New Google Chrome Feature Is Scaring Users Away for Privacy Issues
Google Chrome is arguably the most popular web browser in the world right now. Things may soon change drastically however with the latest Chrome 80 update. The update introduces a new feature called ScrollToTextFragment, which is a deep linking technology tied to website text. According to multiple sources however, it may have a few privacy concerns that won’t sit well with a good number of users.
The ScrollToTextFragment feature works by allowing Google to index websites and share links down to a single word of text and its position on the page. This is made possible by creating its own anchors to text (using the format: #:~:text=[prefix-,]textStart[,textEnd][,-suffix]), and they wouldn’t permission from the web page author to do so. While this may sound useful for sharing very specific links, the potential for it to be exploited is equally great, if not worse.
Peter Snyder, Brave Browser Privacy Researcher, said:
Consider a situation where I can view DNS traffic (e.g. company network), and I send a link to the company health portal, with [the anchor] #:~:text=cancer. On certain page layouts, I might be able [to] tell if the employee has cancer by looking for lower-on-the-page resources being requested. Imposing privacy and security leaks to existing sites (many of which will never be updated) really shouldn’t be a ‘don’t break the web’, never-cross, redline. This spec does that.
It’s worth noting that Peter Snyder is the person who initially realized the new feature running on the new Google Chrome 80. To add to the matter, Mozilla principal engineer David Baron warned against the use / development of ScrollToTextFragment by stating “My high-level opinion here is that this a really valuable feature, but it might also be one where all of the possible solutions have major issues/problems.”
Google Chrome Engineers Explains Further on ScrollToTextFragment
Since then, Google’s own engineers have released a document that explains the pros and cons of the deep linking technology used in ScrollToTextFragment. What sounds a bit scary here is that Chromium engineer David Bokan mentioned about how they’ve discussed this matter and other issues with their security team, but they disagree on the severity of the matter and will be proceeding this without requiring an opt-in.
With that being said however, Bokan added on by saying that they will be working on an opt-out option. With the immense power that Google is holding, they can essentially decide what is or isn’t acceptable. There is a good chance most users will not even realize the existence of ScrollToTextFragment and just have it running in secret. Now that you know about this potential issue, it’s still ultimately your choice if you’d like to use Google Chrome or not.google
Pokdepinion: Well, I recently switched over to Opera GX and never looked back. If you’re worried, there are plenty of good alternatives out there.