1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Chrome 69 logs you in whenever you visit a Google website whether you like it or not

By Cal Jeffrey · 13 replies
Sep 24, 2018
Post New Reply
  1. Chrome 69, released earlier this month, is a major overhaul of Google’s web browser. It offers a sleek new look and a host of new features including a revamped password manager and a “smart answer” tool.

    Another feature added to Chrome is automatic login. Whenever you log into a Google website like Gmail or YouTube, Chrome 69 will automatically sign you into the browser. At first glance, it seems an easy and quick way to utilize Chrome’s personalization features, but it is more intrusive than helpful according to security researchers.

    For one thing, it removes the ability for the user to choose whether or not he or she wants to log into the browser. Forcing users to browse logged in is bad form no matter how helpful the function is perceived to be, but security experts say that it goes beyond that and is a violation of your privacy.

    Professor of Cryptography Matthew Green at John Hopkins University says that the feature has completely turned him off of using Chrome, which he says he once loved.

    “For many years, Google offered an optional ‘sign in’ feature for Chrome, which presumably vacuumed up your browsing data and shipped it off to Google, but that was an option,” said Green in his blog. “[Now] Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you.”

    Green called the developers out on Twitter, but the company defended the move saying that it's more like a "FYI" notification than actually signing in. No, really, they did.

    Green notes that developers are saying that this auto login will not sync your data with Google servers — at least not yet. You still have to opt-in to the service for syncing to occur. However, Green takes issue with Google’s rationale for the feature.

    Devs are concerned about what happens when Chrome is signed into one account, but then a different user logs into a Google-based website to say, check his or her email on the same computer. Presumably, account A will end up syncing account B’s data. This concern is legitimate.

    However, Green notes that the precautionary measure only pertains to users who prefer logging into Chrome. It does not apply to those who would rather browse logged out. To put it another way, all users are being forced to sign into Chrome when they access Google sites because the devs cannot figure out a way to keep data from two accounts separate.

    Green is not alone in his misgivings. Cloudflare CTO John Graham-Cumming and Intel security expert Ryan Naraine voiced their concerns and said they would be switching browsers.

    “The Chrome guys get a lot right. This isn’t one of them,” Naraine said on Twitter.

    Attempting to keep user data separate on a shared computer is a valid concern. It is Google's approach to the problem that failed. Not giving the user a choice in the matter is the wrong way to go regardless of whether or not data collection is occurring.

    Permalink to story.

  2. jobeard

    jobeard TS Ambassador Posts: 12,795   +1,510

    Also keeping multiple Email address and inbox's separate is an absolute requirement.

    Psst: even as JoeDoe, I have five accounts!
    wiyosaya likes this.
  3. Evernessince

    Evernessince TS Evangelist Posts: 3,902   +3,346

    Agreed. I'm going to be moving a good chunk of my email traffic off gmail soon as it seems they are going to be forcing the new UI onto everyone within a week. This will be my 4rth email account that I use in rotation.
  4. jobeard

    jobeard TS Ambassador Posts: 12,795   +1,510

    Try Mozilla Thunderbird -- handles multiple accounts and email servers well. Has feature to sync calendars too :)
    Theinsanegamer and Knot Schure like this.
  5. wiyosaya

    wiyosaya TS Evangelist Posts: 3,825   +2,174

    For those that need it, there is even a free Outlook plugin that let you send and receive e-mail using an Outlook account.
  6. Making Brave's market for them, just like Mozilla did.
  7. amghwk

    amghwk TS Guru Posts: 503   +307

    How about deleting all passwords, clearing cache and all logins, and then not login at all, or use private window to login when needed?
  8. Theinsanegamer

    Theinsanegamer TS Evangelist Posts: 1,527   +1,737

    I dont want to be forced to sign into ANYTHING. I already didnt trust google with much, but this is taking it yet another step too far.

    Cmon firefox, get your act together so I can switch already.
  9. Theinsanegamer

    Theinsanegamer TS Evangelist Posts: 1,527   +1,737

    Are they REALLY going to do that?

    I'm gonna have to migrate everything off of gmail now. that new interface is absolutely horrible.
  10. JB3543

    JB3543 TS Member Posts: 27   +33

    I avoid all the Google/Chrome spying BS by simply using Firefox.
  11. Evernessince

    Evernessince TS Evangelist Posts: 3,902   +3,346

  12. Badvok

    Badvok TS Maniac Posts: 292   +147

    So these so called 'Security Experts' are amazed that the Google browser detects when you log into Google and integrates the fact that you have logged in? And then Google has the audacity to ask if you want to sync your browser settings across other instances of the Google browser where you have also logged into Google rather than just automatically doing it for you?
  13. tipstir

    tipstir TS Ambassador Posts: 2,842   +193

    Chrome 64-bit is my main browser with the right extensions it's very protective. I sure Google keeps track of ever place I visit. For a secondary browser to Chrome would be SRWave Iron is built for speed and performance yet it is. But when you update to the next version it can wipe all your prior settings out. I still use it because I can't do everything on Chrome plus if the GF wants to check her emails and etc. I don't want to open her stuff on my Chrome. SRWave Iron suits my needs this way. I do also have PaleMoon 64-bit that uses FireFox Engine. MS Windows 10 Edge still feels like it needs something it's okay I don't use Bing as my search engine MS needs to have it more friendlier. Still feels like IE v2 to me. Netscape was the bomb back in the day.
  14. Impudicus

    Impudicus TS Addict Posts: 117   +74

    I've very recently opted out of google chrome.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...