Pakukurukura Google kubatanidza zviri mukati meHTTP Mushandisi-Mumiriri musoro, mugadziri weKiwi browser kune "X-Client-Data" HTTP musoro wasara muChrome, izvo zvingangoita General Data Protection Regulation inoshanda muEuropean Union () Panguva Huviri hwezviito zveGoogle zvakashorwawo, izvo kune rumwe rutivi kuvhara chiziviso chakavanzika uye kuteedzera zviito zvemushandisi, asi kune rimwe divi, haisi kukurumidza kubvisa rutsigiro rwemusoro weX-Client-Data kubva kuChrome, inogona kushandiswa kuona zviitiko zvebrowser paunowana masevhisi eGoogle.
Iyo X-Client-Data musoro haina kuvanzwa mashandiro uye maitiro ayo ndeaya muzvinyorwa. Kuburikidza neX-Client-Data, Google inogamuchira data pamusoro pekuita kwemamwe maficha ekuyedza muChrome ane chekuita nemasaiti ayo (semuenzaniso, panguva yekuyedza, Google inogona kumisa mamwe maficha ekuyedza muYouTube kana achitsigirwa nebrowser kana kuedza correlate matambudziko ane activation yekuedza mabasa).
Header Chete zvikumbiro kumasaiti eGoogle anoenderana nemasiki β*.doubleclick.netβ, β*.googlesyndication.comβ, βwww.googleadservices.comβ, β*.google.>" uye "*.youtube. ", uye yakatumirwa kuburikidza neHTTPS. Mune incognito mode, musoro hauna kugarwa, asi kana mushandisi akatenderwa nhoroondo yeGoogle akachinja kune yevaenzi kana kana data rekubvisa data richidanwa, musoro haugadziriswe uye unoramba uchitumirwa neukoshi hwakafanana.
Musoro wacho unonzi hauna ruzivo rwemunhu uye unongotsanangura mamiriro ekuisa Chrome uye anoshanda ekuyedza maficha. Kana bhurawuza yekushandisa telemetry uye kurongeka kwekuzivisa kwakavharwa muzvirongwa, kugadzira iyo base X-Client-Data musoro kukosha inoshandisa chete 13 bits ye entropy (8000 misanganiswa yakasiyana), iyo isina kukwana kuti izivikanwe.
Tichifunga kuti musoro unoisawo mamwe masisitimu ehurongwa uye ma parameter, pakupedzisira zviri mukati meX-Client-Data zvakanyatsokodzera seimwe sosi yedata yekuzivikanwa kwemushandisi asina kunanga munguva pfupi (yekuyedza masimba anogoneswa uye akaremara nekufamba kwenguva, izvo zvinotungamira kune nguva nenguva shanduko yekukosha muX-Client-Data).
Nekudaro, mukuwedzera kune yekutanga entropy, kana uchigadzira iyo X-Client-Data kukosha, kune zvakare kutevedzana kwembeu yakadzoserwa nemaseva eGoogle uye zvichienderana nenyika, IP kero uye mamwe maitiro ayo Google anoona akakosha (semuenzaniso, hapana chinodzivirira. iwe kubva pakudzorera yakakura isina kutevedzana inoteedzana, inova iyo chaiyo identifier).
Pamusoro pezvo, kutarisa uchishandisa Google domain masks paunenge uchitumira X-Client-Data haisanganisi mamiriro ezvinhu apo munhu anorwisa anogona kunyoresa domain se "youtube.xn--55qx5d" uye otanga kuunganidza zviziviso.
Source: opennet.ru