Improved the ancient error of Chrome browsing history

• Google has corrected a fundamental design error in the Chrome browser
• Scripts can take advantage of the color code of search history
• Many browsers have been affected by a security problem
• A new update of Chrome introduces a three -key partitioning
• The repair arrives at the end of April with the 136 Chrome version

Google has recently corrected a Chrome A significant vulnerability that has been able to track users on the Internet for many years – Write to Androidheadlines. It seems almost impossible, but this vulnerability was somehow able to survive everything from the first day of the browser, until now. As Chrome entered the public in September 2008, the problem was 17 years old this year.

Blue and purple: the color code that opened the door

It is obvious to almost everyone whether the links are blue or purple in the searches, depending on whether they are already clicked. The untouched links are blue and the previously visited is purple. Well, this color code was the door through which it was possible to reach a privacy error, which could quietly reveal some of the web history.

The essence of the problem was that the links They appear in purple when they are clicked on them, no matter where it happened before. This made it possible for other websites to run insidious scripts to check which links were purple in color, so essentially see where the user was.

The Google not gardenthis is called the « fundamental design error » of Chrome, which is not merely a privacy problem. This is real safety He created risks, including tracking, profiling and even phishing. Fortunately, the repair is finally here, barely 16 years and all it took.

In fact, according to the PC MA, this is an older mistake, as professionals have already discovered this possible method of tracking in 2002. Andrew Clover Princeton researchers have described an attack on Timing Attacks on Web Privacy (Time Time Attacks Anti -Web Privacy) 23 years ago.

Three -key partitioning comes

Not only Google Chrome was concerned. A 2009 research study He introduced how the error caused potential security problems in the browser of Apple Safari, Opera, Internet Explorer and Mozilla Firefox – Write to The Register.

To solve the problem, the next update of Chrome introduces a three -key partitioning. This prevents Chrome from tracking the links you visit globally. Instead, you will now use three things before denoting a link as « visited ». As for the actual URL of the link, the top-level site on which you are just staying, and the origin of the frame where the link appears. Basically, it only appears as a purple visit site if you have previously clicked on the same link on the same site and in the same frame. So you’ll see a lot less purple links.

The According to Androidheadlines Google will put this in late April as part of Chrome 136.