Chrome 76 To Prevent Incognito Mode Detection

(Image credit: tanuha2001 / Shutterstock)

Google announced that Chrome 76 would deprecate the FileSystem API starting with July 30. The API has been giving some media publishers and other companies the ability to detect when someone uses the Incognito Mode and bypass it (thus tracking the user and defeating the purpose of the Incognito Mode). 

Google adopted the FileSystem API in Chrome when it was still an IETF draft to allow Chrome Apps and extensions to store their data locally on a PC almost a decade ago. However, the IETF draft was never ratified, nor was it adopted by the W3C, which left Chrome as the only major browser to support it. Firefox and other browsers moved on to support IndexDB for local storage.

Google disables the FileSystem API in Incognito Mode so that users don’t leave traces of their browsing activity when in Incognito Mode. However, years later, publishing sites that use paywalls for their articles while giving away a few stories per month for free have begun (ab)using the FileSystem API to block people from reading too many of their stories for free. The publishers can detect who uses Incognito on Chrome because they can detect if the FileSystem API is not present in the browser.

Google argues that the publishers’ soft paywall model of detecting how many stories each individual has read by tracking them through browser cookies was already porous as users have had multiple ways of eliminating those cookies from their browsers and reset the free story meter.

The company also recommended publishers not to be too reactive to the change and eliminate the free stories for everyone as a consequence of not being able to detect who uses the Chrome Incognito Mode anymore. Google re-emphasized that the goal of the Incognito Mode was to allow users to browse privately. They can’t do that if other companies can detect when they use the Incognito Mode, defeating its purpose.

Although Google is fixing a privacy loophole that has existed in its browser's Incognito Mode for almost a decade, it still seems to consider browsing on the internet an "option" it wants to give users. Meanwhile, other browsers such as Firefox, Safari, Brave, and even Microsoft's new Edge browser are all much farther along in the privacy protections aspect than Chrome is.

Firefox, Safari and the new Edge all have some kind of tracking protection enabled by default, while Brave (created by former Mozilla CEO and JavaScript inventor, Brendan Eich) offers adblocking and third-party tracking also enabled by default, along with a more advanced Tor-based private mode that Mozilla has also promised for Firefox.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.