Security News > 2024 > July > Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech

Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.

It's feared netizens could be still be tracked around the web using the Topics API in Chrome, or folks who have tried to hide their identity from advertisers could be rediscovered using the tech.

"The authors use large scale real user browsing data to show both how the five percent noise supposed to provide plausible deniability for users can be defeated, and how the Topics API can be used to fingerprint and re-identify users," the Apple WebKit team's report chides.

The iThing's objection to Topics has a real justification, though the privacy risk posed by the API appears to be less than initially assumed.

Following the publication four months ago of the Topics analysis code from the paper by Beugin and McDaniel, Google Topics engineer Josh Karlin last week opened a GitHub issue challenging the research methodology.

"While the results that we now obtain have changed quantitatively; 2.3 percent, 2.9 percent, and 4.1 percent of these users are uniquely re-identified after one, two, and three observations of their topics, respectively, our findings do not change qualitatively: real users can be fingerprinted by the Topics API and the information leakage worsens over time as more users get uniquely re-identified," wrote Beugin.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/24/apple_google_topics/