New Microsoft Edge browser fires off more than 130 requests to almost 50 endpoints on first run

clock • 3 min read

Facebook, Google, Twitter, Reddit and multiple Microsoft addresses all pinged when Edge is started-up for the first time

Microsoft's new Chromium-based Edge web browser fires off more than 130 requests to almost 50 endpoints when it is first run.

That's according to former Microsoft engineer, Jonathan Sampson, who has examined six of the best-known web browsers and the communications they make in the background when web users first start using them.

Most of the requests appear to be made to Microsoft properties, encompassing Windows, LinkedIn, Bing, Skype, MSN, Visual Studio, and Smartscreen. The data sent to the address ‘activity.windows.com' also includes the email address used on logging-on to Windows 10.

The Windows.com entry, Sampson notes, retrieves information from Windows Activity History. This, according to Microsoft "helps keep track of the things you do on your device, such as the apps and services you use, the files you open and the websites you browse.

"Your activity history is stored locally on your device and, if you've signed-in to your device with a Microsoft account and given your permission, Windows sends your activity history to Microsoft. Microsoft uses the activity history data to provide you with personalised experiences… and relevant suggestions."

In terms of potential data collection and tracking related to online adverts, scripts are loaded from Facebook, Reddit, Google and other properties, Sampson continues.

A closer look reveals that Opera is sending extra bits too, including my native resolution, browser window size, and a lot more

"This Insider tab also sends data about my device and such to the Double Click servers (Google). There are numerous redirects when Edge calls out to http://px.ads.linkedin.com. All of them set cookies. The last one looks like it assigned a universal ID," writes Sampson, who described his review as "exhausting".

That total of 130 requests made by Edge compares to 26 for Firefox, 32 for Google Chrome, 23 made by Brave, and 31 by Vivaldi. Only Opera approaches Microsoft Edge for the number of calls it makes, including 19 calls just to Yandex.ru, the Russian search giant, as well as Amazon, Google, and Walmart.

"Back to Yandex though. Opera not only pings them, but informs them that I am setting up a new profile with Opera (via the referer header and query string). This header also goes to Facebook, Google, and Hotjar. All of these now know that I am a fresh Opera user," continues Sampson.

He also notes that Opera transmits data often used to ‘fingerprint' PCs to create unique profiles of web users.

"A closer look reveals that Opera is sending extra bits too, including my native resolution, browser window size, and a lot more. Unfortunately, it isn't clear what the other bits are representing. One parameter is called "gdpr" with a value of 14."

You may also like
Google Chrome can now make its own decisions on your safety

Internet

The browser's newest version can act by itself to snip out unwanted permissions

clock 13 September 2024 • 1 min read
Microsoft Patch Tuesday: Four zero day bugs squashed

Threats and Risks

In a total of 79 vulnerabilities patched in September

clock 11 September 2024 • 2 min read
Microsoft partners with StopNCII to scrub revenge porn from Bing

Privacy

But deepfakes remain a challenge

clock 09 September 2024 • 2 min read
Most read
01

Fortinet confirms data breach

16 September 2024 • 2 min read
03

Ransomware targets London branch of China's ICBC

13 September 2024 • 2 min read
04
05

IT Essentials: Closing the open source tap

16 September 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Software

Ripe for change: How tech is disrupting insurance

Ripe for change: How tech is disrupting insurance

AI is 'raising the bar and raising the game'

Tom Allen
clock 13 August 2024 • 4 min read
The social engineering of the self: How AI chatbots manipulate our thinking

The social engineering of the self: How AI chatbots manipulate our thinking

We need structured public feedback to better understand the risks, says red teamer Rumman Chowdhury

John Leonard
clock 27 October 2023 • 4 min read
AI doesn't care what you think

AI doesn't care what you think

Want to understand hallucinations? Look at your family

Professor Peter Cochrane
clock 26 October 2023 • 3 min read