Click to Skip Ad
Closing in...

Google will close a Chrome ‘loophole’ that tells sites you’re in incognito mode

Updated Jul 19th, 2019 7:03AM EDT
Google Chrome Update
Image: Shutterstock

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Google is about to improve your internet browsing privacy with the help of a new Chrome update that’s meant to prevent websites from detecting your incognito sessions. The “loophole” fix will roll out at the end of July and will have a significant side-effect, effectively blocking publishers who offer metered paywalls to readers to detect incognito mode. The good thing here is that Google is making this loophole disappear. 

From Google’s blog on the matter:

Today, some sites use an unintended loophole to detect when people are browsing in Incognito Mode. Chrome’s FileSystem API is disabled in Incognito Mode to avoid leaving traces of activity on someone’s device. Sites can check for the availability of the FileSystem API and, if they receive an error message, determine that a private session is occurring and give the user a different experience. 

Google also said that it’s going to block any other method of detecting hidden sessions. The company stressed on the fact that certain groups of users, like those people affected by political oppression or domestic abuse, may be even more interested in covering their tracks online.

Some people use incognito mode to exceed the number of free articles a publisher offers each month before encouraging users to pay for the content. The loophole fix will allow users to bypass detection and continue bypassing the paywall. Google says it’s aware of the matter, but user privacy is more important. Publishers will have other ways at their disposal to discourage some of their customers from bypassing the paywall, but Google encourages not to react to the change impulsively: 

Sites that wish to deter meter circumvention have options such as reducing the number of free articles someone can view before logging in, requiring free registration to view any content, or hardening their paywalls. Other sites offer more generous meters as a way to develop affinity among potential subscribers, recognizing some people will always look for workarounds. We suggest publishers monitor the effect of the FileSystem API change before taking reactive measures since any impact on user behavior may be different than expected, and any change in meter strategy will impact all users, not just those using Incognito Mode.

What the update won’t fix is user tracking for incognito browsing. Reports earlier this week revealed that we’re all being tracked even when browsing porn in incognito mode. Whatever data is collected as a result can reach third parties and potentially be linked to other info some companies have about users. The new research (via The Verge) shows that icognito modes do not deliver the privacy some users may have expected. The authors looked at nearly 22,500 port sites, discovering that 93% of them leak data from third parties, including data from incognito sessions. 

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2007. When he’s not writing about the most recent tech news for BGR, he closely follows the events in Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming new movies and TV shows, or training to run his next marathon.