Incognito mode is a useful feature of most modern browsers. Thanks to this, no third party will be able to see the progress of the pages we have viewed, nor will any information about us be collected on the websites. After all, the name "incognito" obliges you to something, right? However, it turns out that it is not quite. Recently, in the most popular browser, Google Chrome, there is a vulnerability that allows individual services to detect incognito mode and actually track users. Google has promised to take care of this matter, and in Chrome's latest update, number 76, we can fully enjoy privacy. However, some publishers may not like this idea …
Google has announced that it will close the vulnerability in the Chrome browser. It enabled websites to track users in incognito mode as well.
Chrome uses the FileSystem API mechanism, which is disabled when Incognito is enabled. As a result, users do not leave any traces of their presence while browsing websites. Unfortunately, content exposed sites (eg, articles) have been checking the presence of the FileSystem API for some time to see if the incognito mode is in use, distorting its meaning. For example, some publishers want to protect themselves against abusing the limit of free items in a month. Google claims privacy is the most important thing, and Chrome 76 eliminates the FileSystem API detection mechanism.
With Internet Explorer 11, you can steal data from Chrome and Firefox.
Web sites can no longer track users in incognito mode. The US decision is based on the fact that the mechanism for detecting the number of articles read from certain pages can be easily circumvented, while making it clear that no intrusion into users' privacy should be tolerated. Google is calling on portal owners not to take revenge on the internet and lift the restriction to free articles. The company is open to cooperation in developing other solutions, but points out that they must be based on trust in Internet users and privacy.
Source: Tom's Hardware