Preventing paranoia: when does Google Chrome talk to Google.com?

For better or worse, my blog is popular with the Google conspiracy-theorist demographic. 🙂 I knew that as soon as Google Chrome launched, some readers would ask tough questions about privacy and how/when Google Chrome communicates with google.com.

So I decided to tackle this issue head-on. I talked to the Chrome team to find out if there’s anything to worry about. The short answer is no. For the long answer, read on.

If you’re just surfing around the web and clicking on links, that information does not go to google.com.

If you are typing a search or url in the address bar, Google Chrome will talk to the current search service to try to offer useful query/url suggestions. I love this feature, but you can turn it off. Right-click in the Omnibox/address bar and choose “Edit search engines…”. Or click the Chrome menu (it looks like a wrench), then Options->Basics and then the “Manage” button. Either way, you’ll see this box:

Other search engines

Uncheck the checkbox at the bottom of the dialog box that says “Use a suggestion service to help complete searches and URLs typed in the address bar.”

By default, crash reports and other anonymous usage statistics (e.g. which features are used most often) are not sent to Google. The Chrome team would love if people opted-in to send crash report data though, because it would improve Chrome for everyone. To opt in, click on the Chrome menu (it looks like a wrench), then click “Options.” On the “Under the Hood” tab, check the box that says “Help make Google Chrome better by automatically sending usage statistics and crash reports to Google.” You can read more about this opt-in option on this support page.

I believe if Google Chrome sees a very short, stock 404 page (less than 512 bytes), it talks to Google in order to try to suggest other possible pages and options. My understanding that this is the same underlying technology that I talked about earlier this year. I think if you have a helpful 404 page (> 512 bytes), Google Chrome doesn’t modify that (this 404 page isn’t changed for example), but Google Chrome does try to help with very short/unhelpful 404 pages. If you still don’t like this feature, you can turn it off. Go to Chrome/Wrench menu->Options->Under the Hood and uncheck the box that says “Show suggestions for navigation errors.”

By the way, just as a quick plug: if you as a site owner want to improve your 404 pages, Google offers a nice snippet of JavaScript (well under 20 lines) to offer this functionality to site owners. See this 404 page blog post for more info.

Google Chrome checks for automatic updates every 25 hours. Other modern browsers check for updates as well, e.g. to plug security holes. Given today’s sometimes-hostile web, I think checking for updates like this is a very smart choice.

Every 30 minutes, Google Chrome downloads a list of 32-bit url hashes of urls thought to be dangerous (malware or phishing). That is a download of data from google.com, not to google.com. As you surf around the web, if you happen to hit a url whose hash is in the dangerous list, the 32-bit hash is sent to Google and Google replies with a full 256-bit hash of the dangerous url in question. Not only does this happen very rarely, but Google Chrome doesn’t send a url to Google, it sends a url hash, so Google doesn’t learn the url from this exchange. By the way, this is essentially the same protocol that Firefox 3 uses to protect its users from malware/phishing urls as well.

Update, September 5th 2008: A friend pointed me to this nice public description of Google’s Safe Browsing protocol in case you’re interested in more details.

When you choose your language in the user interface, Google Chrome downloads a spellcheck dictionary. Again, that is a download of data from google.com, not to google.com.

To the best of my knowledge, this is the only communication that happens between Google Chrome and google.com. I thought it would be better to write down all the communication that happens so that people wouldn’t invent conspiracy theories. As Louis Brandeis said, “Sunlight is the best disinfectant.” Luckily, you can double-check me because the browser is open-source. I hope this helps in case anyone has any privacy-related questions about Google Chrome.

Update: David Pogue writes this of Google Chrome in the New York Times:

Will Google ensure that its own services run better in Chrome than in other browsers? Is this part of Google’s great conspiracy?

That’s a no and a no. Chrome is open-source, meaning that its code is available to everyone for inspection or improvement — even to its rivals. That’s a huge, promising twist that ought to shut up the conspiracy theorists.

That’s a good way to put it.

128 Responses to Preventing paranoia: when does Google Chrome talk to Google.com? (Leave a comment)

  1. The question is, will YOU use Chrome as your primary browser? 😉

  2. Good you put this clear, Matt. I like Chrome for its speed and simplicity. A typical Google product, I’d say!
    Regards, Starsky

  3. Thank you for looking into this.
    I’m usually one to trust Google with my information, but I had some questions about Chrome.
    *waits for Mac version

  4. It’s funny, a lot of bloggers and folks on Twitter were wondering about privacy. Many of us already have the Google Toolbar installed, so this is no big deal at all. We’ve assumed you’ve been honest this whole time 😉

    So, I’ve been using Chrome for a little over an hour and already really love it. I won’t be able to ditch my other browsers for SEO work. I still love my FF plugins, and one thing they’ve streamlined (probably for the better) out of Chrome is displaying the html title tags in the top banner. Of course, this is really an unnecessary distraction for most users and it doesn’t add to the browsing experience, so I’m glad it’s gone in Chrome.

    Even before Chrome, I used more than one browser and will continue to use different ones depending on the task at hand.

  5. Not so fast for me, even with Google’s service. Much slower than Firefox with 10+ tabs opened (not program itself, but page’s opening).
    This search is much complicated because I miss drop down so I can choose what search engine to use (not all people use only Google :)).
    It should be better to download whole installation, not just those 475 KB and then whole program; I always hated that kind of installations, I want whole installation so I can know how big it is, to copy it etc.
    There are no arrous on back/forward buttons, so I need to browse one by one page.
    Good thing are those resizable fields like with that extension for Firefox, also that it is fully localized in many languages.
    This can be only used as some kind of “light” browser, not default one, maybe in future.
    Congrats on keeping secret, I geuss that many people were involved in developmnent and testing.

  6. “So, I’ve been using Chrome for a little over an hour and already really love it.”

    Cool, glad to hear it Javaun. I love my Firefox plugins too, and I still head back to Firefox when I’m doing some in-depth webspam fighting where extensions can be handy. But especially for stuff such as email, Chrome is really strong.

  7. Google could definitely use the new browser to improve their products even future. Do you know if that is a possibility in the near future Matt?

  8. What about the update process that persists after closing the browser ? This is hatefully reminds me Adobe Reader (but it’s probably even worst).
    Firefox only checks for updates when starting.

    btw: Matt, install WP Subscriptions manager, it’ll make easier for people to follow comments on a given post.

  9. Any idea, why no automatic detection of RSS feeds? Also, I am unable to import feeds (bookmarks yes) from FF. Chrome team missed out on something this common even for a beta release?

  10. Love it. Already in love with how much more of the web page I can see since Chrome is taking out all the bloat at the top of the page. In Netvibes or iGoogle… I get so much more of my favorite content than before!

  11. Matt,

    Talking about paranoia. Does Chrome show alert when visiting a site buying/selling backlinks or posting fake linkbait stories?

    Please say…Yes 🙂

  12. I would love to have Google Chrome ported to Linux… specifically Nokia Internet Tablet OS 2008. It seems like the perfect browser for my Nokia N800. I tried it in a VM in VirtualBox (no Windows boxes to try it on) and found it to be very fast, but lacking in features. However, on my older systems (like my Celeron/466 on Debian GNU/kFreeBSD) I may also use it if it is as fast as the Windows version.

    I eagerly await furthur platform support (outside of WINE please!).

  13. Why no Google Toolbar? I can’t use Chrome or any other browser without it anymore because that’s where I keep all of my bookmarks now.

  14. Dave,
    You can bookmark Google bookmarks (what?) on Chrome and on the wrench thingy (I guess it’s called the option menu), just check the Always show bookmark toolbar. Works for me…

    Now if only someone can find a way to install the SEOpen toolbar for Chrome.. hmmm…

  15. Hey Matt,

    Thanks for putting this out there. I was kinda concerned / worried. Will Google make it an official policy to keep a page updated with how they use the data? I know this isn’t always the “official stance” on things, even though it is perceived as such.

    Also do you guys disclose the info gathered from the toolbar in a similar fasion you have done here?

    The issue with EULAs is no one read them – but this format makes it really easy. THX!

  16. Is there a place to send bug reports?

    When I try to make Chrome my default browser the button depresses but nothing happens.

  17. I waited (rather impatiently) for a link to appear, but was then disappointed by a cryptic error message (error code = 0x80042193) which turned out to be a network permission error that my network administrator was able to resolve, so I just got Chrome up and running.

    I won’t be able to give up my Firefox just yet, but look forward to a Google Toolbar.

    However, It’s very fast on my PC at work and I look forward to getting it installed on my PC at home tonight…

    Thanks!

  18. What is the business justification for this browser?

    Is this an outlet to get access to the invisible web?

    Will sites that are bookmarked via the browser – help them in the Google organic SERPs and pagerank? Thus getting the benefit of realistic social bookmarking and popularity

  19. “If you’re just surfing around the web and clicking on links, that information does not go to google.com.”

    I have a tough time believing this. You guys love user data. That’s partly why Cuil was created, they wanted to get away from that. Is there an official edict declared by the Google Chrome team to back this up? (In more detail).

    If that user data isn’t sent to ‘google.com’ it’s sent to one of your ip’s… There are a million ways I could cut it but I doubt your saying, what people ‘think’ your saying. If you are, send the url for the full disclosure.

  20. Why is the new Google Chrome logo http://is.gd/29g0 eerily similar to Hal 9000 http://is.gd/29fZ ?

  21. Here’s a different paranoia from a different vertical:
    If you did a search for [chrome] an hour ago (4 CST), Google showed up at position 6. Now (5 CST) it’s at position 3. Chrome is a fairly popular word to rank for so quickly—it’s a color, it’s a metal, several businesses are named Chrome… This browser has only been talked about for 1 day and it was just launched this afternoon. All Googlers say there’s no inside track to influence rankings, but you’ve got to admit that’s mighty suspicious.

  22. Matt,

    I must say I’m happy that you have taken the time to speak with the Google team about their new browser and what it does and does not transmit via usage. Can we all safely assume that you have had the chance to validate all of this by way of monitoring your inbound / outbound data while browsing?

    Regards,
    Jon T.

  23. Please please ask developers to add mouse gestures… its the only thing I miss from Opera.

  24. “The question is, will YOU use Chrome as your primary browser?”

    I’ve used Google Chrome as my primary browser for months–I love it. 🙂

    “This search is much complicated because I miss drop down so I can choose what search engine to use (not all people use only Google :)).”

    See the post that I just did here, Milan: http://www.mattcutts.com/blog/common-google-chrome-objections/ It’s trivially easy to switch around different search services, even from query to query, by using the Tab key.

    Stefano F. (tacone), I’ll ask about that update process. Thanks for the advice.

    Anand, I’m not sure, but I’ll ask about autodiscovery of feeds. I’m surprised how many people asked about that and are asking about the Google Toolbar.

    Harith, no. 🙂

    “Why no Google Toolbar?”

    To be fair, if it had launched with a Google Toolbar, people might have complained in the other direction too. 🙂 The Omnibox gets you most of the searching capability of the Google Toolbar. I agree that I’d like to have more cloud-based bookmarks magic myself, but not for this first release.

    Koldo, I have no idea, but I’ll ask. Any Chrome person want to stop by and say what the RLZ library is?

  25. (Off to a meeting at 4 pm, but I’ll be back to answer more questions later.)

  26. Was following this on Twitter. Thanks for the fast word. Twitter is now my instant connection inside the Google world. Chrome looks pretty cool. Thanks for the heads up.

  27. Milan, press and hold on the back/forward buttons to navigate through that tab’s history.

  28. Hi Matt,

    Been using the browser for a little while now and love the speed.

    Like others have said, I am really missing the Google Toolbar for the bookmarks.

    No bugs yet 🙂

  29. Glad you like it, incubi21! Google Chrome doesn’t offer Google Bookmarks functionality, but if you want to use Google Bookmarks with your browser, you can visit google.com/bookmarks and there’s a bookmarklet at the bottom of the page that you can drag up to your bookmarks bar.

  30. “All Googlers say there’s no inside track to influence rankings, but you’ve got to admit that’s mighty suspicious”

    No, that’s our normal rankings, The Destrier. Our results are quite fresh–search for something like [gustav] and you’ll see a ton of new results. We definitely haven’t changed our search rankings in any way for Chrome-related stuff, and our algorithms handle breaking news like this just fine.

  31. “Not only does this happen very rarely, but Google Chrome doesn’t send a url to Google, it sends a url hash, so Google doesn’t learn the url from this exchange.”

    Actually, they do know the URL. Since they generated the hash in the first place, they may have kept the hash in a dictionary and be able to know what page it is.

    But if they only send it when you hit a page in their blacklist, I agree it’s not really a privacy issue.

  32. ReaadWriteWebMan

    Matt,

    As I suggested on RRW – http://www.readwriteweb.com/archives/does_google_have_rights_to_all.php. If we have nothing to worry about – love a response to this. Why include it ?

    11.1 You retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services. By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through, the Services. This license is for the sole purpose of enabling Google to display, distribute and promote the Services and may be revoked for certain Services as defined in the Additional Terms of those Services.

    11.2 You agree that this license includes a right for Google to make such Content available to other companies, organizations or individuals with whom Google has relationships for the provision of syndicated services, and to use such Content in connection with the provision of those services.

    To me – its such an ennerous clause that complete deters me from using such a great peice of software.

    Love some explaination (as would the 250K odd RRW readers)

    Cheers

  33. Matt,

    I was receiving a bunch of queries on this topic within hours of Chrome’s availability, so earlier today I wrote up a quickie privacy analysis at the link shown, based solely on the presented privacy policy.

    Glad to see that my posting appears to be accurate!

    All the best,

    –Lauren–

  34. Let’s try get that link into the body of the message …

    http://lauren.vortex.com/archive/000420.html

    This time for sure!

    –Lauren–

  35. The way I understand what you’re saying, is that when we use the browser, Google no longer cares so much about which links we click on. Instead, Google wants to know which terms we type into the URL bar (the “Wisdom of the Language” — see http://gaggle.info/miscellaneous/articles/wisdom-of-the-language :). Also, Google wants to know which language we think we’re speaking.

    BTW: how is knowing a URL hash different from knowing the URL itself?

  36. Hi Matt

    I have no idea why guys are saying that they cant open websites and Google Chrome crashing. I have managed to open all the usual sites etc with out any problems and with lightning speed as well.

    Maybe some of you guys should check to see that there isnt something with your machines first.

  37. Any interesting stories about the name?

  38. Thanks for the info. For a beta this thing is rock solid, and really very fast. I have been using Opera as my main browser for quite some time, and the default configurations is eerily similar, so that might make switching even easier 🙂

    One thing I noticed, though, was using the default Google search, there’s what looks like a unique tracking number: … search?rlz=XXXXXXX_xxXXNNN containing my country and language preferences as well. What is it? There seems to be no way to turn it off, and it serves no useful purpose to me that I can see.

  39. Thanks for pointing to that analysis, Lauren! When I heard all of the choices that the Chrome team had made, I was very happy to say the least.

    By the way Lauren, were you aware of the fact that turning on “Suggested Sites” in IE8 beta 2 causes your browsing and searches (including on other websites) to be sent up to Microsoft? I read about it in the Suggested Sites section of http://www.microsoft.com/windows/internet-explorer/beta/privacy.aspx in case you haven’t seen it.

    Mark, I suspect that there’s just some hardware and software that we haven’t seen yet. If people opt-in to crash reporting, I hope that those issues will be found and squashed quickly.

    Hart, I believe the reason for the name is the idea of “browser chrome,” the stuff that goes around the outside of the window. So the irony is that Chrome doesn’t have much actual chrome itself.

  40. So Matt, can you elaborate, explain and also possibly provide a reasoning behind this clause in the TOS of Chrome?

    “By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any content which you submit, post or display on or through, the services. This license is for the sole purpose of enabling Google to display, distribute and promote the services and may be revoked for certain services as defined in the additional terms of those services.”

    Why and how can google claim such a right? And what purpose is there behind this?

  41. As you surf around the web, if you happen to hit a url whose hash is in the dangerous list, the 32-bit hash is sent to Google and Google replies with a full 256-bit hash of the dangerous url in question. Not only does this happen very rarely, but Google Chrome doesn’t send a url to Google, it sends a url hash, so Google doesn’t learn the url from this exchange.

    Unwinding a full url from it’s hash is a very fast operation – that’s why data structures such as hash tables exist (and they are obviously kept by Google to send the full 256-bit hash back).

    I know that Google guys are Paladins of Light, dressed in white and that Google really cares about customer privacy, yet saying ‘so Google doesn’t learn the url from this exchange’ sounds like you’re trying to convince housewives, not IT geeks 🙂

  42. You know, it strikes me that every time Google launches a new, supposedly killer product, some people are trying so hard to prove it HAS to be bad, it HAS to favor Google in some way it HAS to invade your privacy somehow, so Google, you’d better tell us! It’s too bad that these people aren’t that many people but they get so much exposure..

    Why haven’t i seen such privacy concerns on IE for example? Which is not open-source btw.. I’m not at all against privacy supporters, i think they make the web grow more secure.. But come on.. I’m tired of this tirade against the people who, no doubt, have managed some of the biggest innovations in privacy. And it’s funny how people rally in these tirades against companies who really are willing to talk about such sensitive issues, (and even funnier, a product which is open-sourced).. People should turn their eyes to places where there’s no talk or action about privacy.

  43. @Gary Schubert,

    Yes Google probably can figure out the URL requested based on the 32-bit hash sent back to them, but 32 bits only gives 4.3 billion options. I’m not quite sure how many pages there are on the web, but I guess the probability of hash collisions is fairly high, hence the need to computer a full 256-bit hash.

    It probably gives them a pretty good idea, however. I agree that saying they can’t get the URL from the hash is a little odd when they’re sat on the hash table!

  44. Interesting about Google’s motivation

    a few years ago I sat in on a high level presentation on BT’s ad strategy and the ideas behind the then ad campaign – the idea was to increase the total use of the phone network so that even though we where losing market share (due to ofcom regulating us) the revenues would hopefully go up.

    Very interesting as they where running the ads to change people’s behaviour in particular how Males used the phone (reminded me of Azimovs Psychohistory)

    This was back in the days of the Bob Hoskins adds – quite what the motivation behind the “ghastly nu labour couple” they have at the moment is I don’t know. Probably done to win advertising awards for the agency than actually have any concrete results unlike the Bob Hoskins adds where they showed us the traffic graphs for the time frame around the time the add ran.

  45. Why is it impossible to turn of spellcheck?

    it is annoying as hell when I’m posting on boards that use a different language then my own

  46. Gary Schubert, you sound like a housewife, not an IT geek 🙂

    There is a strong likelihood (i.e. it’s almost certain) that a 32-bit hash will resolve to more than one URL. There are after all billions of unique URLs. So no, Google can’t tell which URL you are using from a 32-bit hash. What they can do is use it to efficiently index a set of a few million bad URLs. But since the 32-bit hash isn’t unique they need to send the 256-bit hash back to verify. They could resolve the URL from the 256-bit hash but they don’t get the 256-bit hash from you so there’s no issue. Note that you never find out what the potentially bad URL is either.

    Nothing to see here.

  47. > Unwinding a full url from it’s hash is a very fast operation – that’s why data
    > structures such as hash tables exist (and they are obviously kept by Google
    > to send the full 256-bit hash back).

    Actually, there is no way a url can be “unwinded” from it’s 32-bit hash. There are only 2^32 (4 294 967 296) different hashes we can code with 32 bits. But, there are definitely more URLs than that. That means that not all URLs can get their unique hash. Ergo, you cannot tell the URL by just looking at the hash.

  48. Hi Matt,

    I’m finding Chrome a fantastic OS for my system. Let’s not mess around with simply calling it a web browser!

    Now if it can be enhanced to let me have moveable icons in my ‘home page’ and let me save to it simply, I could ditch windows altogether 🙂

    This is all possible with Javascript…

    I’d appreciate if Google got Java, Shockwave and text window searching (as is possible in other browsers) implemented soon.

  49. Gary Schubert: you’ve missed the point. Of course Google already knows the malicious URLs. The point is that if the hash of the URL you are browsing happens to collide with a malicious URL’s hash, then Google still doesn’t learn what URL you were looking at. In case of a hash collision, the 256-bit hash won’t match and Chrome won’t claim that your URL is malicious.

    Although I wonder why the full 256-bit hashes aren’t stored locally.. The database of 32-bit hashes can’t be too many megabytes, and 8 times that is still nothing 😉

  50. Matt,

    My concerns about the suggestion feature in IE8 were slated for today’s posting!

    Here it is:

    http://lauren.vortex.com/archive/000421.html

    –Lauren–

  51. Teodor – the issue is that if companies like GOOG can’t be persuaded to take privacy and content rights seriously then there’s no chance of persuading firms which are historically indifferent/hostile (MSFT) from doing so. GOOG has itself imposed higher expectations on itself with the whole don’t be evil thing, and shouldn’t be surprised when people hold them to it.

    Matt – any chance that Chrome could be available as an offline download as Adobe Reader and Java VMs are? I’m looking at it from a corp deployment viewpoint where we disable BITS/WU in favour of another patch management service.

  52. Matt,

    PLEASE DO NOT DELETE AGAIN…

    You mention in this blog about the new browser release of Chrome and at the same time you had to mention that your blog is popular with the “Google conspiracy-theorist demographic” While I am personally not a conspiracy-theorist – I do like my privacy, however, I am not blind. I too have spent the better portion of my career surrounded by technology research. I am really curious about Goggles true intentions and here’s why:

    Google has been working with the various branches of U.S. government specifically the National Geospatial-Intelligence Agency (NGA) regarding Google technology for this example. I am not referring to a company like Dell selling the U.S. government computers. I am referring to defense programs run by Chief Technologist; Rob Painter who has special ops/intelligence background and was “well” removed from Google’s Silicon Valley HQ and working out of DC and Virginia.
    Perhaps its things like the NGA contract and others that when you combine them; they send mixed messages to the public thus, people question what is going on. It seems that Google is creating a conflict of interest because a company that serves the public in the way Google does and then partners with the U.S. government for defense programs just seems strange to some people.

    Don’t Be Evil… right?

  53. Auto-suggest as a default option wouldn’t bother me so much if the address bar was, at the very least, smart enough to not request suggestions for strings starting in “https://” and likewise to not send in the query part of the string (after the “?”) for any URLs.

  54. @Ingmar Greil
    You *can* remove the rlz-part of the default search. The search uses the default search URL as defined in
    Wrench > Options > Basics > Default search: Manage
    I simply created a new search entry with the contents
    http://www.google.com/search?{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q=%s
    and set that as default. If you change the keyword of the original Google search, you can reuse it for this search and replace the original completely.

    Re. Hashes: The 32 bit hash is indeed not enough to always uniquely identify the page you are viewing – although a good hash wouldn’t have too many collisions with the current number of indexed pages. Several pages will can the same 32 bit hash. Possibly more than one malicious page too. I am guessing(!) that if you send Google a 32-bit hash, it sends back the 256-bit hashes of malicious URLs with that 32-bit hash. You can then test your URL against those, with a much lower probability of collision.
    It is still possible, although *very* unlikely, that two URLs will have the same 256-bit hash. There are about as many 256-bit numbers as there are elemental particles in the universe, so the odds of two URLs hashing to the same 256-bit value is significantly less than the odds of winning the lottery (if the hashing algorithm is well constructed, ofcourse).

    Lasse

  55. What I noticed is this: ‘Google Installer’ from your computer wants to connect to cg-in-f113.google.com [209.85.171.113], port 80

    Many times a day… Why does the installer need to do checkbacks after it has already installed the program?

  56. > although a good hash wouldn’t have too many collisions with the
    > current number of indexed pages.

    I take that back. Some reports that Google has indexed more than a trillion pages, giving an average of 250 matching pages for each 32 bit hash.

    (Ofcourse, if you click on a link to navigate from the page to another, the sequence of 32-bit hashes might be enough to identify the two pages).

    /L

  57. Sure, I’d be willing to believe that Google Chrome does not participate in deliberate snooping, except for maybe how the suggest logic works – I don’t like how it submits searches based on what I am typing. I can disable that “feature” in Firefox’s Google search box. Can I disable Google Suggest on Chrome? No? Oh.

    Matt, your optimism about what Google’s intentions are is cute and admirable, but you and I know Google’s juice is and always will be on the server. How much incredibly valuable data will Chrome’s “unique take” on browsing provide for inference and recording on the server? Show me an under the hood Chrome option to “Accept third-party cookies, Keep until: I close Chrome” just like Firefox has, and I’ll start to unclench a little bit. Let me disable Google Suggest, and I may lower one of my raised eyebrows. Dear Google: I don’t wish to be tracked by cookies, or by IP address, or whatever else you can dream up to tag me.

    This move by GOOG (the publically traded company that is required to make more money for shareholders) makes me antsy. There is a faint bitter aftertaste on this very tasty treat.

    Cheers,
    Dave

  58. Siddhartha Gandhi

    I switched to this browser full-time, despite its current problems. There are many minor interface and usage quirks I don’t like, but a few big problems, imo:

    1) No Java! Aaaahhhhh!

    2) Am I the only one who’s been disappointed by the speed of Google Chrome when I have ten or more tabs open? The tabs may be sandboxed, but the entire browser had locked up continually when I had many tabs open. This happened in particular when I viewed many flash videos, or opened many tabs at once. Google Chrome was advertised for not locking up at all, but it’s performance isn’t as great as I expected.

  59. Same problem as Chris Bartow above, when I make chrome default (options, basic, default browser) absolutely nothing happens… so when I click on a link Firefox flips open, not Chrome… And I have de-installed and re-installed and ripped Firefox etc… all to no avail… very frustrating… I am running Vista and if you go to manually change the default (control panel, programs, default programmes, set your default programmes) Chrome is not listed so you cannot associate manually either… Any ideas? apart from use Firefox:)

  60. This sounds strange to me:

    “As you surf around the web, if you happen to hit a url whose hash is in the dangerous list, the 32-bit hash is sent to Google and Google replies with a full 256-bit hash of the dangerous url in question.”

    Perhaps google send you a list of 256-bit hashes back? If there are no collisions they would know the URL, otherwise they would know the set of URLs that you could have visited.

    /Allan

  61. Dear Mr. Cutts,

    I am no IT geek, I’m more like a housewife (as someone else said) in my knowledge of how browsers really work behind the scenes. So please feel free to simplify your explanations on your blog there are those of us that appreciate the effort.

    I don’t mean to sound insulting on my first post to your site. However, I feel I must ask: How can we (the readers) believe your blogs about Google Chrome (like this one), seeing as how you’re employed by Google?

    I also ask this question because I need more information before trying to make an argument to my friends (who *are* IT geeks) against that ignorant article written by Meghan Keane in “Wired Blog Network” yesterday. Replying to them about how the article seems slanted towards paranoia won’t do me any good unless I can find IT geeks who aren’t employed by Google or it’s affiliates, that can back me up.

    By the way, I found your blog on said article by reading the comment posted by Benoit. So thanks to Benoit. 🙂

  62. When you say something like “download of data from, not to google” you are further promoting the confusion between “download” and “upload” since only things going towards the speaker are downloads and things going away from the speaker are uploads. If you want to use the same word for both directions, please say “transferred” instead. Thanks.

  63. Leigh Simpson: right

    Eddie Edwards:
    Tanel:
    Tapio M:

    “What a depressively stupid machine” said Marvin and trudged away.

    It was about me. I thought I don’t have to chew it _here_.

    A hash doesn’t need to be resolved uniquely for sites like antigovernmentconspiracy.com or hezbollah.org in order for you to be filed under ‘needs background check’ label in some organizations.

    And it doesn’t require a second guess to figure out what a person who in succession hit hashes for bestialityporn.com furrylove.com and similar sites browsed next – sexysheep.com or CNN page about potato consumption in 3rd world countries.

    I am very glad you can calculate 2 to the power of 32, gentlemen. Next time try using some common sense as well.

  64. Oh, and just in case I sounded a little bit paranoid – I’m not 🙂 I also use Google Toolbar, SEOQuake and other tools.

  65. lol matt, you could take a look and answer to possible questions regarding this as well:
    http://www.theregister.co.uk/2008/09/03/google_chrome_eula_sucks/

  66. Anyway… I really don’t understand why everybody’s like concerned about stuff like that…after all.. doesn’t Google own nearly everything I use on the internet. You just got to trust it. Gmail….Googl search engine for traffic…now it’s browser. Sweet.

  67. Gary Schubert: OK, you were right. But so was I, partly 🙂 My point of view was that Google won’t learn your URL if there was a hash collision, and they’d only notice if you went to a URL they already know… but because they seem so nice, I didn’t think that they might actually be interested in knowing when you go to certain known websites. Then, by replying with the wrong 256-bit hash, they can silence Chrome and you won’t know that it communicated with Google because the page loads normally.

    Why they would want to do that, though, is beyond me 🙂

  68. Matt — since this post was a conspiracy-theorist pre-emptive strike, and you mentioned that Chrome is open source, I assume you’ve read that online posts about how Chrome isn’t actually open source, but that Chromium (not what people download and not available to the general public) is actually the browser version from Google which is being referred to as open source. Just wanted to make sure you’d seen that and followed up on it to verify what the truth of the matter is. — Bob Waldron

  69. I have read that each single Browser someone installs has a singular Chrome-ID. This would mean, google would have the possibility to link one’s google account to one’s queries even after being logged out.

    Is this correct and how does Google address this concern ?

    (Cannot check, have a Mac at home…)

  70. One thing we should also remember is that every download is also an upload. We’ve learned this from the invention of web bugs; it’s trivial to encode information in an URL, download a 1 pixel image from it, and presto, the information encoded in the URL is now uploaded.

  71. I really like the lightweightness of Chrome, but then again, its too light for me, I like to have widgets, ad blocker, automatic passwords, IRC client and all kinds of neat things, I use Chrome just for browser games, they work really well, much better than on my Opera or Firefox.

  72. “How can we (the readers) believe your blogs about Google Chrome (like this one), seeing as how you’re employed by Google?”

    Morna, my short answer would be that the IT geeks you mention could download the source code for Google Chrome and verify themselves that there’s nothing sneaky in the code.

    Lauren Weinstein, thanks for that pointer to http://lauren.vortex.com/archive/000421.html . Good to see someone else noticing that.

  73. I love Chrome error messages ! Very fun.

    I can found in french for a DNS error ” Oups ! Petit problème…”, we are not used to read this sort of messages from big companies like Google.

    That’s cool !

  74. Thanks for the “disinfection”! I think the open source argument is by far the strongest one in terms of conspiracy theories. And since so much eyes rest on Google, I’m pretty sure that quite a few people will actually take a look at the source code.

  75. I turned off all Google sending options in Chrome. I would like you to embed all these explanations directly in your browser interface like you did it for anon usage info.

  76. hmmm, When chrome talks to google it gets the evil google ID cookie, i.e. all your browsing belongs to us

  77. A small suggestion to improve the data security. For many people, it is a problem, that google can know, what addresses I’m typing. I think this will be a real problem, if I also use a google account.

    To solve this problem, here a small suggestion: Offer a free software which can be installed at own servers. The job of this software is to send queries to google for the suggest function. There should be no cookie, no IP, just the typed URL. In Chrome, it will be possible to specify, from which server the suggestions will be loaded from. So everyone can makes sure, what data is sent to google.

    The more browser users will use a such configured server, the more secure the data for each one will be. So there will be a public net of “transaction servers”. And noone can say, google is collecting too much data.

  78. Finally, finally a browser I can teach my grandmother to use. This one is big, here. A ‘browser for the rest of us’, truly. You guys match firefox in terms of functionality in ways like scripting, you will get the enthusiasts and developers, too.

    Flash, please? Ability to support greasemonkey would rock, too.

    To all of the Naysayers and Doomsayers:

    Given a choice, which company would you prefer to have a roughly 70% (oops, Chrome beta knocked off a 1% market share in 48 hours :D), make that 69% market share of web browsers… Google, or M$?

    That really is the question at hand, here. Normally I would be using a sentence here about the lesser of two evils, but then I don’t see Google in that light. Firefox is a great product, but they have no distribution model that compares to Microsoft’s 90% of the computers on earth captive (monopolistic) install base. Google, on the other hand… They have the reputation (no slam on Mozilla there) to pull this off, a 60% market share in web search… They are perhaps in front enough to change this game in a big way. The strength is that this is far and away the most compelling product for a newer or inexperienced user, and yet in may have the sort of minds behind it that swayed many of us in Mozilla’s direction. And open sourced, this is like Christmas and my birthday all rolled into one.

    I am so happy with this development that I wish I could buy the devs a round of drinks. Anybody get through Seattle?

  79. “Every 30 minutes, Google Chrome downloads a list of 32-bit url hashes of urls thought to be dangerous (malware or phishing)”

    Matt, I have big problems with this feature, as do others I’ve spoken to. No, not ethical problems 🙂 but technical ones.

    Whenever this kicks in, there is an enormous amount of hard disk activity that goes for an inordinately long time. It’s long enough and frequent enough to be cause for concern to any savvy computer owner – “something’s writing to my hard disk, what’s going on?” I’m not alone – search around the web for forum posts asking about HDD thrashing while browsing with Chrome.

    On my (dual core) system, that HDD activity manages to slow the rest of the system down, too – for example, hitting the pause-play button on my Logitech mouse to start or stop an iTunes song is delayed by up to 5 seconds while this disk thrashing is going on.

    And then there’s the sheer volume of data being downloaded. Once I tracked the HDD activity down to Chrome, I watched the User Data folder and saw a 57MB “safe browsing” file. Then “safebrowsing-journal” started growing, till it reached about 3MB at which time it modified and increased the size of “safe browsing” and went back to zero bytes. And then it all started again. At this point I shut off the malware protection to get control of my system back, and deleted the “safe browsing” files.

    But how much data IS involved here? If Chrome’s going to suck this data down 48 times a day, even if each download is only 10MB (and going by what I observed I’m guessing it’s more) then that’s potentially 480MB per day. Imagine how a user on a 5GB bandwidth cap (there’s lots of them here in Australia!) would feel about that. Even on my 60GB/month limit, if this feature’s going to take potentially 15GB a month of my data then I’ll take my chances with the phishing sites thanks all the same 🙂

    I really would like some clarification from Google on what this feature means bandwidth-wise for those whose bandwidth is limited.

  80. I found Chrome to be a nuicance to download through a proxy server, and it installs itself (in vista) under c:users*user*appdata so I’ve had a mission getting it to stay installed and to get it used with more than one user.

  81. Hi!

    I’ve to say that it’s great that you took up all these paranoia-questions. The whole EULA-agreement-issue got me a little concerned for a while, and reading those blog-entries I finally ended up here. It’s a great blog. ^^ I’ve only read a few entries ofcourse, but i’m bookmarking and is planning on reading more of them another day.

    I’m using Firefox at the moment but have been browsing the web mostly from Google Chrome, I love the resizeable textareas. 🙂 Those are great, i’m a member of quite a few sites with these minimal textareas and it’s been driving me crazy, there’s probably plugins for that, but I’m looking for a great browser to recommend to the users visiting my own site, we’ve got quite a few textareas as well, and my members of course have different opinions on how many rows they should have. Now i can just recommend Google Chrome so that they can easily resize them, without having to install plugins and so on. 🙂

    The only reason for using Firefox right now is the “Split Browser” plugin, giving me the possibility to always having the chatbox/shoutbox/chatterbox visible while browsing the web, that would be a great extension.
    My perfect browser would be Google Chrome with ability to view FF-active-bookmarks (the feeds), and Split Browser. 😀 *is day-dreaming*
    I absolutely love the simpleness of Google Chrome’s look and feel. ^^’ So it’s definitely a winner. 🙂 I’ll probably switch back and forth as others mentioned above.

    Once again, great blog! ^^

    BTW: If I’ve unintentionally offended anyone; Sorry about that, it wasn’t my intention. 🙂 Play nice everyone. ^^

  82. Sorry but this post needs more technical data you forgot to mention Alexis licensing server along with the other services that connect to Google though chrome.

  83. Brilliant browser. I love the bookmarks are set-up. I’ve always fought with Firefox2+ on them. I think the Mozilla team had it “right” in the first
    Firefox (Firebird) release.

    Privacy on the internet? Don’t use the Internet. Someone is collecting data somewhere on you one way or another. Your credit card company is doing the same thing (collecting data on your purchases). Don’t use the credit cards then. My grocery store offers an “advantedge” card for saving money on your grocery. Why? To collect data on your grocery shopping habits. Don’t save on groceries.

    Themes. I honestly don’t care for themes with this browser – they should strive to keep it minimalistic. Firefox worked so hard on theming and I always felt time was better spent elsewhere. Some palette choices would be nice though!

    One dislike: I don’t like how it uses “IE” settings.

    Bugs just need to be worked out – I would love to see how well Chromium will continue to perform once the plugin system/addins are opened up to the public. Would it still be fast?

    My initial response is: I love it.

  84. Delete the RLZ.DLL file, definitely, it will not break the Chrome and after deletion “search?rlz=XX” is no longer sent from adress bar search.

    String “{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}” becomes empty.

    Close Chrome, delete RLZ.DLL
    after that delete these keys and subkeys from registry:
    HKEY_CURRENT_USERSoftwareGoogleCommonRlz
    HKEY_USERS{USER-ID}SoftwareGoogleCommonRlz

    First take a look into the subkeys, unique ID is kept there.


    http://emiraga.livejournal.com/

  85. Here’s to future iterations that offer an “advanced” install option, to allow first-time installers/upgraders to tweak things like “install location” and initial privacy/communication settings before the first launch.

    To keep the (nice, convenient) no-nonsense install, this could be left as a modest “advanced configuration” checkbox during install/upgrade.

    Thanks for checking on the matter and posting!

  86. It’s always nice to see a new browser option. While the major players – Firefox and Explorer – have been useful and still are useful for many people, no one solution is right for everyone and for every purpose. This seems to be a strong alternative for especially business users. I’ll be curious to watch it as it develops (as solutions tend to get even stronger as time progresses) and hear about how it continues to work with other products! Thanks for posting this analysis and for answering so many questions.

  87. That is some very interesting information and I am glad you are so concerned about our privacy.

    But maybe you could tell me why the Google toolbar tries to access the internet when I am using Opera, a browser that down not even all the toolbar to be installed on it and no other browser is running?

    If we are safe from Chrome, why then does the Google toolbar try to access the internet when I am not even using a browser at all?

    How do you expect us to feel save from Google Chrome when the Google toolbar is doing things it should not be doing and I don’t even have Chrome installed?

  88. My biggest beef about chrome is that it does not integrate well with google desktop – If I tell XP that chrome is my default browser, then attempt to view/edit google desktop prefs, chrome throws an error and is unable to load the page. Google desktop prefs are edited via a loopback URL that begins http://127.0.0.1:4884. Firefox and IE handle this URL with no problem.

  89. At the moment the facts about chrome, its demand of being open source, chromium and chromes EULA seem to be: google is not willing to publish an effective guilty web-address with the whole content of chromes EULA. At least in the german part of internet there’s nowhere a link to this important part “10.2 Es ist Ihnen nicht gestattet, den Quellcode der Software oder Teile davon zu kopieren, zu verändern, darauf basierende Werke zu erstellen, ihn zurückzuentwickeln, zurückzuassemblieren oder auf andere Weise zu extrahieren.” of chromes EULA. Furthermore: the EULA seems to change every day.

    As far as this important information generally dissent the general interpretation of being “open source” [“3. Derived Works — The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.” by OSI] I’m believing only in Googles Marketing departments, but not in Googles ambitious claims to publish Open Source.

    In context of open source products this limitation has to be correctly published in its product licence, not in the EULA … and there this limitation shows it’s real nature: incompatible to any Open Source model. So David Pogues statement “Chrome is open source” is wrong.

    I would be really happy to find a passage like “You can modify Chromes code or any part of it and you can distribute dirived works of it without any restrictions …”. Till then I’m really fed up with Googles intransparent product policy.

  90. Transcontinental

    I stopped having confidence in Google the day they bought Adsense. Of course Google products are nice, it’s the least they can do if they want their data!

  91. RE:
    DG Said,
    September 3, 2008 @ 10:13 am

    I feel much better: http://searchengineland.com/080908-124458.php

    Thank you
    DG

  92. You are attaching a strawman. It is obvious that open source software won’t send descrete data. But Chrome has started many people thinking about the wider consequences of large scale data gatherings by corporations (browsing history, emails, documents etc). The reach of this data is probably orders of magnitude wider than current electronic tracks available to the government (phone records, credit card records, library records etc.) I think that is a healthy concern and should not be dismissed as paranoia. Experience shows that Corporations tend to comply with governments request for information about (and from) their customers, even illegal ones. Good intentions by corporate boards are important but can hardly been relied on in the long term.

  93. I am glad someone is looking at this. I hate how invasivve google it.

    – Recently I saw a candidate who was interviewed and was googled. The results were quite scary!! The company did not give the candidate an opportunity to respond… overall people dont realize how bad google is.. and how much it can impact your life… spend a couple of mins and for those who dont care, please dont speak for the the others who do

    Please look at Googles – privacy issues. They collect your key strokes
    “Google’s Chrome is set up by default to collect about 2 percent of all keystrokes typed into its Omnibox — whether Web page addresses or search terms, Horvath said. One percent is comprised of all the keystrokes for 1 percent of computer users selected randomly, each day, she said. Google also collects 1 percent of all the keystrokes typed into the Omnibox each day. ”

    http://www.washingtonpost.com/wp-dyn/content/article/2008/09/08/AR2008090802472.html?hpid=topnews

    Another part in using Google ->

    “By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any content which you submit, post or display on or through, the services. This license is for the sole purpose of enabling Google to display, distribute and promote the services and may be revoked for certain services as defined in the additional terms of those services.”

    http://www.newsfactor.com/story.xhtml?story_id=61674

  94. Thanks for clarifying a lot of worries. I see that much of the criticism is off the point.

    You have explained how Chrome communicates with Google when I am surfing.

    But what about the criticism that Chrome “phones home” even when the browser is not (supposed to be) running?

    I would much appreciate if you would adress this point.

  95. “If you’re just surfing around the web and clicking on links, that information does not go to google.com. If you are typing a search or url in the address bar, Google Chrome will talk to the current search service to try to offer useful query/url suggestions.”

    How many people will just surf around the web without typing a search or url in the address bar???

    “Google Chrome checks for automatic updates every 25 hours. Other modern browsers check for updates as well, e.g. to plug security holes.”

    Yes, but other browsers give me the option to choose not to install the update.

    I am very disappointed at what Google does with the browser. The by-default opt-in strategy without any obvious users warning is really disgusting. If there is no blogs or news about such thing, how many Chrome users will be aware of this?

    I do wish there is some NO-EVIL edition of the Chrome browser created by some independent team outside Google. Such edition should keep all controversial features disabled immediately after the installation and users can choose to opt-in afterward if they are aware of what they want.

  96. > Every 30 minutes, Google Chrome downloads a list of 32-bit url hashes of urls thought to be dangerous (malware or phishing).

    Matt: Is this true for both Google Chrome and Chromium build snapshots (http://build.chromium.org/buildbot/snapshots/chromium-rel-xp/)? — Srijit

  97. This answers about two-thirds of the questions I’ve had that have kept me from installing Chrome on my daily-use computer. Thanks much for this, and also for the link to the Google post about improving 404 pages – nice bonus info! I think that being able to suggest a ‘close match’ URL should help keep a few lost users on the site.

  98. From Zdnet – it looks like google is putting goggles on their internet search:
    topsecret posted:
    I did a little search for ‘google privacy spyware’.
    Interesting results:
    Google – 17,000,000 for ‘google privacy spyware’.
    Yahoo – 50,000,000 for ‘google privacy spyware’.
    MSN – 14,900,000 for ‘google privacy spyware’.

    Google: 409,000 for ‘google spyware privacy’.
    Yahoo: 48,500,000 for ‘google spyware privacy’
    MSN: 14,800,000 for ‘google spyware privacy’

    It looks like Yahoo’s search engine is far superior for this particular query with over 100 times the results of google on the google spyware search. Funny about that. Goung on those results it looks like google is lagging behind even MSN in the search game.

    Is the same thing going on here? A little censorship Matt?

  99. I’ll be more inclined to use chrome when it:

    + ditches the urban legend or otherwise creepy factor

    + built in adblocking preferably by third party development

    ++ loopback filtering is passe (but that’s the only way I’ll use chrome now)

    ++ extensions make firefox fun.. and fun to track down conflicts and bloat… google can build a better browser they can build a better extensions middleman (not gear)

    + when misplelelelings are identified it allows suggestion/correction everywhere it red squiggles them

    + more control over tab spawning placement

    ++ and return to which on closing

    * + after the hoards of colored hat people have their respective ways with it

  100. Matt,

    I am somewhat surprised that your article does not even mention that Google logs IP addresses of Chrome users: http://blogoscoped.com/archive/2008-09-09-n68.html

    For the record: With the IP address, one can identify the ISP, which in turn knows exactly which user has been online with which IP at which time.

    Did you forget or simply ignore this fact?

  101. Cheers for the info Matt.

  102. What’s up with the Google Updater? It is always running in the background…

  103. Kudos to Matthias. Matt’s silence on your disclosure is deafening. Can’t help but think Matt’s a Google employee — this is my third attempt to turn Google “fans” on to the non-spying ixquick search website. Both previous comments have been deep-sixed.

  104. > Google Chrome checks for automatic updates every 25 hours.
    > Other modern browsers check for updates as well, e.g. to plug security holes.
    > Given today’s sometimes-hostile web, I think checking for
    > updates like this is a very smart choice.

    A choice is when you choose something, and that, may also be smart
    Here we don’t get to choose anything, Chrome phone home every 25 hours and that is it.
    Perhaps I am getting old, but I came from a time when computers used to work the same way from one boot to the next.
    I don’t even allow Microsoft to update my PC without my knowledge. If I decide to install it, I know why it broke and I can fix it.
    With Chrome forced updates, something may break in my PC and I don’t even know who to thank for!

    Talking about smart choices, it is not very smart to keep all your eggs in one basket.
    Or better saying it, do all your computing under one umbrella, Google.
    I am pretty sure you guys are cool when it comes to privacy, but just the fact that Google has that much access (potential or actual) to my PC it’s a no-no to me.

  105. RE: Pieter
    “What’s up with the Google Updater? It is always running in the background…”

    Read the EULA, as soon as you click I accept and agree, then install, chrome/chromium will start sending and receiving as much data to and from google as it bloody well pleases, what’s more, any data sent through chrome, Google takes copyright over that data, so everything you do and create on Chrome, belongs to google. It’s all in the EULA, The updater is probably just updating your information to google and updating a couple things on your computer to create the illusion of maintenance.

    Re Zion:
    “The by-default opt-in strategy without any obvious users warning is really disgusting. If there is no blogs or news about such thing, how many Chrome users will be aware of this?
    I do wish there is some NO-EVIL edition of the Chrome browser”

    Try SrWare.net’s “Iron” web-browser, it uses chromium’s source code (chrome is based off chromium) but makes a good effort to cut out all the privacy and security infringements made by google. Leaving you with an ever faster. and much more secure web browser than chrome.

  106. Why would I trust products from the Company that runs the most corrupted search providing service in the whole world. Why ? Chrome talks more to Google than you want and you cannot turn it off. FG

  107. There is just no way I am willing to give Google more data than is called for. I use Bing and Cuil.com more often and I am quite happy with IE8, FF3.5.x – I work at a bank and at IT we do not like Google Chrome at all.

    Even if they integrated Roboform. Google is just too powerfull and I would have thought that people smart e nough too distrust the Federal Reserve would also distrust Google. But I guess everybody loves Google and Obama don’t you

  108. Muhammad Nur Azhar Bin Hafiz

    I found that chrome works similarly to google’s toolbar where all out web history is logged

    privacy?

    I don’t know…

    it’ll be great if there’s an opt-out option to not include in the web history

  109. Maybe we are not paying attention…?

    Quote:
    “So I decided to tackle this issue head-on. I talked to the Chrome team to find out if there’s anything to worry about. The short answer is no.”

    So, when I want to know if the government is corrupt, I go to the source and ask them?

    That is as ridiculous as asking a thief if he stole your wallet, of course he will tell you the truth right away!

    This is exactly why the world is what it is…people that refuse to stop and think.
    Sad…very sad.

  110. Nice blog. However, you missed that google has its own DNS service nowadays, and chrome (like ANY browser) may send information to it, if you configure your DNS to use google’s. I’m not sure if chrome will automatically use the google DNS (or if it will revert to it in case of problems).

  111. sarah (technominx)

    I don’t quite understand why Chrome is gaining so much popularity as a browser for all sorts of surfing, including online trading etc. We all know that Google stores all our information regarding search queries and mails despite these measures. I personally would not trust Google Chrome for the purpose of secure surfing. Isnt IE 8, on the other hand, is far more trustworthy when it comes to that sorta stuff online?

  112. Sarah, it’s pretty safe to assume that any business will gather as much information as possible from its end users as permitted by law (and outlined in their EULA) for increased web marketing data

  113. It’s interesting to see just how many people believe in conspiracy theories, etc. Honestly if you don’t want anyone to know anything about you don’t get online in the first place. That’s the best bet. With that said people/businesses shouldn’t take advantage of people by hiding their terms of service, etc.

  114. FINALLY A VALID CONSPIRACY!:

    on february 2010 chrome released an automatic translation toolbar. no way to disable it.. and what it does is send every URL to google servers (not in hash mode!) render the page if it wasnt rendered before, detects the main language of the page and then if it’s different from your main language settings in your Chrome.. a translation toolbar will appear.

    One can think that it works as easy as checking the HTML language metatags locally. but NO.

    It’s extremely evident when for example you’re browsing your own facebook profile in english.. and several friends start leaving you comments in German… the google toolbar will show up after a second.

    Users flooded Chrome’s blog and dev channels asking that feature to be disabled or AT LEAST OPTIONAL! but google quickly deleted all those comments.. specially those mentioning that security/privacy breach.

    Chrome has released more and more updates but that feature until right now still there collecting our data.

  115. Hi Matt,

    Just switched over from Mozilla and am extremely impressed with the speed of Chrome. Even with a few plug-ins running Chrome doesn’t get sluggish. Love the incognito window as well.

  116. And we’re supposed to just believe everything Google tells us? Short question: Then why did Google create a browser?

  117. @andrew

    You can turn it off in settings > under the hood

    just untick ‘offer to translate websites’

    Next time actually check obvious places like ‘settings’ before you go mental and start smothering the internet in conspiracy BS.

  118. I use Google Chrome almost exclusively now. It is faster, but the best part is the tabs that you can grab and drag elsewhere. I have a six monitor computer and it makes navigating the web super easy. I just drag a tab to a new screen and release it. If I release near the upper right hand corner, it maximizes to the full screen. Nothing like this is available through any other app I have used and is a very welcome shortcut. thanks!

  119. “The question is, will YOU use Chrome as your primary browser?”

    That’s such a tired old argument. Let me guess, you say the same thing about health care? “If it’s so good why doesn’t Obama put his family on it?” Am I right?

  120. Interesting point Joe McCarthy, so what healthcare provider does B. O. use?

  121. Thank you for posting this useful article.

    My concern is not that Google will send itself information from Chrome, but rather that Chrome lacks some of the privacy protection available in other browsers. For example, does Chrome have the equivalent of Firefox’s —

    1. BetterPrivacy (to eliminate flash cookies or LSO’s and DOM storage)
    2. Ghostery (to block web bugs)

    My understanding is that Chrome does have Ad Block and Private Browsing mode. Thank you.

  122. @andrew and others concerned about the Chrome translator toolbar being a privacy issue:

    Spent a few moments searching, found this:

    http://googlechromereleases.blogspot.com/2010/03/windows-beta-update-translate-and.html#c8770335815716911285

    In the Chrome releases blog, a Google rep posts that the language detection happens on the client side. The URL only gets sent to Google if the user explicitly requests it by responding to the auto-translate toolbar pop-up.

  123. I don’t know where does people get their statistics from but on my site(http://www.biedsnel.com/) I’ve got >100k visitors a month and only <1% using chrome.

    I guess people learned to suspect Google about everything, which is good!

  124. ATTENTION PEOPLE!!!! THIS ALL CAN BE OPTED IN OR OUT!!! ITS A CHOICE!! EVERY BROWSER CAN SENDS DATA HOME!

  125. “ATTENTION PEOPLE!!!! THIS ALL CAN BE OPTED IN OR OUT!!! ITS A CHOICE!! EVERY BROWSER CAN SENDS DATA HOME!”

    Yes, but not every browser says in theirs “Use agreement” that everything you see,download, or any other use of Chrome, Google can use. That was named as a mistake they made. Put that aside why the unique ID on every installation if not for easier tracking of it’s users? Even more annoying is the “GoogleUpdater.exe” which strangely enough isn’t deleted with Chrome installation, and even stranger it stays active in running processes meaning that you can’t delete it unless you start the PC in safe mod with only command prompt and then delete the file with typing DOS commands and that’s not something that most of the users know meaning that “GoogleUpdate.exe” will stay in most of the computers, most of the people will not know it’s there, some will know but wouldn’t know how to remove it and only few will actually remove the file in question. Another question raises, why does “GoogleUpdate.exe” actually stay in the system (after the deinstallation), why it’s in the running processes and what the hell is sending and receiving from Google if there isn’t any google product on the pc?

  126. I use Google Chrome as my primary browser, I like it. Is very fast.

  127. I’ve long suspected there’s some kind of madlibs for PR that all these companies use.

css.php