☰
Search engine leader Google is in the spotlight over a potential privacy risk linked to its latest software update to its web browser- Chrome 80.
Reportedly, Chrome 80 delivers a novel browser capability named ScrollToTextFragment which is a deep linking ability for texts on websites. The solution permits Google to link a single word of text with its position on the page.
Launched on the 4 February 2020, ScrollToTextFragment technology eliminates the need for an anchor that is created by the site owner, which implies that a link to a particular piece of text in a document may be developed by anyone.
While Chrome 80 comes with a variety of new features like auto-upgradation of mixed content to HTTPS, a new secure-by-default cookie classification mechanism, SVG favicons, text URL fragments and more, researchers claim that the technology can be exploited.
According to David Baron- a principal engineer at Mozilla Corporation, while the mechanism may prove to be highly valuable it may also pose severe problems or issues in the coming years.
In a statement by David Bokan, a Google Chrome developer, the security concerns were evaluated by the security team of Google and it was decided that ScrollToTextFragment will be released without opt-in, which gives a choice to opt-out of the feature in the future.
Additionally, Google has released a document summarizing the pros and cons of the deep linking technology in ScrollToTextFragment.
Apparently, the United States Department of Homeland and Security’s Cybersecurity and Infrastructure Security Agency has published a notification urging the administrators and users to upgrade their Google Chrome web browser to 80.0.3987.116 version. The latest release for Mac, Windows, and Linux users meets various vulnerabilities that may be abused by an attacker to gain control over the system.
For the record, the latest update comprises five additional security fixes along with the 56 which were a part of the Chrome 80 release.
Source Credits: https://www.searchenginejournal.com/google-chrome-update-introduces-a-new-type-of-privacy-concern/350712/#close
Djamo, the popular consumer finance app has reportedly secured $14 million from the renowned accelerator, along with three lead investors like Oikocredit, Enza Capital, and Partech Africa, and other participating investors, such as P1 Ventures, Janng...
A historic agreement has reportedly been made at the UN's COP27 summit that will see wealthy nations pay developing nations for the harm and economic losses brought on by climate change. Nations dealing with severe climate impacts have been wa...
According to a recently published report by the Canadian Centre for Policy, the hourly pay required for local employees to make ends meet has reportedly increased significantly in the Okanagan city of Kelowna. The living salary is the hourly salar...
© 2024 groundalerts.com. All Rights Reserved.
