Google Web Bundles could compromise security and invade users’ privacy, not to mention disable ad-blockers, security expert warns…
A new web specification created by Google might have unintended consequences, serious enough to compromise security and invade users’ privacy. This, according to Peter Snyder, Senior Privacy Researcher at Brave Software. Snyder claims that the new Google Web Bundles, while potentially improving user experience, could possibly be exploited by hackers and even breaking ad-blockers, at the very least.
New Google Web Standard Raises Serious Privacy and Security Concerns
Google’s Web Bundles standard seeks to ensure the integrity of web pages, along with their sub-resources. The technology would do so by allowing websites to collect resources together into a single package or what’s known as a .wbn file, to collect resources into a solitary container. However, this could open the door for hackers, allowing them to avoid privacy and security measures.
Snyder explains in a blog post how Google’s Web Bundles could constitute a threat to security and privacy:
“URLs in WebBundles are arbitrary references to resources in the bundle, and not globally shared references to resources. This will allow sites to evade privacy and security tools in several ways. At root, the common cause of all these evasions is that WebBundles create a local namespace for resources, independent of what the rest of the world sees, and that this can cause all sorts of name confusion, undoing years of privacy-and-security-improving work by privacy activists and researchers.”