Tuesday, September 25th 2018
Chrome 69 Adds Forced Login, Threatens Privacy: How to Fix it
There was a time when Chrome users could be safe and think that what they did in Google Services (Gmail, YouTube, Maps, etc) was separated from their actions in the browser. One thing wasn't necessarily tied to the other, but now things have changed - and without any public disclosure from Google.
Starting with the recently published Chrome 69, if you use this version of Chrome and log into any Google service or site, you will be automatically and magically logged into Chrome with that user account. A systems architect called Bálint disclosed a problem that changes Chrome behavior in a way that could potentially harm user's privacy.
Before Chrome 69, the sign-in into the browser was optional, and it allowed you to have your cookies, history or bookmarks across all the devices on which you used Chrome. It was convenient for many people, but the user had to actually enable it with two steps: logging into Chrome, and then enabling Google Sync in the second place. Even if you were logged into Gmail, you could be using Chrome without being logged at all in the browser (or logged into it with a different user's account, for that matter).
That was the problem according to Google engineers, who have claimed the change in Chrome 69 is due to "consistency" problems. Adrienne Porter Felt, engineer & manager in Google Chrome, tweeted about this and explained that her team made this change "to prevent surprises in a shared device scenario. In the past, people would sometimes sign out of the content area and think that meant they were no longer signed into Chrome, which could cause problems on a shared device".
The change has made a lot of people angry, though. As Bálint pointed out on his analysis, the problem lies with doing things right, and taking away that option from the user has ignited the debate on privacy. Even with Google's best intentions, the change has been seen as the latest threat on a long list of threats Google has made to their user's privacy.
Matthew Green, a cryptographer and professor at Johns Hopkins University, was even more critical about the problem when he wrote "Why I'm done with Chrome". He questioned Google rationale "for why this change was necessary", and criticized the "enormous implications for user privacy and trust" this change has.
Google engineers insist: Sync doesn't automatically turn on with the auto login, so for them the privacy problem is not that big. The problem according to Green is that user consent matters, and for many critics of the change, this is the real threat for a decision that was made to take away user consent and potentially help Google to collect more and more data.
In fact, there's even more to the story: the CTO and co-founder of ContentPass, Christoph Tavan, discovered how when the user makes Chrome clear all cookies, the browser deletes all... except from Google cookies.
Fortunately, users can disable this forced login policy. To do so, you must use Google Chrome flags and change one of the parameters to avoid problems.
The steps are the following:
1. Go to "chrome://flags/#account-consistency"
2. That will show the flag 'Identity consistency between browser and cookie jar' select "Disabled" from the drop-down menu
3. Click on "Relaunch now"
After that, you will be able to keep the old Chrome behavior, and logging into Google services and sites won't log you into Chrome.
Update (09/26/18): Google has announced a series of changes in Chrome 70 to address these issues. A blog post by one of Chrome product managers explains how the next version of Chrome will introduce controls to disable Chrome sign-in, for example. The "Delete All Cookies" option will take care of Google auth cookies too in order to remove then. Finally, they will update their UI to "better communicate a user's sync state".
Source:
Bálint's extended musings
Starting with the recently published Chrome 69, if you use this version of Chrome and log into any Google service or site, you will be automatically and magically logged into Chrome with that user account. A systems architect called Bálint disclosed a problem that changes Chrome behavior in a way that could potentially harm user's privacy.
That was the problem according to Google engineers, who have claimed the change in Chrome 69 is due to "consistency" problems. Adrienne Porter Felt, engineer & manager in Google Chrome, tweeted about this and explained that her team made this change "to prevent surprises in a shared device scenario. In the past, people would sometimes sign out of the content area and think that meant they were no longer signed into Chrome, which could cause problems on a shared device".
The change has made a lot of people angry, though. As Bálint pointed out on his analysis, the problem lies with doing things right, and taking away that option from the user has ignited the debate on privacy. Even with Google's best intentions, the change has been seen as the latest threat on a long list of threats Google has made to their user's privacy.
Matthew Green, a cryptographer and professor at Johns Hopkins University, was even more critical about the problem when he wrote "Why I'm done with Chrome". He questioned Google rationale "for why this change was necessary", and criticized the "enormous implications for user privacy and trust" this change has.
Google engineers insist: Sync doesn't automatically turn on with the auto login, so for them the privacy problem is not that big. The problem according to Green is that user consent matters, and for many critics of the change, this is the real threat for a decision that was made to take away user consent and potentially help Google to collect more and more data.
Fortunately, users can disable this forced login policy. To do so, you must use Google Chrome flags and change one of the parameters to avoid problems.
1. Go to "chrome://flags/#account-consistency"
2. That will show the flag 'Identity consistency between browser and cookie jar' select "Disabled" from the drop-down menu
3. Click on "Relaunch now"
After that, you will be able to keep the old Chrome behavior, and logging into Google services and sites won't log you into Chrome.
Update (09/26/18): Google has announced a series of changes in Chrome 70 to address these issues. A blog post by one of Chrome product managers explains how the next version of Chrome will introduce controls to disable Chrome sign-in, for example. The "Delete All Cookies" option will take care of Google auth cookies too in order to remove then. Finally, they will update their UI to "better communicate a user's sync state".
46 Comments on Chrome 69 Adds Forced Login, Threatens Privacy: How to Fix it
plato.stanford.edu/entries/privacy/
Have fun. You might learn a thing or two about life. Its not even a discussion really, just get educated.
The very excellent Iron which also has a portable version;
www.srware.net/en/software_srware_iron_download.php
Or Comodo's Dragon;
www.comodo.com/home/browsers-toolbars/internet-products.php?track=8992&af=7639
So, according to your thinking here, I must be lumped into the "People ARE hackers, terrorists and pedophiles who care about privacy" category. ( i will refrain from flaming now...)The top of the list for privacy browsers is the Tor Project.
There is also Epic Browser, I am not sure what its based on.
ignorance is bliss eh? obviously you are totally clueless how to protect your privacy and reduce your foot print. But hey, I'm sure no one ever accused you of being intelligent.
However, TOR is a good privacy/security focused browser. It requires a user to follow a specific methodology which limits some functionality. Then there's the problem of site and whole countries actively blocking the entire TOR network. This ultimately makes a "standard" browser far more a viable choice.Or don't use them outside of work. Other than convenience, there is little reason to login to a browser just to use it. This is an invasion of privacy that goes too far.
Only one of those may be true... I'll give you a kudos if you can guess which one.
Privacy isn't magical if you understand it. Please, step aside. People with some understanding of the tech are talking.Care to PM me your bank info?
Oh, I thought you had nothing to hide?
I am none of the above and would appreciate if you'd stop with the slander.
EDIT:The change discussed here is mostly relevant for people using shared computers (e.g., parents and children sharing one single computer) or for those that do not like Chrome saving certain information. I think that's a legitimate worry.
By the way, welcome to the forums. Should we give you a badge for nearly calling us all criminals from day one? Or for calling us "miserable and worthless works" (I bet you wanted to type worms)?