April 6, 2020

Google is making a security compromise to keep Chrome running smoothly

By Tech Online Things

Google is delaying a Chrome security update to minimize disruption while people are forced to work remotely.

Back in February, Google started to implement an important change to limit the functionality of third-party cookies in Chrome. Launched in Chrome 80, the cookie changes were designed to help improve the privacy and security of users.

SameSite cookie labelling saw Google enforcing secure-by-default handling of third-party cookies. But just two months later, Google is rolling back the changes to cookie handling citing the “extraordinary global circumstances due to Covid-19”.

The aim of the change was to block cross-site tracking in Chrome and prevent the exploitation of cookie vulnerabilities. But while the security and privacy improvements this would bring about, there is concern that not all websites were prepared for the changes.

Google is aware that the coronavirus pandemic is forcing more people to work from home, and businesses and individuals are even more reliant on the internet than normal. The company is concerned that some essential services might not be prepared for the changes.

Cookies changes on hold

Google wants to ensure that services such as banking, healthcare, online food shopping and government site continue to function properly. As such the company is rolling back the cookie changes to eliminate the risk of disruption.

But the rollback won’t be permanent; Google plans to resume the enforcement of new way of handling cookies, and it is currently aiming for some time over the summer. As the rollback was caused by the coronavirus pandemic, however, this time frame could change depending on how the virus is handled over the coming weeks and months.

Google says it will continue to provide more information on the SameSite Updates page.