Microsoft fixes privacy leak in Chromium Incognito Mode
2 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Microsoft has been contributing to the development of the Chromium code base which powers numerous browsers, including their new Edge and of course Google Chrome.
Their latest submission is to correct a potential privacy leak in Chromium’s Incognito mode. The issue occurs because the browser till now did not support Windows 10’s IS_PRIVATE text input scope tag. This means while in Incognito Mode the Windows 10 keyboard would still learn from the information you type to improve the accuracy of the keyboard, and may, therefore, cache commonly used phrases, passwords, URLs and other text snippets and offer them to the user in other contexts.
One can imagine for example typing about Tinder in incognito mode a lot, and the keyboard then offering up tinder as an auto-complete suggesting when doing a presentation and typing about tins.
A Microsoft engineer Siye Lui has proposed:
We need to set input scope to IS_PRIVATE if we are in “Incognito” or “guest” mode on Windows 10.
The change is currently in code review.
The issue illustrates well how it is helpful to have the OS developer and the developer of the most popular browsing engine in the world working together, which will hopefully mean a better experience for us all.
User forum
0 messages