You may have noticed that blue links turn purple when clicked. Google said in a blog post that this little thing could allow third-party sites to access users' browsing history, and has already fixed the issue.
Information about website visits is stored in browser cookies, and as the company explains, these files have long been "unshared." This meant that when a user clicked on a link, it was marked as visited on every website that contained that link, even if those sites had no connection to each other.
Google called this a "fundamental design flaw" because it could have led to information leaks about users' online activity. Malicious sites could have obtained data about users' browsing history through this mechanism.
The search giant has fixed this flaw in its latest Chrome update. Now, clickstream data will be stored separately, without sharing this information with other websites. This update will be part of Chrome 136 and is already available in the Chrome Beta channel.
The issue was first discovered by security researcher Andrew Clover in 2002, citing an article titled Timing Attacks on Web Privacy. Incidentally, the issue affected not only Chrome, but also other browsers such as Safari, Opera, Internet Explorer, and Mozilla Firefox.