Security News > 2024 > July > Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech
![Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech](/static/build/img/news/oops-apple-relied-on-bad-code-while-flaming-google-chrome-s-topics-ad-tech-medium.jpg)
Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.
It's feared netizens could be still be tracked around the web using the Topics API in Chrome, or folks who have tried to hide their identity from advertisers could be rediscovered using the tech.
"The authors use large scale real user browsing data to show both how the five percent noise supposed to provide plausible deniability for users can be defeated, and how the Topics API can be used to fingerprint and re-identify users," the Apple WebKit team's report chides.
The iThing's objection to Topics has a real justification, though the privacy risk posed by the API appears to be less than initially assumed.
Following the publication four months ago of the Topics analysis code from the paper by Beugin and McDaniel, Google Topics engineer Josh Karlin last week opened a GitHub issue challenging the research methodology.
"While the results that we now obtain have changed quantitatively; 2.3 percent, 2.9 percent, and 4.1 percent of these users are uniquely re-identified after one, two, and three observations of their topics, respectively, our findings do not change qualitatively: real users can be fingerprinted by the Topics API and the information leakage worsens over time as more users get uniquely re-identified," wrote Beugin.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/24/apple_google_topics/
Related news
- Google Chrome change that weakens ad blockers begins June 3rd (source)
- Google Chrome reduced cookie requests to improve performance (source)
- New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems (source)
- Fake Google Chrome errors trick you into running malicious PowerShell scripts (source)
- Google Chrome to let Isolated Web App access sensitive USB devices (source)
- Google Chrome now warns about risky password-protected archives (source)
- Google Chrome now asks for passwords to scan protected archives (source)
- Risk of installing dodgy extensions from Chrome store way worse than Google's letting on, study suggests (source)
- Google cuts ties with Entrust in Chrome over trust issues (source)
- Google to Block Entrust Certificates in Chrome Starting November 2024 (source)