Chrome secretely stalking you all accross Google sites with X-Client-Data-header

Read here: https://www.theregister.co.uk/2020/02/05/google_chrome_id_numbers/

The code[1] shows the X-CLIENT-DATA is sent for any google.X domain where google owns the TLD
No-body can really be surprised as this is and always have been Google’s core-business.
They make the tracking browser, so they will track the … out of ye.

It has Google Analytics, DoubleClick, Adsense, reCaptcha and other code on pretty much every site that matters.
So back to some days of healthy competition.

Not surprised it does not make a difference to the masses, they will google on whatever it takes.
But there are some folks to use DDG, Quant etc.

Or an older tool like Telescope and a browser like Chameleon.

Interesting to go over a website with this - https://webcookies.org/cookies/re-va.fr/28852667?459481 (random example)

polonus

No surprise here, but they are all at it :wink:

I have never used Chrome or any chromium based browsers (including ASB), to the best of my knowledge.

Google’s business IS data mining

But in that case they also have to mind the bugs:
Google Cloud Messaging Notification Plugin stores an API key unencrypted in its global configuration file -
https://www.cvedetails.com/cve/CVE-2019-10379/
This info blocked because of existing Trojan → -https://www.openwall.com/lists/oss-security/2019/08/07/1
However not flagged here: https://sitecheck.sucuri.net/results/https/www.openwall.com/lists/oss-security/2019/08/07/1
Re: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3Ll1we253fGxsLl5dbWBsW3N0c2Bdc3Mtc3tedX1bdHlgMjAxOWAwOGAwN2Ax~enc

polonus