You just can't finish off Zuckerberg.

“Meta devised an ingenious system (“localhost tracking”) that bypassed Android’s sandbox protections to identify you while browsing on your mobile phone — even if you used a VPN, the browser’s incognito mode, and refused or deleted cookies in every session.”

  • MimicJar@lemmy.world
    5·
    5 days ago

    You’re not affected if (and only if)

    You always used the Brave browser or the DuckDuckGo search engine on mobile

    I found that odd, but reading the more technical write up (linked in the article) it seems Brave blocks localhost communication.

    The Chrome proposal references a single use case. I’ve never seen a website that sets up my local devices, but is this a new thing?

    Why did localhost not get blocked earlier? This seems like a huge hole browsers have ignored for years.

    Also the DuckDuckGo exception doesn’t make sense to me. Does DuckDuckGo have Facebook trackers on it to begin with? Whatever site DuckDuckGo sends you to, if they have the trackers, you’ll get tracked.

      • MimicJar@lemmy.world
        2·
        5 days ago

        I completely forgot that existed! Double checking the technical article they do correctly label it as a browser in their testing matrix/grid.

        I just got confused by the clear “Brave browser” call out. When I hear DuckDuckGo I definitely don’t think browser.

        Good catch!