Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Google Chrome will block resource-heavy ads starting August 2020

Google Chrome will block resource-heavy ads starting August

google chrome
The Google Chrome web browser will start unloading ad iframes using too many system resources without the user’s knowledge starting with the stable release coming near the end of August. Chrome will target ads that drain device resources like battery, network data, and CPU processing power, such as those designed to mine for cryptocurrency known as being resource hogs that will drain battery life and network bandwidth. “In order to save our users’ batteries and data plans, and provide them with a good experience on the web, Chrome will limit the resources a display ad can use before the user interacts with the ad,” Chrome Product Manager Marshall Vale said. ‘When an ad reaches its limit, the ad’s frame will navigate to an error page, informing the user that the ad has used too many resources.” If users click the Details link, they will see a short message explaining why the ad was unloaded and saying that “This ad uses too many resources for your device, so Chrome removed it.” Development on this new feature started during mid-2019 and it is part of a larger effort trying to steer ads into becoming friendlier with Chrome blocking a whole range of abusive or misleading advertisements since version 71 was released in December 2018. Ads previously included in Chrome’s blacklist are the ones that promote and distribute malware, feature hidden click areas, display fake mouse pointers, abuse non-interactive redirects, show fake messages and alerts, and generally display misleading behavior. To filter these harmful ads, Chrome follows the Better Ads Standards to determine if a site is displaying abusive ads.

Finding the heavy ads

To spot resource-heavy ads, Google is using a thresholds-based system that will automatically mark them as heavy ads if users do not interact with them and they meet these criteria:

  • Uses the main thread for more than 60 seconds in total
  • Uses the main thread for more than 15 seconds in any 30-second window
  • Uses more than 4 megabytes of network bandwidth

As Vale explained, even though only 0.3% of all ads displayed on the web will exceed these thresholds, they are behind 26% of all the network data and 28% of all CPU resources used by ads.

Among the ad behaviors this new feature will discourage, Google mentions ads mining cryptocurrency, ads loading large, poorly compressed images, and ads loading large video files before a user gesture.

Ads that perform expensive operations in JavaScript, including CPU timing attacks and video decoding will also be unloaded automatically if they are marked as resource-heavy ads.

Heavy ads stats
Heavy ads stats (Google)

How to test heavy ad intervention

While the feature is not yet enabled for users of the Chrome stable branch until the end of August 2020, users of Chrome Canary (now at version 84) can easily test it using the following flags:

  • Enable chrome://flags/#enable-heavy-ad-intervention
  • Disable chrome://flags/#heavy-ad-privacy-mitigations

As Google explains it, the new behavior is activated when you enable the chrome://flags/#enable-heavy-ad-intervention flag “but by default, there is some noise and variability added to the thresholds to protect user privacy.”

When disabling chrome://flags/#heavy-ad-privacy-mitigations, the heavy ad restrictions are applied purely according to the limits.

You can test the intervention on some sample content available on heavy-ads.glitch.me, and can also use it to load arbitrary URLs to test your own sites.

Privacy Ninja:

It is great to see google chrome updating their software to help protect its users. We recommend using uBlock Origin as the best ad and popup blocker for both beginners and professional users.

Do check out our Privacy Training as we teach you how to protect yourself online.

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us