Home > News content

The New York Times website is still detecting and recognizing the stealth mode of Google Chrome.

via:cnBeta.COM     time:2019/8/12 22:35:51     readed:176

nytimes-incognito-detection-prompt.png

Beginning in February, the Google Chrome development team began researching how to prevent websites from detecting anonymous patterns and providing such functionality to all devices in Chrome 76. Of course, since then, several security researchers have discovered at least two new ways to detect stealth patterns and can easily be copied to almost any website. Google knows that this is inevitable, which is why they publicly explain their concerns about user privacy and urge websites not to circumvent this stealth mode protection.

Google: "We recommend that publishers fully monitor the impact of different FileSystem API settings before implementing a detection strategy, as any impact on user behavior may be different than expected, and any changes to the site's policies will affect all users, not just Only those users who use stealth mode."

It is foreseeable that this request has been ignored, because as Techdows reported, the New York Times seems to have resumed their practice of detecting the stealth mode of Google Chrome. Navigate to any of their articles in an incognito window and then prompt you to log in to continue reading.

Interestingly, there seems to be no known solution for discovering incognito windows. All the code that the New York Times used to detect private browsing in other browsers (including earlier versions of Chrome) still exists, but there seems to be no new solution for Chrome 76.

As large sites like the New York Times re-start detecting stealth patterns, other publishers have followed suit as a matter of time, making Google’s recent efforts useless. However, Google Chrome's anti-detection strategy is effective for scenarios that use the FileSystem API to detect user patterns.

In the original plan to end stealth detection, Google explained that they wanted to "deprecate and delete" the FileSystem API completely, assuming usage statistics showed that few websites used it for legitimate reasons. Unfortunately, there is no way to know how quickly Google can make such a move, which means that paid reading will continue to rule for the foreseeable future.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments