Many people seem still unaware of just how bad Chrome Sync is for your privacy. By default, Chrome will sync all your data – including e.g. your passwords, bookmarks, browsing history and open tabs. And by default, Chrome will not encrypt any of this data. All of it will be accessible by Google, by anyone who subpoenas Google to turn up your data and whoever else managed to get access to these servers.
If you want this data encrypted before it is first uploaded, you need to click “Settings” instead of confirming sync, then expand “Encryption options” and set up a sync passphrase. The default option “Encrypt synced passwords with your Google Account” is essentially a disguised “We can access all your data but we promise not to look. Don’t you trust us?”
The only positive aspect here: Chrome Sync used to be a lot worse. It used to enable automatically when you signed into Chrome. It used to encrypt only passwords and none of the other data even if you set up a passphrase. It used to warn you when setting a passphrase because Google’s web services would no longer be able to access your passwords. It used to upload data without encryption first, only allowing to enable encryption after the fact. And its encryption used to be horribly broken. I wrote about that five years ago: https://palant.info/2018/03/13/can-chrome-sync-or-firefox-sync-be-trusted-with-sensitive-data/#chrome-sync
But even now, Chrome Sync requires you to take action in order to get privacy. Because Google knows that you won’t. Compare that to Firefox Sync which has always been encrypting all data by default. I criticized the implementation here as well, but that was really a minor issue compared to the mess which is Chrome Sync.
Edit: Removed link to a post claiming that Google is censoring synced bookmarks. This claim appears to be incorrect, the message there referring to a different Google service.
It shows how the Google Chrome user interface steers you away from the only sensible choice privacy-wise, namely setting a sync passphrase. This is by design of course. Google doesn’t want your sync data to be protected, they want to earn money with it.
So while Chrome Sync certainly improved in the past years, you are still the product, and the goal is extracting as much value from your data as possible.
@jlo Is it because of the company software policy that prevents you from installing Firefox on a company machine, or is it because of some incompatibilities?
@antekone A little of column A and a little of column B. I can install Firefox (since I have admin rights) but then I get some nasty messages from IT. And then some of our internal sites just don’t work. My complaints and grievances fall on deaf ears. Well except when they suggest was to use Edge instead and I just about threw my keyboard out the window.
@jlo@antekone We have the same shitty policies at the client I work for. Edge or Chrome, that's it. They claim it to be about "security" which isn't true. It's about them limiting everything to not have to deal with actual security.
They also block all extensions, so I can't add trusted security extensions.
As a result, I mostly only use work browser to access restricted internal services, and use a browser on my own laptop for anything else.
@WPalant I think there needs to be a re-framing of what information should be stored in these syncing services as well
With my Firefox Sync I restrict it to only sync my extensions, browser settings, and bookmarks. That's because if any of this information were to leak I wouldn't care
Storing things like passwords is just too personal, and there are better ways to do that anyways.
@WPalant I wonder if it would be possible to make a Chrome extension that uses Firefox Sync. Cross browser synchronisation FTW. (I currently use Xbrowsersync for bookmarks.)
@sysop I guess so. It’s some kind of “encryption key tied to your account.” And since you can view your synced passwords simply by accessing passwords.google.com, that key definitely isn’t being derived on the client side – it’s rather something known to the server.
@WPalant Just a basic rule. put as less as possible in the cloud. documents, pictures, passswords. important things not belong in the cloud. But sync sounmds horrible.
@deborahh Yes, it’s not turned on by default and you can turn it off. If you turn it off, you should remember switching off “Make searches and browsing better” option as well – setting up sync switches it on, and it results in your entire browsing history being transmitted to Google.
@WPalant many thanks. I avoid chrome but lately some cloud services ONLY work on chrome. Makes me mad, and I lodge complaints, but then we still need to do business together 🙁
I assume the complaints fall on deaf ears 😢
@WPalant This is also one of many reasons why chrome is best to avoid. Using a browser built by an adtech company and expecting it to act in your best interest is... perhaps not a great idea.
@WPalant But I also don't really trust any browser.
I'm posting this from my "social media" VM which is a dedicated Xen instance only used for a handful of social sites.
Then I have another for day to day browsing, another just for mail, another for messaging, another for online banking...
And access them from almost-airgapped (some outbound like SSH to trusted hosts allowed, but heavily restricted and no un-virtualized browsers allowed) endpoint machines.
@ungivishe@WPalant It's basically "Qubes on private cloud".
One VM for each security domain on a single hypervisor, but each domain is then remoted into from several different clients. Super nice to pull up some documentation at my desk then walk into the lab and instantly have the same browser window in there.
@WPalant For me the strange thing with all those programs is: if they are made so good, why nobody uses them? I used Opera, Firefox, Newspaper, Explorer, but why I was happy only with Chrome?
@jtb You seem to be correct. It would appear that the user I linked to is confused – the message refers to Google Saved, which is a service separate from Chrome Sync.
Add comment