logoalt Hacker News

naturalmovementtoday at 12:32 AM0 repliesview on HN

I always assumed Chrome and Edge already did this — but sent the data to their respective masters.

Isn't every Chrome download unique?

It used to be even though the package contained an Authenticode signature, each installer stub download had a unique hash, because Windows' digital signatures allow a non-executable data area in the trailer which is not computed as part of the signed data.

There is zero technical reason to do this (generating unique binaries) aside from tracking purposes.