Update
Apparently this is patched out by Brave, but it is enabled by default. See u/Engywuck@lemm.ee 's comment below!
Vanilla chromium gives google’s websites special treatment by offering detailed CPU info, among other things. This is implemented through a hidden browser extension. You can prove this by yourself by running chrome.runtime.sendMessage("nkeimhogjdpnpccoofpliimaahmaaome", {method: "cpu.getInfo"}, (response) => {console.log(JSON.stringify(response, null, 2)); }, ); on google.com through the browser console. For me, it gives the following info:
{
"value": {
"archName": "x86_64",
"features": [
"mmx",
"sse",
"sse2",
"sse3",
"ssse3",
"sse4_1",
"sse4_2",
"avx"
],
"modelName": "Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz",
"numOfProcessors": 4,
"processors": [
{
"usage": {
"idle": 28238205,
"kernel": 827581,
"total": 32762960,
"user": 3697174
}
},
{
"usage": {
"idle": 1455131,
"kernel": 743391,
"total": 6209241,
"user": 4010719
}
},
{
"usage": {
"idle": 1448653,
"kernel": 769970,
"total": 6068506,
"user": 3849883
}
},
{
"usage": {
"idle": 1450274,
"kernel": 744886,
"total": 5948597,
"user": 3753437
}
}
],
"temperatures": []
}
}
Note that this doesn’t work on other websites like lemmy.world, only google.
What I am confused about is that I can replicate this behavior in Brave. Why does brave reveal this information to google, and to google only? From what I understand, it can be used for fingerprinting and tracking. Shouldn’t this be patched out? Is my testing methodology flawed? Will this be fixed?
Brave version: Version 1.67.123 Chromium: 126.0.6478.126 (Official Build) unknown (64-bit) running on linux via flatpak
Deactivate Settings -> Extensions -> Hangouts and it won’t work anymore.
By the way, they’re already on it, as a PR for the removal of this extension has already been posted: https://github.com/brave/brave-core/pull/24583
Thank you, this did it!