|
|
|
|
|
|
by negutron
2846 days ago
|
|
|
Everything you do in chrome is called back to google servers. Even if you block cookies you can look at the network tab in dev tools and see it calling back; also it sends the links you click on to a malware check service (you know, safe browsing) that server tracks everything you click on: no cookies needed; there are also endpoints for transmitting your urls for 'quality of service' (to optimize bandwidth), that tracks, and then all the performance data called bakc to the google servers could potentially have your data steganographically included in that data There are many things that chrome is doing that are dubious, quasi legal one thing they could be doing is a kind of reverse beacon or barium meal beacon where they generate a unique code and steganographically insert that as an overlay into images...you won't see the difference when your webpage loads the image, but then some javascript will send that image back to a server, and there you ahve a cross site tracking mechanism. This concept has been used in browser fingerprinting, but now that has evolved with html5 with the canvas tag which generates unique ids and sends that back in order to track your browser everywhere around the internet without needing cookies or websocket sessions or any other newer session mgmt mechanism |
|
|