Chrome 76's arrival in late July brings with it an update that will close an "unintended loophole" that's been around the browser's Incognito Mode for quite some time.
Once this latest release rolls out, a method that websites employs to check if a visitor is in Incognito Mode will be rendered useless.
In a blogpost published July 18, Google
announced that it's closing the FileSystem API loophole with Chrome 76's release. The FileSystem API is disabled in private browsing, and websites can check if the FileSystem API is available to determine if a user visited the site using Chrome's Incognito Mode or not. If it's not available, it means that a visitor is in private mode.
According to Google, when a site detects if a user is browsing via Incognito Mode, it will ask visitors to open the site using a regular Chrome browser
. Some sites do this to count how many site visits they had over a period of time.
"With the release of Chrome 76 scheduled for July 30, the behavior of the FileSystem API will be modified to remedy this method of Incognito Mode detection. Chrome will likewise work to remedy any other current or future means of Incognito Mode detection," Barb Palser, Partner Development Manager, News and Web Partnerships at Google, said
True Private Browsing In Incognito Mode
At first glance, this looks like a major blow to the revenues of publishing sites. However, Google said this change is all about maintaining privacy, as this loophole beats the purpose of Chrome's Incognito Mode.
While it's true that some users browse privately to dodge paywalls, some users have more serious grounds on why they choose Incognito browsing. An example would be if a user wants to keep their web activity private to avoid political oppression or if they're trying to avoid someone that's abusive.
Some users even browse privately when using borrowed devices so as not to affect the device owner's web preference. Another reason is to exclude certain sites from a user's browsing history and activity.
All things considered, Google urges publishers to "monitor the effect of the FileSystem API change before taking reactive measures."