security

Google Suddenly Halts Controversial Chrome Change In Dramatic New COVID-19 Move – Forbes


As COVID-19 continues to hit software roll outs, Google is halting a controversial Chrome change that aimed to increase security and privacy by phasing out support for third party tracking cookies.

In a dramatic turnaround, Google said in a blog that it would now roll back the SameSite cookie changes that had started to reach Chrome users in February. The roll back is temporary and will be picked up again at a later date.

I reported back in February how the SameSite cookie changes could break a bunch of websites in Chrome. During the COVID-19 crisis, some of these websites could be critical as people shop, bank and do pretty much everything online. 

Google cites “extraordinary global circumstances” amid COVID-19

“With the stable release of Chrome 80 in February, Chrome began enforcing secure-by-default handling of third-party cookies as part of our ongoing effort to improve privacy and security across the web,” said Justin Schuh director of Chrome engineering. 

Schuh said Google had been “gradually rolling out” the Chrome changes while “closely monitoring and evaluating ecosystem impact, including proactively reaching out to individual websites and services to ensure their cookies are labeled correctly.”

But he added: “In light of the extraordinary global circumstances due to COVID-19, we are temporarily rolling back the enforcement of SameSite cookie labeling, starting today.

“While most of the web ecosystem was prepared for this change, we want to ensure stability for websites providing essential services including banking, online groceries, government services and healthcare that facilitate our daily life during this time.”

Shuh said the rolling back of the changes shouldn’t affect organizations, and users and sites should see no disruption. You can check back to his blog, the SameSite Updates page, and my page for news about when Google plans the enforcement, which he predicted would happen over the summer.

COVID-19 and the tech fallout 

COVID-19 is affecting all tech companies as employees work from home and priorities change. Last month, Google announced it would pause new Chrome features in a powerful move aimed at ensuring the browser is as secure as possible. Microsoft’s Edge, which is also based on the Chromium browser engine, followed suit. And Microsoft has also announced the decision to pause optional cumulative Windows updates from May.

MORE FROM FORBESMicrosoft’s Major New Browser Security Move Reveals Serious COVID-19 Impact

But in late March, Google announced it would resume Chrome releases in an updated schedule. Google is prioritizing security and fixes in Chrome 80 before releasing Chrome 81 n April 7. It will skip Chrome 82, and Chrome 83 is coming a few weeks earlier than anticipated in mid-May, along with a bunch of new features.

As COVID-19 continues to see a huge number of us working from home, it’s not surprising to see changes to software release schedules. And the SameSite roll back will be welcomed by many, not least the people who will now be able to more easily use all websites in Chrome when they need to buy food or transfer money. 



READ SOURCE

READ  Security Trends Your Company Needs to Embrace in 2019

Leave a Reply