Buzz
A flaw in Chrome's incognito mode allows websites to easily detect users browsing anonymously. Exploiting this vulnerability, some websites like Boston Globe and MIT Technology Review have started blocking users in incognito mode to prevent users from 'escaping' payments while maximizing data collection. According to 9to5Google, Google is reportedly planning to patch this loophole.
Chrome Vulnerability Exposes Users to Restrictions in Incognito Mode
- Get Chrome for Android
- Get Chrome for iPhone
The vulnerability originates from Chrome's FileSystem API. Specifically, when browsing in incognito mode, this API will be disabled. If third-party websites can't access the API, it displays a red incognito flag. Learn how to browse incognito on Chrome here.
In the future, if third-party websites request the FileSystem API, Chrome will create a temporary virtual file system in the computer's RAM. Third-party websites won't know which system Chrome is running on and can't detect or block incognito browsers. This also enables Chrome to easily erase the temporary file system immediately after the user closes the browser.
However, according to The Verge, this is just a temporary fix until the FileSystem API is completely eliminated, which is entirely possible if Google determines that this API is the culprit for revealing user browsing in incognito mode.
Currently, the vulnerability patch appears as an experimental feature in Canary Chrome 74 build. If everything remains stable, this feature will be deployed for users in the official Chrome 76 release.
Developers have already explored the initial features of Android Q. However, there are still many exciting features and improvements to come until the official release of Android Q. According to XDA developers, Google will eliminate the Back button in Android Q. Let's eagerly await these developments.
