Security News
Eliminating third-party cookies will not stop companies from tracking web users, says DuckDuckGo, which claims it can help with its desktop browser extensions and mobile apps. In a blog post on Tuesday, the privacy-focused search biz explains that the much discussed plan by Google to eliminate third-party cookies in Chrome by the end of 2022, and related restrictions already implemented in browsers like Brave, Firefox, and Safari, will have a limited effect on marketers' online tracking efforts.
Cloudflare launched Cloudflare Browser Isolation, a new zero trust service to make everyday web browsing safer and faster for all businesses, regardless of where their employees are. As businesses rely on employees working directly in browsers, Cloudflare Browser Isolation keeps them safe by creating a gap between end-user devices and potential threats.
Google last week announced the release of proof-of-concept code designed to exploit the notorious Spectre vulnerability and leak information from web browsers. In 2019, the Google team responsible for Chrome's V8 JavaScript engine said that the attack can't be mitigated at the software level, arguing that security boundaries in browsers should be aligned with low-level primitives, such as process-based isolation.
Google has published JavaScript proof-of-concept code to demonstrate the practicality of using Spectre exploits targeting web browsers to access information from a browser's memory. According to the Google Security Team, the PoC shared today works across a wide range of processor architectures, operating systems, and hardware generations.
Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. In avoiding JavaScript, the side-channel attacks are also architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos 2100, and Apple M1 CPUs - making it the first known side-channel attack on the iPhone maker's new ARM-based chipsets.
Google has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. When Google creates a new browser feature, it is first tested in Google Chrome Canary and Google Chrome Beta.
Google has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. When Google creates a new browser feature, it is first tested in Google Chrome Canary and Google Chrome Beta.
This month Google begins a public test of a technology it says will eventually replace browser cookies in an effort to boost Chrome browser user privacy. The as-yet unproven technology allows browsers to group people together by their interests and give them more anonymity yet still allow for appropriate targeted advertising, which remains at the core of the company's interest in outfitting their Chrome browser with FLoC. Google's stance is that it will balance the need to preserve people's privacy by preventing individual tracking with giving advertisers and publishers the relevant info they need to recognize their target audience.
CNAME tracking is a way to configure DNS records to erase the distinction between code and assets from a publisher's domain and tracking scripts on that site that call a server on an advertiser's domain. As privacy barriers have gone up to prevent marketers from gathering data from web users, CNAME manipulation has become more popular.
Exactly a month after patching an actively exploited zero-day flaw in Chrome, Google today rolled out fixes for yet another zero-day vulnerability in the world's most popular web browser that it says is being abused in the wild. Chrome 89.0.4389.72, released by the search giant for Windows, Mac, and Linux on Tuesday, comes with a total of 47 security fixes, the most severe of which concerns an "Object lifecycle issue in audio."