Google has made a significant change to the way the Chrome browser works, a move the company did not advertise to its users that has a serious privacy impact.
According to several reports [ 1, 2, 3], ξεκινώντας από το Chrome 69, κάθε φορά που ένας χρήστης της applicationς επισκέπτεται μια ιστοσελίδα που ανήκει στην Google, το πρόγραμμα περιήγησης καταγράφει το Google ID του χρήστη στο σύστημα Sync του Chrome.
Το σύστημα Sync επιτρέπει στους χρήστες να συνδεθούν με τους λογαριασμούς τους στον Google Chrome να ανεβάσουν και να συγχρονίσουν (προαιρετικά ) τα δεδομένα των τοπικών προγραμμάτων περιήγησης (record, κωδικοί πρόσβασης, σελιδοδείκτες και άλλα) στους διακομιστές της Google.
Sync has been in Chrome for many years, but until now the system only worked if you were logged into a Google account. This allowed users to navigate to Internet while logged into a Google account (Gmail, YouTube), but not uploading Chrome browsing data to Google's servers, data apparently associated with their accounts.
With the latest revelations about the new auto-login mechanism, too many users are not at all happy with the insidious modification that allows Google to link each person's traffic to a particular browser and a device with higher precision.
This practice proved to be wrong, as Google technicians clarified in Twitter that particular mode automatic login does not start the process of synchronizing local data on Google servers, but requires a click from the user.
In addition, they also revealed that the reason this mechanism was added was for privacy reasons. Chrome technicians say the auto-login feature has been added to the browser because of shared browsers.
When one or more users use the same Chrome browser, the data from these users could be sent by mistake to another person's Google account
However, despite the logic behind this move, users are still unhappy because they no longer have the option of deciding when to log in to their browser and secondly why Google did not say anything about the new feature.
Google Chrome 69 was released on September 5, about two weeks ago, and no one knew what the program did in the background.
Matthew Green, a well-known encryption expert and professor at Johns Hopkins University, said in a paper on his blog that Google has redesigned the Sync account interface in such a way that it is no longer clear to users that they are logged in or what they need to push to start synchronization.
He calls this change "dark pattern", A term we have described in older publications.
In its current form, the Sync account interface is actually misleading and a user can accidentally click on all of his browser's data on Google.
Chrome 69 was a major release with many new features, such as a new user interface. Some claim that Google hid this change in the version of Chrome 69, hoping that no one would see it among all the features of the new version, and so it took more than two weeks for Google friends to detect the behavior.
However, the influence of a few hot Twitter posts has helped push things forward on Google's HQ and Chrome technicians have announced that Google will update Chrome's Privacy Policy to reflect the new Chrome mode.
Of course this policy update may satisfy some lawyers, but it doesn't address it theme. Google modified a Chrome feature without notifying users, and this modification can lead to serious privacy violations.
_________________________
- Copyright Directive in Europe: What does this mean?
- Firefox Quantum or Google Chrome what do you choose?