Google Just Fixed a 20-Year-Old Chrome Bug
There are many ways your internet activity can be tracked as you move from website to website, many of which you can mitigate through your browser choice (and browser settings) and the use of tools like a VPN .
Google Chrome remains the worst browser for privacy for many reasons, but that doesn’t mean the browser hasn’t made progress on privacy. In fact, the next version of Chrome will finally fix a 20-year-old bug that allowed users to be tracked and profiled based on previously visited links.
Privacy fix coming to Chrome 136
The problem Google is addressing in Chrome 136 is how previously clicked links by a user are displayed from site to site. As BleepingComputer explains , Chrome stores links visited around the world and allows them to appear a different color from the default blue across sites, even if you clicked on them from a completely different website. For example, you may see a purple link on one website, which indicates that you have visited it before, but clicked that link on another website first.
This method of storing visited links creates serious privacy and security problems, as it leaves users’ browser history open to leaks and increases the risk of phishing and various cyber attacks. BleepingComputer reports that researchers have discovered several attacks caused by this vulnerability in the past. Considering how Chrome has handled the situation for twenty years, this isn’t all that surprising.
This will change with the upcoming Update 136. This version introduces “triple key splitting”, where links are only marked as visited on the same site and frame origin where the link was clicked. There is also an exception for “native links”, meaning a site can show links to its own subpages as visited even if you clicked on those links elsewhere on the Internet, since the sites already know whether you reached those pages.
What Chrome users should do
The fix is expected to be enabled by default when Chrome 136 is released, but users of the current version (Chrome 135) and any previous versions before 132 can enable it manually. Go to chrome://flags/#partition-visited-link-database-with-self-links and select Enabled from the dropdown. Please note that this feature is still experimental and may not work as expected.
Of course, you might just consider switching to a browser that offers better privacy protection . (Firefox and Safari also have problems with link styles, although not as obvious as Chrome.)