Websites can still detect if you use Incognito mode in Chrome despite Google’s promise to fix it


Google had promised to fix the bug allowing websites to detect if you were using the Chrome Browser Incognito Mode, but it never did fix it

We had explained how your private browsing habits were not so private in Google Chrome’s Incognito Mode and other browsers that use Chromium. In fact, most users visit adult entertainment websites like Pornhub, Xvideos, and Xhamster using the Chrome Incognito Mode or Edge Private Browsing Mode thinking their visits are private and cannot be accessed by outsiders. We had proved how your employer, school, ISP, and the websites that you visit in private mode can track you.

The other side of this Incognito Mode coin is the ability of websites to know when the users are using Incognito Mode. Most websites are still capable of detecting when you visit them using Chrome’s Incognito Mode. And this is despite Google’s promise in 2018 to root out this bug.

This bug exists because of the way websites misuse the Chrome 76 FileSystem API. Almost every website uses the FileSystem API to detect if you are browsing using Chrome’s normal browsing mode or its incognito mode. Google had promised to fix the FileSystem API so that websites cannot detect users using Private Mode.

In fact, it tried to implement the same in Chrome 76. Before Chrome 76, any website could track just by querying this API to find out if a user was using incognito mode. With Chrome 76, Google released Chrome 76 in 2019, which had FileSystem API for Incognito Mode activated. But there was a way to exploit this API which the websites immediately found. Google didn’t fully activate the FileSystem API, but merely set up a hard limit to the amount of storage space that incognito mode windows could access, at 120 MB. It took websites just hours to develop scripts that probed the FileSystem API to determine the amount of storage space a website could access, and indirectly detect if the user was using incognito mode or not.

Most websites don’t like users who use Incognito Mode because it is difficult to track them and target them for Ads. It is also difficult for paid websites because some users use incognito mode browsing to bypass content paywalls, geotags, and content filters/limiters. Even Google finds it difficult to monetize content if the user is behind Incognito Mode and therefore its reluctance to fix the issue.

You should know that any website you visit using Incognito Mode knows you are using that mode. Be it Chrome Incognito Mode or other Chromium-based browsers, such as Edge, Opera, Vivaldi, and Brave.

Google is now facing a $5 billion lawsuit for this inaction and tracking Private Mode users’76 information. Chrome 83 promises to be different but we have to wait and watch.


About Author

"The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had." Eric Schmidt

Notify of
Inline Feedbacks
View all comments