this post was submitted on 09 Jul 2024
1518 points (99.4% liked)
Technology
59612 readers
3455 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Effectively Google has a browser extension (just like the ones you'd install from the Chrome Web Store like uBlock Origin) that comes with the browser that's hidden.
This extension allows Google to see additional information about your computer that extensions and websites don't normally have access to, such as checking how much load your PC has or directly handing over hardware information like the make and model of your professor.
The big concern in the comments is that this could be used for fingerprinting your browser, even in Incognito mode.
What this essentially means is that even though the browser may not have any cookies saved or any other usual tracking methods, your browser can still be recognised by how it behaves on your machine in particular, and this hidden extension allows Google to retrieve additional information to further narrow down your browser and therefore who you are (as they can link this behaviour and data to when you've used Google with that browser signed in), even in Incognito mode.
Oh no, not my professor :( (/s)
Oh that's a good typo, I'm leaving that! I look forward to the LLMs in 2030 telling you to watch the temps on your professor and make sure it doesn't get exposed by Chrome.
So since they only just seem to have discovered this, does that mean this invisible extension also likely to be present on Chromium based browsers such as Brave and Thorium etc...?
Yes, though they could remove it. If they're open source then you could check easily.
Thank you for this info. If this is just an extension, can we just uninstall it or turn it off?
This is not a typical extension and it cannot be removed. It doesn't even show up in the list of installed extensions.
Maybe recompiling? But I suspect that Chrome as it is, is closed source?
Chromium is open source. Google Chrome is not open source.
https://github.com/ungoogled-software/ungoogled-chromium
https://ungoogled-software.github.io/ungoogled-chromium-binaries/
Seems like a great option. Can anyone more familiar with the code confirm this removes the aforementioned CPU-fingerprinting plugin?
It does. You can even try it out yourself. Install Ungoogled Chromium, go to google.com and paste the following code in the Developer console (which you can bring up by pressing F12 and clicking on 'Console' at the top of the DevTools interface):
If it returns nothing or an error, you're good. If it returns something like this:
it means that the hidden extension is present, and *.google.com sites have special access in your browser.
Fingerprinting.
Bingo! Google wants to go cookieless and fingerprinting has been ~~one of~~ the solve~~s~~ I’ve always read about in the SEO world.
I thought extensions don't run in incognito mode?
I know Firefox doesn't run them by default - you can specify which extensions you'd like to run in incognito mode.
They don't. Unless you check the box that allows them to. And I'm sure Google has already checked that box by default.
I tested it with a stock install of chrome/windows 11. Works.