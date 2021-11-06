



Billions of Google Chrome users are exposed to a whole new warning as they expose their browsers to collect highly sensitive phone data without their knowledge. This latest privacy nightmare should give you a reason to remove Chrome on your phone.

Last month, the Facebook app was launched, tracking the movements of iPhone users and constantly using the device’s accelerometer. Facebook is the most greedy data harvester in the world and can use this sensitive information to monitor its behavior and link it to the vast amount of data it collects.

FORBES Advanced Security Researcher Finds Facebook App to Track iPhone Movement

But Facebook is not the most successful data harvester in the world. The award is given to Google. Unlike Facebook, which was hit hard by Apple’s latest privacy measures, Google’s digital advertising revenue continues to skyrocket. In reality, Facebook / Meta acts as a lightning rod, but Google is a much bigger threat to your privacy.

Chrome is pleased to collect this information for others while Facebook collects this information on its own. Basically, all very sensitive information about every activity and every action is available for free.

Researcher Tommy Mysk warns that motion sensors can access all Android / Chrome websites by default. [whereas] Safari / iOS protects access by permissions. But what’s worse, Chrome does this even if it’s set to private browsing mode or secret mode. Why is this all right?

The way Android handles accelerometers is much worse [than Facebook], Misuku told me. The app can also read it in the background. My team has implemented a pedometer feature in the app. The app counts steps even if the app isn’t running at all. The logic was a background service that was always running.

In response to a security survey, Google said, “We have deliberately limited the resolution of Chrome’s motion sensor to allow users to completely block users from accessing the device’s motion sensor from websites after 2019. Introduced. We value user security and privacy, and we’ve always been working on new ways to improve Chrome’s security and privacy.

However, this is the data that Chrome makes available on all sites that it requires by default. Apple has improved security and privacy by blocking that data and requiring specific timeboxed permissions whenever requested. That’s how it’s done, Google.

I have previously warned of Chrome’s terrible privacy risks. Simply put, with Chrome, Google works on both sides of the fence when it comes to browsing. It provides a background search and digital advertising infrastructure while controlling the front-end browser you are using. Basically, it collects data at both ends.

This issue is exacerbated by Google’s philosophy when it comes to your privacy put. That is, your product should be monetized to promote its immense level of profitability. You can track your behavior across multiple platforms and services and use that information to drive the world’s most valuable and influential platforms.

FLoC’s recent backtrack, which admitted that Google accidentally allowed millions of users to be tracked secretly, tells you everything you need to know. Next, allow you to report in-progress mixed messages about private browsing and, by default, the user’s inactivity. Google Chrome is bad news in terms of privacy. period.

Google has professed its intention to understand how to place ads in a way that protects privacy, Mozilla recently told me, but those features track people and enable new ad use cases. Meanwhile, those plans continue to lag.

FORBES Details Google’s latest Chrome tracking nightmare is divided into two parts Bull

Apples Webkit, which limits the behavior of other browsers running on Safari and iPhone, introduced certain permissions for accelerometer access in Safari 13 in 2019. An investigation was then conducted to reveal the exact same abuse of such unauthorized access by mobile websites, which Chrome on Android continues to allow. ..

The researchers found that mobile websites use device sensors for purposes other than those intended by the W3C standards body. We found that the majority of third-party scripts access sensor data to measure ad interaction, see ad impressions, and track devices. Our analysis revealed several scripts sending raw sensor data to a remote server.

Apple Safari requires specific permissions to access motion

Apple iOS / Safari

According to Mysk, the investigation now protects Safari on iOS … I don’t know why Google didn’t apply similar measures. Given the studies that refer to ad serving and measurement as the central focus of tapping sensors, it is dangerous to guess why.

Apple disables motion sensor access by default, but Google not only enables that access, but it can also be a setting that recommends enabling it despite prior warnings. Notify the user. The difference between Apple and Google will be less clear. Ironically, of course, Apple blocks this type of data collection in all browsers, so it’s safer to use Chrome on your iPhone than on Android.

iOS forces permission request in Chrome

Chrome / iOS

As one developer in the Chromium discussion on this setting asks, why does the motion sensor allow the allow / ask pair instead of the ask / block pair? Is it to allow Chrome to allow by default? Many sites other than maps do not require the motion sensor API. I disabled it, and it’s always surprising to see the site using a motion sensor.

If providing motion sensor data to a website is a real requirement and is popular enough to justify that it is turned on by default, iPhone users have been flooded with permission requests in recent years. prize. But they don’t have. Most people will never see it. not even once.

You can disable access to your smartphone’s motion sensor in the Chrome site settings on Android, but Google recommends leaving it on.

Disable motion sensor

Google Chrome / Android

In reality, while Apple vs. Facebook dominates, iPhone makers have undoubtedly done more to reveal Google’s privacy breaches than anyone else. And all the while, Android is playing a game that slowly catches up with the high-profile privacy innovations Apple introduced in its iOS update. But then we find these hidden issues that haven’t grabbed the headline yet and remain issues.

Google may change default settings to limit account location tracking, disable monitoring of time away from the device, turn off the new privacy sandbox tracking feature, stop cross-site tracking, and third parties. It emphasizes the settings it provides to disable or block cookies, phone motion sensing. However, there are themes that are all out of the box and turned on unless you actively find and change them. By default nothing is private. And that’s terrible from a privacy standpoint.

Yes, on Android you can find and disable the motion sensor. However, it is unacceptable for users to rely on aggressively changing settings to protect their basic privacy. Apple and other companies are now adding such measures by default. In reality, very few users are aware of these issues, and even fewer follow the multi-step menu to change core system settings. This is especially true if Google has marked such a setting as recommended.

Google’s privacy sandbox is currently waiting for FLoC V2 as it continues to look for impossible solutions to protect user privacy without compromising the monetization of user data. My advice is to choose a different browser instead of waiting. If Apple needs to use Safari and doesn’t want to choose privacy-first DuckDuckGo or Brave, then Android and other non-Apple platforms, Firefox, are a much better option.

How to remove Chrome on your phone

Google android

Apple has used Safari to make privacy-centric options immediately available by default. Its latest innovation, Private Relay, breaks the link between the user ID and the website, essentially weakening the core foundation behind the web tracker. Google couldn’t follow their lead, which would seriously damage its business model.

Chrome has been isolated as the only major browser that isn’t working to stop cross-site tracking. It’s the only browser that collects large amounts of data (indicated by Apple’s privacy label when used on iOS), all linked to your user ID. The only major browser that pushed FLoC despite numerous privacy warnings. On Android, you can remove Chrome by disabling the stock browser in the settings.

Mysk warns that information security rules of thumb need to protect personal information. Access to the accelerometer must be protected.

Chrome is the world’s most popular browser, controlled by the world’s largest digital advertising giant, by the entity that controls 75% of web tracking. Math is easy. We can’t expect anything to change until users make a privacy-first choice.

