Google temporarily refuses from SameSite cookie security feature due to COVID-19

Google announced that it is temporarily refusing to deploy the SameSite cookies protection mechanism, which was enabled for a limited number of Chrome 80 users in February this year.

Because of the coronavirus, companies do not want to provoke website crashes and create additional problems with their availability. Due to widespread quarantine and the transition to remote work, companies and IT personnel already have enough problems.

“In light of the extraordinary global circumstances caused by COVID-19, from now on, we are temporarily abandoning the use of SameSite”, — said the head of Chrome Engineering on the company’s blog. — Although majority of the web ecosystem were ready for these changes, we want to ensure the stability of sites that provide essential services such as banking, food delivery, government services and healthcare that help support our daily lives in these times.”

SameSite cookie — is a protective mechanism that should prevent third-party domains from creating cookies while the user is not on their site. The main idea is to prohibit the use of cookies in the browser to monitor users and their movement from site to site.

Earlier Chrome accepted more cookies by default, including from third parties. SameSite flipped that default. At a high level, that essentially means that unless a third-party cookie explicitly was set by a website owner as being okay, Chrome would block it.

These changes have already had a big impact on the online advertising industry and web analytics companies. So, Google announced support for the SameSite cookie in May 2019, and after that, most advertising and analytic companies have already switched to other methods of tracking users.

“As sites have had to deal with the complications caused by the COVID-19 outbreak, it’s likely that many haven’t had the time or the resources to adapt to the update and aren’t likely to be able to devote attention to it in the near future. Since social distancing measures have greatly increased reliance on online services, disruptions like this could cause a number of issues, especially when it’s related to health care resources”, — write The Verge journalists.

Chrome developers write that, of course, they are not going to refuse from implementation of the SameSite cookie. The function will have to resume its work, and tentatively during the summer, the deployment will continue.

This isn’t the only Chrome update affected by the outbreak.

Google developers decided to release all the security updates that are part of Chrome 81, as a small update for Chrome 80, and the release of stable versions of the browser and Chrome OS was frozen indefinitely.

At the same time, Microsoft Edge overtook Mozilla Firefox in popularity and, apparently, forced the Chrome developers to stop, pausing many innovations during quarantine.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Windows 10 2004 issues

After Windows 10 2004 release Microsoft is already listing issues

The big May update of Windows 10 2004 finally became available to everyone. It included …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.