One of Google Chrome’s biggest flaws is letting web developers detect when you are using Incognito Mode. This will soon be a thing of the past as Google is reportedly working on a new set of code changes. The issue according to 9t05google, is already being fixed, and sites like Facebook, Amazon, and the likes will not be able to detect when you are in Incognito Mode.
Web developers have a way of detecting whether or not you are in Incognito Mode—and this is by virtue of a simply trick. All a developer needs to detect your status is a simple search for “how to detect Incognito mode,” which returns results from Stack Overflow—a place where developers have shared the best ways to do so.
An internal design doc obtained by 9to5Google showed that Google is already working on the issue, and as soon as this protection is in place, Google’s major goal will be to remove the FileSystem API altogether, based on how many “legitimate uses of it remain once the Incognito detection abusers move on.”
“Since there’s no adoption of the FileSystem API by other browser vendors, it appears to be only used by sites to detect incognito mode. By making this harder, hopefully the overall usage of the API goes down to the point that we can deprecate and remove it.”
The ability to prevent the detection of Incognito Mode feature is expected to arrive in Chrome 74 first behind a flag, while it would be enabled later in Chrome 76.
Lately, Google Chrome added one of the most effective features to guard against accessing phishing sites. The world’s most popular browser Chrome is adding a feature that will help users to fight out sites with URLs that look exactly the same or similar to popular websites. Such sites, according to the report, must have deemed unsafe for users.
Usually, we have a situation where attackers try to steal credentials of their victims by means of phishing tactics. Oftentimes, victims of such moves don’t get to check for misspelt words prior to hitting the search or enter button. When this happens, they [users] are taken to the site of the attacker where they become vulnerable—losing their online credentials.
The feature, according to Catalin Cimpanu of ZDNET, has been in the works for a while, and will now be used to fight against those the practice of IDN homographs attacks, which is often used to lure users on websites they had no intention of accessing.
You can enable this feature through the flags in Chrome’s latest canary release. Typing chrome://flags/#enable-lookalike-url-navigation-suggestions brings up the relevant toggle. The feature, according to Google, is close to being officially released. That said, there is no information on when its stable version will be eventually released for everyone.