Don't be Evil

Shady stuff in Google Chrome

Two days ago, I stumbled upon this thread on Hacker News. The subject of discussion is a comment on a W3C TAG discussion, which claims that Google Chrome sets Google-specific tracking headers (x-client-data) when visiting Alphabet-owned domains. The header's value is a "unique ID to track a specific Chrome instance" (installation).

There's no consent from users, or even an ability to opt-out.

This could obviously be used to fingerprint or track users (especially if combined with IP-address, for instance) – even across domains – which looks especially sketchy in the context of recent development with SameSite-cookies, as it means that Google is potentially keeping the possibility that everyone else will eventually be denied because of their vertical ownership, including the platform (browser).

An antitrust-case in the making?

Older post
Getting Alfa AWUS036ACH up and running on Kali