Google is updating the Chrome browser, with this version including the closure of a huge security flaw that has threatened your privacy for twenty years. Until now, any site could suck up your web browsing history.
Google regularly releases updates to improve the security of the Chrome browser, sometimes with critical flaws. However, it is rarely a question of a pervasive flaw since the browser's origins... left gaping all this time. And yet, it is precisely this type of flaw that the company is correcting in its next update, among other improvements.
The flaw itself jeopardizes the confidentiality of your web page history. This can quickly lead to a major breach of your privacy – while also facilitating online scams. For now, hackers and other actors can still hijack the system to spy on your browsing history.
A CSS tag and a simple script are enough to determine your history
Indeed, when you click on a link in Chrome, it changes color by design. It then remains a different color on all sites that display it. This is until you clear the cache. The system was originally designed to improve the user experience. Thanks to it, you can visually identify pages you've already accessed, thus avoiding unnecessary visits.
In Chrome, this behavior is linked to the CSS :visited selector. But by remaining global, the latter becomes a surface on which malicious code can rely. Very concretely, the firm explains, a malicious site can hide a fairly long and varied list of links to other sites in the source code of a web page.
From there, you simply observe the :visited tag with a script. This allows it to find, for each visitor, the links that change color when loading. By cross-referencing this with other data, we can suck up at least part of a user's history and link this browsing path to their identity.
The flaw allows hackers to target their malicious campaigns
The method is actively exploited in the wild. For example, it can allow hackers to easily determine crucial information to more effectively target scam attempts. Such as the name of a victim's bank or their online shopping habits, among other examples. Google has clearly been dragging its feet on this problem, which has persisted for 20 years. But securing the system remained complex, as it required completely overhauling the operation of this aspect of the browser.
Starting with version 136, Chrome is finally erecting a more watertight barrier between the sites you visit. The patch introduces a new approach, which the company calls Triple Key Partitioning. Before marking a link with the CSS :visited tag, the browser will now check the URL of the link, the domain name of the site where the link is located, and the origin of the frame on which the link appears. This way, each site will have its own history of visited links.
Google Chrome 136 is coming in the next few days. Therefore, there is no need to update your browser for now. However, it is advisable not to delay as soon as it displays a notification asking you to restart the software to install an update.
0 Comments