage key will contain three items instead of one:
– Top-level site domain “http: //a.example”.
– The current resource frame “http: //c.example”.
– The resource “URL” is https: //x.example/doge.png.
By adding additional keys to the initial cache verification process, Google Chrome has effectively blocked all previous attacks against its cache mechanism, as most website components will only be able to access their own resources, and will not be able to verify resources. Which does not have.
These were the details of the news Google is making an important change in Chrome – know what... for this day. We hope that we have succeeded by giving you the full details and information. To follow all our news, you can subscribe to the alerts system or to one of our different systems to provide you with all that is new.
It is also worth noting that the original news has been published and is available at eg24.news and the editorial team at AlKhaleej Today has confirmed it and it has been modified, and it may have been completely transferred or quoted from it and you can read and follow this news from its main source.
