@fay59 @regehr yeah it seems like a classic bug too, revealing the existence of a file by returning an error code on attempting to access it. (Bonus points because the text is written with an llm, which feels somewhat ironical on the privacy front)

Edit: err I misread, chrome fetch actually lets you access extension resources? Seems... Interesting. Maybe they need it for adblocker detection :')

@alison @regehr @pascal_costanza

This is not new technology and folks have been talking about this for a while:

https://www.usenix.org/conference/usenixsecurity22/presentation/solomos

Browsers have basically become and extension of ad infrastructure and open up a huge surface area for fingerprinting that was not available w/o the browser aiding and abetting.

Extensions are particularly dangerous b/c they can reveal a lot of sensitive and identifying information about a user.

This is 💯 a symptom of too much concentration, monopsony power and a total abdication of lawmakers to set regulations.

@regehr (if non-rhetorical) it only runs on Chrome browsers, so use Firefox. (In either case) Fuck those guys!

https://browsergate.eu/how-it-works/

@regehr

You do realize that all of these companies fingerprint your computer in every way imaginable and use it to track you everywhere and we have no laws to prevent this.

It is totally insidious and these ad companies likely could write a biography of each of in such detail that you would be surprised by the conclusions they could make but likely be forced to admit they are correct.