Google exempts its own websites from Chrome's automatic data-scrubbing feature, allowing the ads giant to potentially track you even when you've told it not to.
https://www.theregister.com/AMP/2020/10/19/google_cookie_wipe/
#google #chrome #nogoogle #youtube
https://www.theregister.com/AMP/2020/10/19/google_cookie_wipe/
#google #chrome #nogoogle #youtube
The Register
When you tell Chrome to wipe private data about you, it spares two websites from the purge: Google.com, YouTube
Is this another case of one rule for the Chocolate Factory and one for everyone else?
Forwarded from BlackBox (Security) Archiv
Google patches actively exploited Chrome browser zero-day vulnerability
Upgrading your Chrome build as quickly as possible is recommended.
Google has warned of reports that a zero-day vulnerability in the Chrome browser is being actively exploited in the wild.
The vulnerability, tracked as CVE-2021-21166, was reported by Alison Huffman from the Microsoft Browser Vulnerability Research team on February 11 and is described as an "object lifecycle issue in audio."
Google has labeled the vulnerability as a "high" severity security flaw and has fixed the issue in the latest Chrome release.
Alongside CVE-2021-21166, Huffman also recently reported another high-severity bug, CVE-2021-21165, another object lifestyle issue in audio problem, and CVE-2021-21163, an insufficient data validation issue in Reader Mode.
The tech giant has not revealed further details concerning how CVE-2021-21166 is being exploited, or by whom.
Google's announcement, published on Tuesday, also marked the release of Chrome 89 to the stable desktop channel for Windows, Mac, and Linux machines, which is currently rolling out. Users should upgrade to Chrome 89.0.4389.72 once available.
https://www.zdnet.com/article/google-patches-actively-exploited-chrome-browser-zero-day-vulnerability/
#google #chrome #zeroday #vulnerability
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Upgrading your Chrome build as quickly as possible is recommended.
Google has warned of reports that a zero-day vulnerability in the Chrome browser is being actively exploited in the wild.
The vulnerability, tracked as CVE-2021-21166, was reported by Alison Huffman from the Microsoft Browser Vulnerability Research team on February 11 and is described as an "object lifecycle issue in audio."
Google has labeled the vulnerability as a "high" severity security flaw and has fixed the issue in the latest Chrome release.
Alongside CVE-2021-21166, Huffman also recently reported another high-severity bug, CVE-2021-21165, another object lifestyle issue in audio problem, and CVE-2021-21163, an insufficient data validation issue in Reader Mode.
The tech giant has not revealed further details concerning how CVE-2021-21166 is being exploited, or by whom.
Google's announcement, published on Tuesday, also marked the release of Chrome 89 to the stable desktop channel for Windows, Mac, and Linux machines, which is currently rolling out. Users should upgrade to Chrome 89.0.4389.72 once available.
https://www.zdnet.com/article/google-patches-actively-exploited-chrome-browser-zero-day-vulnerability/
#google #chrome #zeroday #vulnerability
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
ZDNET
Google patches actively exploited Chrome browser zero-day vulnerability
Upgrading your Chrome build as quickly as possible is recommended.
Forwarded from BlackBox (Security) Archiv
Google says once third-party cookies are toast, Chrome won't help ad networks track individuals around the web
Notes an 'erosion of trust' – gee, wonder who could be responsible for that...
Google says it will not come up with new ways to track individual netizens as they browse the web once Chrome phases out third-party cookies, commonly used for loosely observing people's online activities.
In effect, the browser will not provide ad networks – and Google runs a very large one – alternative identifiers that can be used to follow individuals around the web, though it's not clear exactly how this will impact Google, which already has a variety of ways to shadow internet users.
Early last year, Google announced a plan to kill off third-party cookies, often used to associate you with the websites you visit so that adverts tailored to your interests can be shown on pages. Google made the move after other major browser makers decided to block third-party cookies by default because the little scraps of data can be abused to subvert privacy, and after regulators made it clear they had concerns about ad tech giants Google and Facebook.
Google aims to replace third-party cookies with its Privacy Sandbox, an umbrella term for a set of proposals from Google and other ad tech firms, to allow behavioral ad targeting to continue without individualized tracking identifiers.
Instead, the ad goliath intends to target broad groups of netizens defined by a common interest – eg, jazz fans – through a system called FLoC (Federated Learning of Cohorts), and at narrower groups defined by past interest-based interaction, through a scheme called FLEDGE (First "Locally-Executed Decision over Groups.")
Google plans to start testing FLoC-based cohorts publicly via origin trials in next month's release of Chrome and to make testing available for advertisers in Q2.
The idea has alarmed the ad industry, which isn't keen to give up the ability to track people and has proposed alternatives like a new identifier based on data like email addresses, normally classified as personal information.
https://www.theregister.com/2021/03/03/google_internet_tracking_pledge/
#google #DeleteGoogle #internet #tracking #advertising #cookies #chrome #browser #thinkabout #why
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Notes an 'erosion of trust' – gee, wonder who could be responsible for that...
Google says it will not come up with new ways to track individual netizens as they browse the web once Chrome phases out third-party cookies, commonly used for loosely observing people's online activities.
In effect, the browser will not provide ad networks – and Google runs a very large one – alternative identifiers that can be used to follow individuals around the web, though it's not clear exactly how this will impact Google, which already has a variety of ways to shadow internet users.
Early last year, Google announced a plan to kill off third-party cookies, often used to associate you with the websites you visit so that adverts tailored to your interests can be shown on pages. Google made the move after other major browser makers decided to block third-party cookies by default because the little scraps of data can be abused to subvert privacy, and after regulators made it clear they had concerns about ad tech giants Google and Facebook.
Google aims to replace third-party cookies with its Privacy Sandbox, an umbrella term for a set of proposals from Google and other ad tech firms, to allow behavioral ad targeting to continue without individualized tracking identifiers.
Instead, the ad goliath intends to target broad groups of netizens defined by a common interest – eg, jazz fans – through a system called FLoC (Federated Learning of Cohorts), and at narrower groups defined by past interest-based interaction, through a scheme called FLEDGE (First "Locally-Executed Decision over Groups.")
Google plans to start testing FLoC-based cohorts publicly via origin trials in next month's release of Chrome and to make testing available for advertisers in Q2.
The idea has alarmed the ad industry, which isn't keen to give up the ability to track people and has proposed alternatives like a new identifier based on data like email addresses, normally classified as personal information.
https://www.theregister.com/2021/03/03/google_internet_tracking_pledge/
#google #DeleteGoogle #internet #tracking #advertising #cookies #chrome #browser #thinkabout #why
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
The Register
Google says once third-party cookies are toast, Chrome won't help ad networks track individuals around the web
Notes an 'erosion of trust' – gee, wonder who could be responsible for that...
Forwarded from BlackBox (Security) Archiv
What’s in your browser (backup)?
It’s not every day that I wake up thinking about how people back up their web browsers. Mostly this is because I don’t feel the need to back up any aspect of my browsing. Some people lovingly maintain huge libraries of bookmarks and use fancy online services to organize them. I pay for one of those because I aspire to be that kind of person, but I’ve never been organized enough to use it.
In fact, the only thing I want from my browser is for my history to please go away, preferably as quickly as possible. My browser is a part of my brain, and backing my thoughts up to a cloud provider is the most invasive thing I can imagine. Plus, I’m constantly imagining how I’ll explain specific searches to the FBI.
All of these thoughts are apropos a Twitter thread I saw last night from a Chrome developer, which purports to explain why “browser sync” features (across several platforms) don’t provide end-to-end encryption by default.
https://blog.cryptographyengineering.com/2021/03/25/whats-in-your-browser-backup/
#chrome #browser #backup #sync #encryption #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
It’s not every day that I wake up thinking about how people back up their web browsers. Mostly this is because I don’t feel the need to back up any aspect of my browsing. Some people lovingly maintain huge libraries of bookmarks and use fancy online services to organize them. I pay for one of those because I aspire to be that kind of person, but I’ve never been organized enough to use it.
In fact, the only thing I want from my browser is for my history to please go away, preferably as quickly as possible. My browser is a part of my brain, and backing my thoughts up to a cloud provider is the most invasive thing I can imagine. Plus, I’m constantly imagining how I’ll explain specific searches to the FBI.
All of these thoughts are apropos a Twitter thread I saw last night from a Chrome developer, which purports to explain why “browser sync” features (across several platforms) don’t provide end-to-end encryption by default.
https://blog.cryptographyengineering.com/2021/03/25/whats-in-your-browser-backup/
#chrome #browser #backup #sync #encryption #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
A Few Thoughts on Cryptographic Engineering
Why the FBI can’t get your browsing history from Apple iCloud (and other scary stories)
It’s not every day that I wake up thinking about how people back up their web browsers. Mostly this is because I don’t feel the need to back up any aspect of my browsing. Some people lo…
Forwarded from BlackBox (Security) Archiv
Use the DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome
Google has created a new tracking method called FLoC, put it in Chrome, and automatically turned it on for millions of users.
💡 FLoC is bad for privacy: It puts you in a group based on your browsing history, and any website can get that group FLoC ID to target and fingerprint you.
You can use the DuckDuckGo Chrome extension (pending Chrome Web Store's approval of our update) to block FLoC's tracking, which is an enhancement to its tracker blocking and directly in line with the extension's single purpose of protecting your privacy holistically as you use Chrome.
DuckDuckGo Search (via our website duckduckgo.com) is now also configured to opt-out of FLoC, regardless if you use our extension or app.
https://spreadprivacy.com/block-floc-with-duckduckgo/
https://www.theverge.com/2021/4/9/22376110/duckduckgo-privacy-floc-block-chrome-extension-advertising-tech
#ddg #DuckDuckGo #google #FLoC #chrome #browser #ad #targeting #tracking #cookies #DeleteGoogle
📡 @nogoolag 📡 @blackbox_archiv
Google has created a new tracking method called FLoC, put it in Chrome, and automatically turned it on for millions of users.
💡 FLoC is bad for privacy: It puts you in a group based on your browsing history, and any website can get that group FLoC ID to target and fingerprint you.
You can use the DuckDuckGo Chrome extension (pending Chrome Web Store's approval of our update) to block FLoC's tracking, which is an enhancement to its tracker blocking and directly in line with the extension's single purpose of protecting your privacy holistically as you use Chrome.
DuckDuckGo Search (via our website duckduckgo.com) is now also configured to opt-out of FLoC, regardless if you use our extension or app.
https://spreadprivacy.com/block-floc-with-duckduckgo/
https://www.theverge.com/2021/4/9/22376110/duckduckgo-privacy-floc-block-chrome-extension-advertising-tech
#ddg #DuckDuckGo #google #FLoC #chrome #browser #ad #targeting #tracking #cookies #DeleteGoogle
📡 @nogoolag 📡 @blackbox_archiv
Spread Privacy
Use the DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome
Google has created a new tracking mechanism called FLoC, put it in Chrome, and automatically turned it on for millions of users. It's bad for privacy, which is why we're now blocking it in the DuckDuckGo extension.
Forwarded from BlackBox (Security) Archiv
Brave disables Chromium FLoC features
https://github.com/brave/brave-core/pull/8468
#brave #browser #floc #chromium #chrome #google #DeleteGoogle
📡 @nogoolag 📡 @blackbox_archiv
https://github.com/brave/brave-core/pull/8468
#brave #browser #floc #chromium #chrome #google #DeleteGoogle
📡 @nogoolag 📡 @blackbox_archiv
GitHub
14942: Disable FLoC features and the provider service. by iefremov · Pull Request #8468 · brave/brave-core
Resolves brave/brave-browser#14942
Submitter Checklist:
I confirm that no security/privacy review is needed, or that I have requested one
There is a ticket for my issue
Used Github auto-closing...
Submitter Checklist:
I confirm that no security/privacy review is needed, or that I have requested one
There is a ticket for my issue
Used Github auto-closing...
Forwarded from BlackBox (Security) Archiv
FLoC Block
Prevent Federated Learning of Cohorts aka FLoC ad-targeting code from running in Chrome.
FLoC, short for Federated Learning of Cohorts, is the new mechanism used by Google Chrome to group users into buckets based on their interests. You can read more about it here and why Brave and some other browsers have blocked it here. EFF did some analysis as well.
💡 How does this Chrome Extension help?
If you HAVE to use Chrome but don't like the idea of being grouped into a bucket (aka cohort) based on the websites you visit, this extension is a simple way to prevent FLoC from divulging your "cohort id" to websites. The extension removes document.interestCohort() from every page so that a website cannot get your cohort id.
💡 How do I install this extension?
👉🏼 Download flocblock.zip from https://github.com/ShivanKaul/flocblock/releases/latest. Direct link: https://github.com/ShivanKaul/flocblock/releases/download/v0.0.1/flocblock.zip
👉🏼 Extract extension.
👉🏼 Follow the instructions to load into Chrome.
https://github.com/ShivanKaul/flocblock
#floc #block #chrome #browser #tracking #tool
📡 @nogoolag 📡 @blackbox_archiv
Prevent Federated Learning of Cohorts aka FLoC ad-targeting code from running in Chrome.
FLoC, short for Federated Learning of Cohorts, is the new mechanism used by Google Chrome to group users into buckets based on their interests. You can read more about it here and why Brave and some other browsers have blocked it here. EFF did some analysis as well.
💡 How does this Chrome Extension help?
If you HAVE to use Chrome but don't like the idea of being grouped into a bucket (aka cohort) based on the websites you visit, this extension is a simple way to prevent FLoC from divulging your "cohort id" to websites. The extension removes document.interestCohort() from every page so that a website cannot get your cohort id.
💡 How do I install this extension?
👉🏼 Download flocblock.zip from https://github.com/ShivanKaul/flocblock/releases/latest. Direct link: https://github.com/ShivanKaul/flocblock/releases/download/v0.0.1/flocblock.zip
👉🏼 Extract extension.
👉🏼 Follow the instructions to load into Chrome.
https://github.com/ShivanKaul/flocblock
#floc #block #chrome #browser #tracking #tool
📡 @nogoolag 📡 @blackbox_archiv
GitHub
Release FLoC Block · ShivanKaul/flocblock
Contribute to ShivanKaul/flocblock development by creating an account on GitHub.
How to disable annoying grid tab view?
1. Simply go in chrome://flags/
2. Enter tab and find "Tab Grid Layout", "Tab Groups" and "Tab Groups continuation"
3. Change it to "Disabled" and restart browser as proposed
4. Enjoy old good view
Disable Tab groups :
Disable Tab Grid :
#tab #grid #chrome #chromium #bromite
1. Simply go in chrome://flags/
2. Enter tab and find "Tab Grid Layout", "Tab Groups" and "Tab Groups continuation"
3. Change it to "Disabled" and restart browser as proposed
4. Enjoy old good view
Disable Tab groups :
chrome://flags/#enable-tab-groupschrome://flags/#enable-tab-groups-continuationchrome://flags/#enable-tab-groups-ui-improvementsDisable Tab Grid :
chrome://flags/#enable-tab-grid-layout#tab #grid #chrome #chromium #bromite
Forwarded from GJ `°÷°` 🇵🇸🕊 (t ``~__/>_GJ06)
Against Modern Browsers – https://againstmodernbrowsers.neocities.org/
#Browsers #Webpages #navigateur #web
Web browsers were originally designed with one purpose: reading HTML documents. The web was simple and was not owned by large corporations (most notably Google). Overtime the web has evolved and became bloated and complex. All modern browsers are either forked from #Chromium or funded by Google, giving #Google complete control over the web. An independent browser developed by a small community cannot compete with #Chrome or #Firefox.
This website covers everything wrong with the modern web, everything wrong with modern web browsers, and what should have been done to prevent this..
#Browsers #Webpages #navigateur #web