Google Chrome 86 is providing HTTP cache partition to prevent cache attacks. Google Chrome 86 provides users with a new cache partition mechanism to protect privacy. Google has been experimenting with cache partitioning since the launch of Chrome 77 and widely implemented in this version.
Cache partitioning is to prevent documents from one data source from being able to know whether a resource for another source has been buffered. This is achieved by separating the HTTP or shared cache. Separating the HTTP cache for each profile allows Chrome to prevent sub-channel attacks. Sub-channel attacks occur when one website detects a resource in the cache of another, and these attacks put the privacy of Chrome users at risk.
Specifically, an attacker could access the browser cache, which could then track a user’s browsing activities. Cache attacks can also lead to a search attack on multiple websites. In such attacks, hackers can exploit certain popular websites and then load a specific image when the search results are blank. This way, it will be possible to detect whether an arbitrary string is present in the user’s search results.
By limiting the use of cache, Google hopes to reduce resources from the cache. Initial test results show a 4% decrease in cache access rates.