Why You Should Stop Using Google Chrome After Shock Update

MrGuvernment

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
21,793
https://www.forbes.com/sites/zakdof...ne-android-mac-and-pc-after-privacy-backlash/

But until this week, Google has been telling us that it’s fixing the problem, delivering its self-styled privacy first web. “Chrome [has] announced its intent to remove support for third-party cookies” by early 2022, the company assured us in March. “We’re making explicit, that once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web.”

But now it’s all change. Whether by accident or design, Google confirmed its surprise delay to this removal of tracking cookies in among the news of iOS 15 and Windows 11. The likely new timeframe to “phase out third-party cookies [is] a three month period, starting in mid-2023 and ending in late 2023.”


Google and the ad industry “will continue to track and profile users via cookies until at least 2023,” Brave responded, “and probably indefinitely via login-based Google account tracking in Chrome. But online privacy is a swelling wave. Google is already under water and appears to be in desperate need of major reforms well before 2023.”

Meeting the needs of the advertising industry, while preserving the privacy of 2.6 billion users, is starting to look like an impossible puzzle for Google to solve. “It’s as though Google has defined two sides,” researchers Tommy Mysk and Talal Haj Bakry told me. “User privacy and advertisers. So far Google has sided with advertisers.”
Click to expand...
 
I use Firefox but there's so many web browser alternatives that if Google does fuck up then switching isn't a problem. Chromium is an alternative for those using Chrome. It's Chrome without the Google crap.
 
Forbes is being hyperbolic, as it often is. Chrome didn't suddenly get worse. If you were fine with it before, nothing's going to change; if you objected to Chrome over privacy concerns, you probably weren't using it anyway. That doesn't make the delay perfectly acceptable, but this is not the make-or-break moment where you toss Google's browser once and for all.
 
Beware ....

3.jpg
 
Last edited:
MrGuvernment said:
FYI it collects as much data as Chrome does.
Click to expand...
Not even close and I have the traffic logs of some 1100 daily users to back that up, Chrome transmits orders of magnitude more metrics than the new Edge does to the point where they are not even comparable, and the metrics that are sent back by Edge aren't all tracking data they are mostly debugging logs because that browser has minor errors on just about every other page it does load. Tracking done via websites add-ons and cookies are the same across all browsers and platforms unless you have your settings in place to not interact with those, but then really those sites don't load correctly often at all. If you are signed in to a Google account in Edge, then it does start sending more data back but again that data is directed to Google's servers, not Microsoft's so in this case I don't count that against Microsoft. If you have signed into Facebook on either browser in the last 48h prepare to see your uploaded metrics explode as FB proceeds to collect a metric shit tonne of data regardless of the browser used.

I don't have any users that I know of using Brave on a daily basis so I don't have any means of tracking any upload metrics from that browser and if I were to install it on my machine sure I could then track that against my own previous logs but I have much of the traffic blocked at a system level with my FW settings there, so any data I do collect from my own usage on my outgoing LAN would be horribly skewed and not realistic.

Edit:
I should mention that the fact that signing into a google account in edge starts transmitting more data must mean that Microsoft has the ability to collect that same data but at this stage does not, that could change in the future but as Microsoft doesn't do nearly as much advertising as Google does I don't think it would be in their interests at this time as they don't have a market for that data.
 
What does tracking, that's been going on forever, have to do with some future update to Chrome?

If people are concerned about 3rd party cookies, just go into Chrome options and check the box "Block 3rd party cookies".

Waste of time article by yet another Forbes armchair expert idiot. Note: Forbes lets anyone "contribute"..
 
Lakados said:
Not even close and I have the traffic logs of some 1100 daily users to back that up, Chrome transmits orders of magnitude more metrics than the new Edge does to the point where they are not even comparable, and the metrics that are sent back by Edge aren't all tracking data they are mostly debugging logs because that browser has minor errors on just about every other page it does load. Tracking done via websites add-ons and cookies are the same across all browsers and platforms unless you have your settings in place to not interact with those, but then really those sites don't load correctly often at all. If you are signed in to a Google account in Edge, then it does start sending more data back but again that data is directed to Google's servers, not Microsoft's so in this case I don't count that against Microsoft. If you have signed into Facebook on either browser in the last 48h prepare to see your uploaded metrics explode as FB proceeds to collect a metric shit tonne of data regardless of the browser used.

I don't have any users that I know of using Brave on a daily basis so I don't have any means of tracking any upload metrics from that browser and if I were to install it on my machine sure I could then track that against my own previous logs but I have much of the traffic blocked at a system level with my FW settings there, so any data I do collect from my own usage on my outgoing LAN would be horribly skewed and not realistic.

Edit:
I should mention that the fact that signing into a google account in edge starts transmitting more data must mean that Microsoft has the ability to collect that same data but at this stage does not, that could change in the future but as Microsoft doesn't do nearly as much advertising as Google does I don't think it would be in their interests at this time as they don't have a market for that data.
Click to expand...
I want to see this, it's interesting. Lets see the logs of 1100 daily users running Chromium as supplied by Google vs 1100 daily users running Chromium as supplied by MS. It's probably necessecary you highlight everything so it's really clear, with evidence of each browser used in each instance. If you haven't done so already.

Personally, I believe it's spying based on search engine that's the problem here, not really the browser phoning home - But your detailed logs would be interesting to see nonetheless.
 
Lakados
https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf
recent research analyzed 6 browsers (Google Chrome, Mozilla Firefox, Apple Safari, Brave Browser, Microsoft Edge and Yandex Browser) by tracking the information they send it to its servers. The conclusion is as below.

Brave with its default settings we did not find any use of identifiers allowing tracking of IP address over time, and no sharing of the details of web pages visited with backend servers.

Chrome, Firefox and Safari all share details of web pages visited with backend servers. For all three this happens via the search autocomplete feature, which sends web addresses to backend servers in realtime as they are typed.

Firefox includes identifiers in its telemetry transmissions that can potentially be used to link these over time. Telemetry can be disabled, but again is silently enabled by default. Firefox also maintains an open websocket for push notifications that is linked to a unique identifier and so potentially can also be used for tracking and which cannot be easily disabled.

Safari defaults to a poor choice of start page that leaks information to multiple third parties and allows them to set cookies without any user consent. Safari otherwise made no extraneous network connections and transmitted no persistent identifiers, but allied iCloud processes did make connections containing identifiers.

From a privacy perspective Microsoft Edge and Yandex are qualitatively different from the other browsers studied. Both send persistent identifiers than can be used to link requests (and associated IP address/location) to back end servers. Edge also sends the hardware UUID of the device to Microsoft and Yandex similarly transmits a hashed hardware identifier to back end servers. As far as we can tell this behaviour cannot be disabled by users. In addition to the search autocomplete functionality that shares details of web pages visited, both transmit web page information to servers that appear unrelated to search autocomplete.
Click to expand...

And
https://arstechnica.com/information...cy-settings-the-lowest-of-all-major-browsers/
 
Mazzspeed said:
I want to see this, it's interesting. Lets see the logs of 1100 daily users running Chromium as supplied by Google vs 1100 daily users running Chromium as supplied by MS. It's probably necessecary you highlight everything so it's really clear, with evidence of each browser used in each instance. If you haven't done so already.

Personally, I believe it's spying based on search engine that's the problem here, not really the browser phoning home - But your detailed logs would be interesting to see nonetheless.
Click to expand...
They are pretty interesting, I can’t upload the logs a days worth is a 2GB text file but I can tell you that Google Chrome will report back very regularly via UDP on port 443

but here’s a screenshot of one user on Chrome over the span of a few seconds. Edge doesn’t do this. Not to that degree at least it’s one every few minutes and MS states that that traffic being recorded is for troubleshooting. Google on the other hand seems to record just about every click.

Edit:
I should note I have an ongoing project with many other districts and Palo Alto to identify at a packet level what is and isn’t tracking telemetry so we can just create a rule that simply denies outgoing telemetry data.
 

Attachments

  • 63A35B4B-9225-4CBF-8C16-7CEE924E4B21.jpeg
    63A35B4B-9225-4CBF-8C16-7CEE924E4B21.jpeg
    558.8 KB · Views: 0
Last edited:
I do love seeing in firewall logs the URL's and address things try to reach out to, especially when the URL's seem more like botnet control server names than actual company domains related to the product that is trying to reach out...
 
The point of Google ending 3rd party cookies is so it can all be Google tracking. The backlash is for Chrome blocking the other companies tracking of you while Google keeps doing it.
 
MrGuvernment said:
I do love seeing in firewall logs the URL's and address things try to reach out to, especially when the URL's seem more like botnet control server names than actual company domains related to the product that is trying to reach out...
Click to expand...
Yeah Palo Alto gives a crapload of data on what’s there and those little green arrows indicate that it captured a packet for later analysis. If I scroll over there are another 3 pages worth of columns of different info bits like what encryption algorithms it’s using what packet types, source and destination ports, and info on the ack/nak and blah blah blah. The big one though is it will identify the application the packet originated from or is destined too so, so I can say for example I want to allow Facebook chat but I want to deny Facebook video or I can allow Blizzard chat and update services but block wow, hearthstone, and Overwatch.
 
If anything what's happening here might be a good thing. Google's delaying - if not using the delay as grounds to eventually cancel - their charlie-FLoCtrot which - by concentrating all tracking into Google's hands, and presumably doing it somewhere that all our malware blockers (ublock, privacy badger, noscript, etc) can't disable it - would make the situation even worse.
 
If you want privacy...

Duckduckgo (or alternative search) and Brave browser (or alterative chromimum based that has removed the built in trash)
 
Lakados said:
They are pretty interesting, I can’t upload the logs a days worth is a 2GB text file but I can tell you that Google Chrome will report back very regularly via UDP on port 443

but here’s a screenshot of one user on Chrome over the span of a few seconds. Edge doesn’t do this. Not to that degree at least it’s one every few minutes and MS states that that traffic being recorded is for troubleshooting. Google on the other hand seems to record just about every click.

Edit:
I should note I have an ongoing project with many other districts and Palo Alto to identify at a packet level what is and isn’t tracking telemetry so we can just create a rule that simply denies outgoing telemetry data.
Click to expand...
Likely all of those entries are "Retries". What would that log look like for that same time span if the rule was set to "allow" ?

All I am saying is that the volume is likely misrepresented since it is in a deny state due to retries.
 
GoodBoy said:
Likely all of those entries are "Retries". What would that log look like for that same time span if the rule was set to "allow" ?

All I am saying is that the volume is likely misrepresented since it is in a deny state due to retries.
Click to expand...
I’m curious now so when I get to the site I’m working from I’lol load up Chrome and do my daily stuff there and just grant my laptop explicit permissions for it.
 
I've been slowly switching every site over to Brave for the last two months. Sick of Google invasive garbage.
 
I always disable third party cookies support in my browser. only ever had issues with office 365 weblogin. its time to get rid of third party cookies
 
You must log in or register to reply here.
Back
Top