It's the reason why I can search for "prefecture Melun" on my laptop, then jump in the car, open up maps on my phone, Start typing "1" and watch it suggest "12 rue de Gambas, Melun 77320", which happens to be the address of the Melun prefecture.
That sort of thing happens for me every day, and i think it's kinda cool. Google knows this stuff about my life and will suggest it at useful times. If I open maps on the day I have a flight, ferry, or hotel reservation, it'll just assume I want to navigate there (because it read one of my emails) and suggest it for me.
So yeah, I guess I should be outraged and worry that they'll start targeting me for ads or ratting me out to the NSA or something. But thus far they haven't.
It's just that they can offer all this cool stuff if they connect your devices. And in 2018 that involves using a database. Personally, that does not concern me all that much.
Is there a way you could prevent this? Yes, if you care about privacy and not let someone build that database in the first place.
It's not only/always the NSA that we need to worry about.. You can already see this in some sense. A flight ticket could cost more if you look for it using a Mac instead of a PC. The road to creepy data mess is not that far.
Yes, regulations on insurance pricing factors and on use of personal data.
If you want the lower rate, you let them track you with the app. If you don't, you call up Geico or whatever and let them decide based on your age and zip code.
Chrome Sync has nothing to do with this.
It's a lot easier to maintain web servers if they are only using the http protocol and not https. Does that mean I should not enable https? Same thing with letting Google start to categorize and selling your profile to organizations. It might be nice now, but in 5-10 years what will the landscape look like?
It's ultimately your choice to determine how much of your information you are willing to give up for the sake of convenience but you should think a little more about what the future could look like and start putting in some safeguards to protect yourself in the future.
I think that's a totally different issue and I think it's harmful to this discussion to bring such an issue in.
The case of http vs https is not one of user security vs user convenience; it's user security vs sysadmin convenience.
There's a different tradeoff with giving user's more security which is less convenient for you to maintain, and you typically should do this (this is stuff like https, supporting 2fa, etc).
The better comparison is sharing data with third parties to provide users conveniences. This is a comparison between user's data security and user's convenience. That's the tradeoff being discussed.
Bringing in unrelated things like http vs https will only serve to muddy the waters and damage your point.
I think in a post-Snowden world that is a pretty bold assumption.
No one had a problem with Facebook collecting tons of meta data, until one day, it mattered. One more link in the chain that ties users down, everyone is complacent while slowly becoming a product.
Many privacy-conscious people make all the same tradeoffs that everyone else does; like you, they've decided that what they're giving up is worth what they're getting in return. The problem with this change is that for many people there is no benefit and they were not asked, so they feel they are having something forcefully taken away from them without getting anything in return.
If the experience is "so nice" why are so many people outraged? The data suggests this is a terrible experience to look up and suddenly see you've been auto-logged into a browser without your consent. Terrible UX.
Whenever you think that many people are outraged and someone else claims that it's not the case, the logical conclusion is that you or both of you are in bubbles.
Is it possible that you, a hacker news poster, are in a bubble whereby you've heard the opinion of tech-savy people, but not the opinion of the average mom who doesn't even realize the auto-login is the reason her android phone is now suggesting browser history from her desktop?
“Arguing that you don't care about the right to privacy because you have nothing to hide is no different from saying you don't care about free speech because you have nothing to say. – Edward Snowden”
Maybe I'm foolish, but I have this hope that a shift from the "make money off of mining your data" business model to something else, perhaps like crypto/tokens enable, might just enable the convenience you speak of, without forcing me to sell my information because everyone else didn't care to value their data.
Being able, in three clicks, to re-open on my computer a tab I closed on my phone a couple hours ago.
For me that's it.
No problems in Chrome whatsoever. It's the only thing I'm using Chrome for these days and I can't help shake the same ugly feeling than when I was forced using Internet Explorer for government websites purely because of their ActiveX plugins back in the days.
I mean, if you're okay with Pocket showing you ads in your home page, your browsing data being sent to Cliqz, addons that publicise the "Mr Robot" TV show being installed without your consent, Mozilla pages that use Google Analytics scripts that cannot be blocked, then Firefox is a solid choice.
Life is too short to put up with such nonsense. There are better alternatives [1] available.
P.S.: When you uninstall Chrome on certain platforms, it’ll open your default browser and direct you to a feedback page. Be honest and tell them why, and that you wouldn’t recommend it to anyone.
Please tell your particularly non technical friends and relatives to avoid Google like plague if they care about privacy. Show them how - give a link to Firefox, Privacy badger.
A relative of mine who paid $7/month for a VPN service because he cared about his privacy from ISP, but was using Google Chrome and Gmail for sensitive personal Email. Fewer people from the non-engineering world know/understand what we assume is common sense. When you get a chance please don't hesitate to tell people of better choices.
For anyone that has never had a conversation like this, you really have to be careful with this and pick your battles wisely. Some people are so non-technical, that they will not understand what you are explaining to them, or why you are even bothering them. You will be perceived as a tinfoil hat wearing conspiracy theorist. Some people will understand what you are explaining and might even understand your stance, but ultimately will still continue in their ways because it's so much easier and convenient.
What ever you do, don't be judgemental about their decision. You will only make them less interested. Start slowly. It can be overwhelming how fubar'd the web experience has become.
I disagree. Firefox uses the exact same URL filtering system [0] used by Chrome to block access to potentially harmful malware-ridden sites. Add some solid extensions like uBlock/uMatrix and Privacy Badger to that, you get a browser that's as secure, if not more, than Google's bloated browser.
Note that Hangouts does not work in Firefox. However, it works in Safari.
If I wasn't a web developer, and needed to use Chrome for testing, I'd have uninstalled that creepy quasi-spyware long ago.
In which case, why not Firefox?
I wondered why that problem didn't happen with FF (which I switched to).
It does save some state even when you erase all your history. You can log into GMail, then go to your history and click to erase all history, after which the history settings page will scroll down (to hide the fact you're still logged into this sync thing?), and then when you go to GMail you're logged in again, effectively making Google bypass you clearing your cookies.
While I'd also like to think this, the reality is that any number of users they've lost would be negligible at best.
Put:
{
"SyncDisabled": true,
"RestrictSigninToPattern": ".*@example.com"
}
and place in the following location:
Chrome: /etc/opt/chrome/policies/managed/disable_sync.json
Chromium: /etc/chromium-browser/policies/managed/disable_sync.json
Chromium kept signing me into my Google account.
EDIT: to be clear you can configure the setting, but it's not respected anymore.
Former Chrome engineer confirming my report here: https://twitter.com/ericlaw/status/1043861647247515649.
Thank you for doing this.
About a year ago I installed the chromium package provided by Debian and went to install my favorite set of extensions and kept getting a weird error about not being allowed to install them. Turns out that the Debian package maintainer had decided to build Chromium with a patch that disabled installing extensions unless you pass in a flag on the command line to chromium to re-enable the feature. I found this out not because it was properly documented but instead from a bug report on the Debian bug tracker.
Of course, FireFox on Debian hasn't been similarly modified to disallow installing extensions from AMO.
Firefox on Android properly signs me out.
One more reason why I don't use Android as my primary phone. I just don't trust Google.
I never noticed it but it seems it's not being used when using incognito mode (I only browse in private mode, either Chrome or Firefox) so I wasn't aware such a thing is happening in the normal browser mode...
No, it does not.
Why would you? Brokering data in a borderline illegal or immoral way is their business model.
Don't download the default installer. Instead scroll to the build that says "No Sync".
Chromium of course is the Google sponsored open source project that Chrome is based on. It has the dev tools of Chrome which I prefer to those of Firefox.
(Just noticed this today.)
https://support.google.com/analytics/answer/7532985?hl=en&ut...