Google Is Working On A New Web Standard Called WebBundles Which Is Dangerous To The Privacy Of Internet Users, Security Researchers Warned

Google is proposing a new web standard that allows sites to ‘bundle’ an entire webpage into a single file, and it could made it impossible for web browsers to process sub-resources by Uniform Resource Locator (URL). Called the WebBundles, it is dangerous to transparency as well as the privacy of internet users. According to Google, the new technology offers a lot of unique features as well as benefits including that it enables executable JavaScript. However, not everyone agrees with the company’s assessment and description of the new technology.

Peter Snyder, a privacy researcher, published an analysis of the new standard that highlights the dangers of WebBundles in regards to content blocking, the privacy of internet users, and the Open Web in general. In a blog post, the developer of privacy-focused browser Brave and Senior Privacy Researcher at Brave Software, Peter Snyder, wrote that the new standard could allow marketers and malicious actors to circumvent security and privacy protections.

Google’s new WebBundles standard could render ad-blockers redundant, preventing ad-blockers from intercepting resources via the usual avenue. The security researcher first expressed concern about the plans back in February of this year and he claimed that he is collaborating with relevant parties to rectify issues with the WebBundles standard, however, apparently to no avail.

Google has designed the standard to ensure the integrity of webpages and their sub-resources by letting sites collect resources together into a single file. CDN (content delivery networks) will be able to serve the websites by packaging up resources into a .wbn file. But Snyder explained that the standard will also inhibit the effectiveness of ad-blockers. In the blog post, Snyder wrote that this threatens to change the web from a hyperlinked collection of website resources to opaque all-or-nothing ‘blobs.’ Currently, when a user opens a webpage in any browser, content such as pictures or scripts gets loaded individually.

The security researcher believes that WebBundles will allow cybercriminals to evade security and privacy measures via several different avenues. Cybercriminals may use WebBundles to randomize URLs, reuse them, and even hide dangerous URLs. Although Snyder sees the benefits of the new web standard, he argues that these breaches of privacy will be made quicker to penetrate if Google releases the standard in its current state. Google has already integrated WebBundles in Chromium and development versions of Chrome, however, the experimental tool is currently disabled. You can enable the feature on chrome://flags by searching for the term ‘WebBundles.’

Read next: Google is still not the all-knowing, almighty search engine as 15 percent of queries are ‘never seen before’ by tech giant
Previous Post Next Post