Three key words: File, write, benchmark
A week ago, Google released Chrome 76, which included a change intended to prevent websites from detecting when browser users have activated Incognito mode.
Unfortunately, the web giant's fix opened another hole elsewhere. It enabled a timing attack that can be used to infer when people are using Incognito mode.
On Sunday, developer Jesse Li described a novel method to detect when Chrome users have activated Incognito mode using Chrome's FileSystem API: it is possible to benchmark the speed at which files can be written to disk using this software interface.
The technique is similar to one proposed last month by security researcher Vikas Mishra. He found that ..
Support the originator by clicking the read the rest link below.
