Of late, a new feature implemented into Google Chrome 80 is causing a panic among users. Earlier this month, Google introduced the Chrome 80 update for millions of desktop users around the world. The update includes a new feature called Scroll To Text Fragment. Thanks to this new addition by the team, Chrome users can simply create links to a specific part of the content on any web page.
Deep-linking feature in Google Chrome 80
For example, let’s say you want to highlight a specific word from a Wikipedia page. This new feature would allow you to create a separate link for that particular word. When Chrome 80 users click on this link, they will be taken directly to this phrase, which will automatically be highlighted. See the screenshot below:
This feature seems to be helpful. But Peter Snyder, a security researcher at Brave Browser, is warning Google Chrome 80 users against it.
According to Snyder, ‘Scroll To Text Fragment’ poses a privacy risk that Google did not address before shipping the feature directly with a stable release. Snyder has also raised concerns over how Google Chrome 80 has shipped this feature without a flag.
‘Scroll To Text Fragment’ in Chrome could leak your data
Web browser developers are part of the Web Platform Incubator Community Group (WICG) by W3C. This group is primarily used to propose and discuss new features before and after they are implemented into browsers.
Snyder believes the ‘Scroll To Text Fragment’ feature could allow an attacker to determine if the particular text appears on a page, reports The Register.
“For example: Consider a situation where I can view DNS traffic (e.g. company network), and I send a link to the company health portal, with #:~:text=cancer. On certain page layouts, i might be able tell if the employee has cancer by looking for lower-on-the-page resources being requested
Additionally, Snyder warns an attacker could also determine if the person is Facebook friends with someone or follows someone on Twitter:
“Besides the #:~:text=cancer example, Im certain the same approach could be used to figure out if you’re facebook friends with someone twitter.com#:~:text=@handle or many many other things.”
When asked if the feature is now live, Google Chrome developer David Bokan acknowledged that ‘Scroll To Text Fragment’ is indeed shipping without a flag in Google Chrome 80.
“We discussed this and other issues with our security team and, to summarize, we understand the issue but disagree on the severity so we’re proceeding with allowing this without requiring opt-in (though we are still working on adding an opt in/out).”
We are reaching out to several cybersecurity companies to hear what they have to comment on the issue. Till then, we are keeping a close eye on the development.
- Tags: Chrome