Update

Apparently this is patched out by Brave, but it is enabled by default. See u/[email protected] 's comment below!

---

Vanilla chromium gives google's websites special treatment by offering detailed CPU info, among other things. This is implemented through a hidden browser extension. You can prove this by yourself by running chrome.runtime.sendMessage("nkeimhogjdpnpccoofpliimaahmaaome", {method: "cpu.getInfo"}, (response) => {console.log(JSON.stringify(response, null, 2)); }, ); on google.com through the browser console. For me, it gives the following info:

{ "value": { "archName": "x86_64", "features": [ "mmx", "sse", "sse2", "sse3", "ssse3", "sse4_1", "sse4_2", "avx" ], "modelName": "Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz", "numOfProcessors": 4, "processors": [ { "usage": { "idle": 28238205, "kernel": 827581, "total": 32762960, "user": 3697174 } }, { "usage": { "idle": 1455131, "kernel": 743391, "total": 6209241, "user": 4010719 } }, { "usage": { "idle": 1448653, "kernel": 769970, "total": 6068506, "user": 3849883 } }, { "usage": { "idle": 1450274, "kernel": 744886, "total": 5948597, "user": 3753437 } } ], "temperatures": [] } }

Note that this doesn't work on other websites like lemmy.world, only google.

What I am confused about is that I can replicate this behavior in Brave. Why does brave reveal this information to google, and to google only? From what I understand, it can be used for fingerprinting and tracking. Shouldn't this be patched out? Is my testing methodology flawed? Will this be fixed?

Brave version: Version 1.67.123 Chromium: 126.0.6478.126 (Official Build) unknown (64-bit) running on linux via flatpak