Microsoft Claims Google Chrome Steals Your Privacy

An anonymous reader writes "Microsoft is going on the offensive against Google, accusing the search giant of creating a browser that does not respect user privacy. The company posted a video, embedded below, on TechNet Edge with the following description: 'Watch a demo on how Google Chrome collects every keystroke you make and how Internet Explorer 8 keeps your information private through two address bars and In Private browsing.' Microsoft's first criticism is Chrome's combining the address bar and the search box into a single entry box; IE8 keeps those fields separate. 'By keeping these boxes separate, your privacy is better protected and the addresses of the sites you're visiting aren't automatically shared with Microsoft, or anyone else,' says IE product manager Pete LePage."

Correct

[sopssa]

Pete LePage is spot on with this. The privacy intrusion by Chrome is outstanding. Every key you type to the address bar is sent to Google. Your Chrome installation has an personal UI number to track where you downloaded Chrome from, wherever you use it and how you use it.

I am still surprised how many people (even here on our geeky slashdot group who should know better) choose something based on it being offered for free, no matter what happens to their privacy. The same people who complain about casual people using Facebook and how much information they're putting there, and not realizing how much privacy they are losing by using Google's free products and search engine.

It's a known fact that every software needs to be funded in some way. Personally I rather choose a paid solution where I know my privacy wont be lost and I can save documents, emails, etc on my own hard drive instead of relying on cloud computing and all the marketing and privacy intrusion to make it possible. After all Google is a marketing company while Microsoft is an software company. The fact they're doing business by selling me a product instead of whoring to advertisers kind of shows that.

Re:Not Correct

[parallel_prankster]

Did you not read TFA at all ? You can not only choose which search provider to use the search suggestions, you can also turn off search suggestions in chrome !!

Re:Not Correct

[Enderandrew]

Chrome actually has a bunch of fine-grain privacy controls they added in the last release.

http://www.google.com/chrome/intl/en/more/privacy.html [google.com]

Re:Not Correct

[Runaway1956]

I've read the title of the summary, and dismissed it as an especially smelly load of swine shit. Every browser has it's own issues, and the user should be familiar with them. Yeah, all the browsers tend to keep records that are unnecessary. All the browsers tend to report data that is unnecessary, to websites, to developers, to the authors, if left on default settings.

But, for MICROSOFT to point fingers is just preposterous.

Maybe they can try again in 10 years, after they've created a clearly superior browser. I mean, CLEARLY superior to anything else on the market. When those of us who really dislike and/or hate microsoft HAVE to admit that their browser is at least as good as any of the competition, THEN MS can find fault with the competition.

Wait - did I say "10 years"? Hmmmmmm. More than likely, browsers will be obsolete before Microsoft makes the browser that is clearly superior to any competition that can be found.

Re:

[galego]

Exactly ... and as for suggestions ... they may be sending requests with keystrokes, but I would imagine they are not 'storing' them along with their order and identifiable data (They could be, but I doubt it). I would think that would be too unreliable and risky in terms of performance. Firefox does essentially the same thing via it's search box when Google and/or Yahoo are selected.

I bet they do store *queries*. A Request does not automatically equate to storing something in a database. Do MSN/BING/Yahoo

Re:Not Correct

[ChinggisK]

All of these settings are hidden in the advanced settings dialog

Bullshit. The search provider option is right on the first options tab. The search suggestions option is at the very top on the last tab (there are only 3 tabs), under the big blue "Privacy" label. Don't damage your own case by exaggerating the facts.

Re:Not Correct

[repka]

What's so hard to understand about this problem? Most users want to use suggestions only for their searches, not URLs they enter. Chrome only allows toggling suggestions for both.

Re:Not Correct

[ChinggisK]

That's a fine, legitimate argument. It becomes bullshit when you start suggesting that the options are "hidden in the advanced settings dialog" instead of just right there in the options menu. I'm just protesting the exaggeration.

Re:Not Correct

[shimage]

Assuming you didn't just pull that "90%" figure out of your ass, who cares? They obviously don't, and it's not my privacy they're dicking with. Besides, it's not like Google and every other search engine out there doesn't already store and analyze search queries (indexed by IP address). Is it that big a problem that Google or Bing or whatever knows what you are about to search for before you hit the enter key?

Re:Not Correct

[supremebob]

That said, most of that 90% of users who wouldn't bother changing the default options in Chrome probably wouldn't have Chrome to begin with. Most of those users would be using whatever browser came pre-installed on the PC that they ordered from Dell or picked up at Sam's Club, and many of them probably haven't even heard of Chrome yet.

My point is that Chrome already has a pretty advanced user base (advanced enough to know how to download and install a web browser, anyway), and they would know how to edit privacy options if they wanted to do so.

Re:

[Benaiah]

And 90% of all statistics are made up on the spot!

Re:Not Correct

[BobPaul]

What's so hard to understand about this problem? Most users want to use suggestions only for their searches, not URLs they enter.

Bullshit. Most users only use the search bars on Firefox and IE, anyway. And they frequently type URLs into them. If I had a nickel for every time I saw someone type "google" into the search bar, click the first result from MSN and then type a search...

Usage studies is how Google came to their cleaner interface. Your concerns about privacy are valid, and I wouldn't doubt that factored into their design decisions, but I wouldn't be surprised if the other browsers combined their bars eventually, too. We're already moving that way with FX's awesome-bar.

Re:

[Undead Waffle]

I still prefer the way Opera does it, which is if I want to search I can type "g " or "y " to search google or yahoo. I use this all the time. This way if I want to search using the bar it is explicit. On the other hand most people wouldn't bother to figure out such a feature even exists...

Re:Not Correct

[Anonymous Coward]

As somebody who personally knows people working on Chrome, I can assure you that data mining was not the goal of Chrome. Most engineers at Google are sincerely trying to make the Web a better place. That this actually helps Google is just a bonus for them.

Re:Not Correct

[DJRumpy]

To add to that, what is to stop a software vendor (MS) from simply gathering the information typed into ANY field in a browser. Whether they are in a combo field or not is irrelevant. What a ridiculous argument.

Re:

[repka]

They (M$) do collect this information locally if you have form auto-completion. But they don't send anywhere, unlike google.

Re:Not Correct

[DJRumpy]

You mean via the same mechanism where you type information into 'Bing', and then 'Bing' responds with your search results?

Most people don't type in 100 character URL's (I don't know of any) they either have it bookmarked, or they search for it via, you guess it, the search engine like Google, Bing, or whatnot.

Re:Not Correct

[Jazz-Masta]

They (M$) do collect this information locally if you have form auto-completion

Yes, and my MS Outlook 2007 collects my emails and stores them locally too! Bastards!

Re:Not Correct

[repka]

That's not true, if they wanted to keep it anonymous, they wouldn't send session cookie with each request. Yet they do. Session id is not required for auto-suggestions.

Once again they don't just receive everything you type in address bar, they also associate it with your session.

Re:

[Al Dimond]

Yeah, lots of engineers want to make the world a better place in some way.

They are paid by people with money in order to make them more of it. The "bonus" for the workers is that they keep their jobs.

Re:

[Vellmont]

As somebody who personally knows people working on Chrome, I can assure you that data mining was not the goal of Chrome. Most engineers at Google are sincerely trying to make the Web a better place. That this actually helps Google is just a bonus for them.

What, and the engineers working at Microsoft all cackle evilly muttering about sharks and laser beams as they plot to take over the software industry? The people working on a product are essentially never the ones with ill intent.

The intent of the people

Re:Not Correct

[Kugrian]

All of these settings are hidden in the advanced settings dialog

They aren't hidden, they're quite visible. 3 clicks show you them.

Re:

[Jazz-Masta]

All of these settings are hidden in the advanced settings dialog

They aren't hidden, they're quite visible. 3 clicks show you them.

I seem to recall it is 4 clicks to disable UAC in Windows, but remember how much of a stink that put up when it came out? It's all about the DEFAULT behaviour of a program that determines the software company's evil or not evil motives.

Re:Not Correct

[Simon80]

Well, Firefox's default behavior is to serve up your keystrokes to google as well, so I think the main point is that all three browsers' defaults aren't privacy friendly.

Re:Not Correct

[bonch]

It's useless. Most Slashdotters have their heads so far up Google's ass, nothing you say will reach their ears. This is a company that indexes everything forever, including your email and IM conversations. It gets praised as some "open source company" when its main product--its search engine and advertising platform--is as closed as Windows. It only uses open source products to get people onto its proprietary advertising platform.

Re:

[Bigjeff5]

how many users you think are going to check those just to know their privacy isn't violated?

All of them that are that anal about their privacy will.

Most of us, frankly, don't care if Google knows what addresses we've been putting into the address bar. It's not that big a deal. I could see terrorists or industrial spies not wanting to use chrome, but really, for most people this is not the kind of "privacy issue" that has them concerned. I use Google exclusively for my searches, so what difference is the address bar going to make? Get a grip, I and most others already trust them with far greate

Re:Not Correct

[SanityInAnarchy]

The fact is, Chrome is the most privacy intrusive browser

Firefox's Awesome Bar does the exact same thing, by default. IE's anti-phishing sends every URL you visit to Microsoft.

Re:Not Correct

[Torodung]

Um, Firefox's address bar searches your local bookmarks and history. The "suggestions" are from your own locally stored browsing habits, which you can burn to the ground with every exit if you like.

--
Toro

Security is NOT an issue with The Cloud.

[Anonymous Coward]

Wait a minute. I'm a manager, and I've been reading a lot of case studies and watching a lot of webcasts about The Cloud. Based on all of this glorious marketing literature, I, as a manager, have absolutely no reason to doubt the safety of any data put in The Cloud.

The case studies all use words like "secure", "MD5", "RSS feeds" and "encryption" to describe the security of The Cloud. I don't know about you, but that sounds damn secure to me! Some Clouds even use SSL and HTTP. That's rock solid in my book.

And don't forget that you have to use Web Services to access The Cloud. Nothing is more secure than SOA and Web Services, with the exception of perhaps SaaS. But I think that Cloud Services 2.0 will combine the tiers into an MVC-compliant stack that uses SaaS to increase the security and partitioning of the data.

My main concern isn't with the security of The Cloud, but rather with getting my Indian team to learn all about it so we can deploy some first-generation The Cloud applications and Web Services to provide the ultimate platform upon which we can layer our business intelligence and reporting, because there are still a few verticals that we need to leverage before we can move to The Cloud 2.0.

A Koan

[arielCo]

If a joke is told and no one gets it, does it WHOOSH?

Re:

[blackraven14250]

I'd venture and say yes it does WHOOSH, but nobody hears it. Unfortunately, I can't confirm that result as there was no observer attuned to the frequency of WHOOSH...

Re:A Koan

[LoverOfJoy]

Are you sure it's a joke? I've worked for several managers who sound just like that. And they're 100% serious.

And would those same managers be posting on slashdot? Even if they were to somehow find their way here, they wouldn't be posting as an anonymous coward. They'd post under a username like PowerBoss2000. At least that's the impression I get from watching The Office. Maybe I should get back to searching for a job.

Re:Correct

[Jaysyn]

Personally I rather choose a paid solution where I know my privacy wont be lost and I can save documents, emails, etc on my own hard drive instead of relying on cloud computing and all the marketing and privacy intrusion to make it possible.

You do that. I'll stick with Firefox, thanks.

Re:Correct

[red456]

do you not think that Firefox is becoming the new IE? If I can remember correctly through my drunken history of the last 8 years, Firefox was first promoted as an alternative the bloated Mozilla - and quite rightly so. Recently though, despite all the releases and the announcements on brand new 10x-faster JavaScript interpreters I find it's bogging down to an almost unusable level.
Once upon a time there used to be configuration to permit or deny javascript to run - now this is split into 12 different parameters, 7 of which are hidden behind the about:config screen. The default is now for pages to be able to open windows hiding the menu and status bar. WTF?
Once upon a time there used to an option to open new pages as a tab or in a new window - now this is split into 2 different parameters (browser.link.open_newwindow and browser.link.open_newwindow_restriction) which make no sense to anybody.
Do you expect 'backspace' to go 'backwards' in your browsing history? Everybody does - on all browsers, except for the Linux release of Firefox - for no understandable reason they decided that the Linux Firefox should do nothing upon pressing backspace, but all other versions should continue the convention.
Do you actively use the overly complicated features of the re-written Bookmarks functionality on Firefox 3.x? I don't, nobody in my office (20 people) does. Everybody hate it.
And lastly... privacy. Firefox 3.x made a real big push for 'privacy'. They said 'you can toggle private browsing on and off' - and 'you can delete browsing history over the last hour, day, month etc..". SUPER LIE. Try deleting your history (everything!) then go to your .mozilla/firefox/{UID}.profile directory. Now...try running 'strings' on your places.sqlite file and try running strings on the files in the bookmarkbackups directory. Yeh, privacy, HUH?

Re:Correct

[Trinn]

I've accidentally gone back while filling out a major form (that won't remember its state on a click of forward) enough times to want to simply remove the backspace key from my keyboard. I am happy to hear someone's getting rid of this asinine default. cmd/alt-left/right are fine. backspace has a specific meaning that has nothing to do with history navigation.

Re:

[SanityInAnarchy]

do you not think that Firefox is becoming the new IE?

Well, seeing as Firefox supports HTML5 and web standards well enough for me to create pages that work as well in Firefox as they do in Chrome, Safari, Opera, etc... ...and said pages break in IE, and only in IE...

When Firefox starts breaking the fucking Internet, it will be the new IE, and not before.

Re:

[Spewns]

So then what is a good browser? I do value privacy so I don't use Chrome (I figure google can have either my search history or web browsing history but not both, and adblock for Chrome really sucks). I hate ads so I don't use Opera (the adblock solution also sucks). I don't care about bloat, but I do care about speed, and firefox is the slowest of the main browsers I use (I do not use IE8). The four things I care about are security, ad-blocking, speed, and privacy. It looks like this is another case of "choose 3 out of 4".

1. Take off the tin foil hat and spend 5 seconds disabling whatever it is that offends you in the clearly labeled and displayed Privacy settings in Chrome.
2. Download a good hosts adblocking file [someonewhocares.org].
3. Download a good extension that'll hide the blocked elements and text ads [google.com].
4. Enjoy using a blazingly fast and responsive, free browser.

Or if you're still paranoid that Google is using Chrome to hijack your life, you could even do this:
1. Download Opera.
2. Use this guy's stuff [fanboy.co.nz].

Re:

[Lux]

I have no idea why people who wouldn't buy a television that was designed, built, or sold by an advertizing company so commonly choose to use a web browser that was designed, built, and given away for free by an advertizing company.

Re:

[Anonymous Coward]

I hope so, they might be able to start recommending some better, hotter, stuff for my pleasuring!

Re:Correct

[sopssa]

I'm assuming you didn't actually read the article because you wanted to look like a jackass.

And what did you wanted me to read about it? This?

We downloaded Fiddler to make some comparisons of our own. As we suspected, Chrome can be set to send information on every keystroke to Bing (or any other search engine that supports Search Suggestions) instead of Google. The same behavior occurs in IE8, but only in the search bar. LePage is only correct in his assertion that IE8 does not send information to anyone when the user types into the address bar.

The last sentence is a major point.

Re:

[Nadaka]

Not really.

username:password@www.whatever.net is something you might type into the url bar that would pose a very real security threat when shared. Google search terms are automatically published and your login information would be accessible to anyone.

Re:

[Handlarn]

Except that they filter out any user data and passwords when they publish the search terms. Any other situation would have generated a huge outcry by now. Try finding any login information this way yourself and you'll notice it can't be found.

Re:

[Rockoon]

Except that they filter out any user data and passwords when they publish the search terms.

So you are safe with Chrome as long as you search with Google? If you use Chrome to search with Bing, or SuperPornFinder, you arent?

Re:

[fluffy99]

Not really.

username:password@www.whatever.net is something you might type into the url bar that would pose a very real security threat when shared. Google search terms are automatically published and your login information would be accessible to anyone.

Considering that Internet explorer stopped supporting that method of sending credentials in 2004, I don't think its an issue.
http://support.microsoft.com/kb/834489 [microsoft.com].

Re:

[Anonymous Coward]

Actually, you should have noted that the behavior is entirely CONFIGURABLE by the end user. That would have been a nice detail to pick up. It also would have been nice if you noted that IE8 does exactly the same thing when you type in it's search bar. So IE8 doesn't send the URLs you're typing to a suggestion service. Do you really care that much? If so, turn off the suggestion service. Wrench menu -> Options -> "Use suggestion service to help complete search and URLs typed in the address bar".

Re:

[sopssa]

Actually you are spot on, but for other reasons.

With Facebook you choose what information you put or post there.

With Google you do not - they have what you have typed to address bar, what you have searched for, what your emails contain, what sites you visit, how you're there, what you do (analytics) and so on..

Actually both Google and Microsoft are worried about this - see my subscription here [slashdot.org] for a request to change relating laws.

Look....

[Darkness404]

Even if Chrome -was- violating your privacy, why switch to IE? Especially when there is Firefox... Myself I don't like using Chrome because it is not customizable the way Firefox is. You can't even change history settings on Chrome!

Re:

[the_humeister]

Well, that and your keystrokes are sent to Google...

YOU CAN TURN IT OFF.

[ivucica]

Unless you go to Preferences->Advanced and turn off the appropriate option in the Privacy category.

Or am I missing something major here? Is it possible that most people on /. didn't see that option? I saw only a comment or two mentioning that.

Re:

[tftp]

Unless you go to Preferences->Advanced and turn off the appropriate option in the Privacy category.

It would help if you were a bit more specific what browser you are talking about, and what the "appropriate option" is called. There is nothing like that in Chrome; no "Preferences" in FF; and IE has "Tools | Internet Options | Advanced" and there are 50 options; which one is appropriate is anyone's guess (and none of the categories is called "Privacy".) If you name it then it's possible to debate its va

Re:

[Skarecrow77]

I don't like chrome because:

A. It's incredibly god damn slow, like the "I'm sure this must be broken, it's so amazingly slow". I was having a problem earlier with a page in firefox, so I loaded up chrome to see if the page had issues there. It was so slow that I gave up, loaded up my 10.04 beta VM, loaded up firefox in that, and checked the page there. It was faster to do that. really. REALLY. I'm not kidding.

B. "Adblock" in chrome is trash. The ads are still there, they're just not flashing at you. If I mi

Re:Look....

[zegota]

Are you kidding? That first comment surprises me. Speed is the reason I switched to Chrome. It's so much faster than Firefox, it's not even funny. It sounds like the single page you tested your speed premise on had some issues. You might want to expand your sample.

Re:

[civilizedINTENSITY]

Agreed. Speed is the main reason I switched to Chrome. Speed is the main reason why everyone I know who has switched to Chrome decided to switch.

Re:

[shutdown -p now]

Don't use Windows, I use ubuntu 9.04

The most likely explanation for your troubles is the problem that recent Ubuntu releases have with IPv6 with some non-conformant (but very common) home routers. Here [launchpad.net] is the Launchpad bug for this.

If so, the reason why Firefox works fine for you in the meantime may be that you have network.dns.disableIPv6 option enabled in it (check in about:config).

Re:

[AaronW]

I love Chrome because it's so fast and doesn't have all the bloat that's crept into Firefox. It's more stable than Firefox and I like the single search bar. Granted, I still think it could use improvement in a number of areas, but Firefox also has a lot of really annoying quirks to it.

On my netbook I will only use Chrome. It's far more efficient with the limited screen real estate than Firefox, plus with the slower processor the difference is night and day.

Something is really wrong if Chrome is so slow on y

Re:

[victorhooi]

heya,

I think there must be something funky in your setup. Like, really...lol. Chrome is blazing fast where I am - on work computers, on my laptop (under both Windows 7 and Arch Linux). Firefox, on the other hand, feature-packed as it can be, is a bloated nightmare, chewing up RAM, and lagging like molasses. It's fine when your number of tabs is low (I think I'm not the only one, popular consensus with me is on this, pretty much everybody that tries it finds Chrome to be faster - feature-lacking yeah, but s

Re:

[amicusNYCL]

Even if Chrome -was- violating your privacy, why switch to IE? Especially when there is Firefox.

This may come as a huge shock, but not everyone likes nor enjoys using Firefox.

Re:

[16384]

And besides, who sponsors firefox? Various google "features" creep into the browser, and it takes some effort to disable them. I still use firefox though (what else is there, really?).

Re:

[Jaysyn]

Use it daily, does everything I need. In fact, I doubt I could get along without it anymore due to the awesome extensions. As for bloat, nothing as trivial as a browser is bloated when you have more than 2 GB of RAM.

Re:Look....

[amicusNYCL]

I'm not real sure if taking up 900+MB of RAM and 1+GB of VM can really be considered "trivial". I was playing Crysis once and alt-tabbed out of it to figure out why everything was so choppy, and Firefox was using more resources than Crysis.

Re:

[jo42]

And when you looked closer, you saw that Flash was taking up 99% of those resources in Firefox.

Re:Look....

[amicusNYCL]

No, actually I didn't look closer, because it doesn't really matter specifically which part of the application or which plugin is causing the problems, does it? The end result is the same. If Flash was such a problem then I would expect the same memory usage in every browser using Flash. In fact, considering the fact that other browsers use the exact same plugin which Firefox does for Flash, but don't exhibit the same problems, doesn't that sort of rule out Flash alone as the culprit? Wouldn't it be more likely that the problem is a combination between Firefox and something else? The common denominator is Firefox, not Flash.

Re:Look....

[icebraining]

Bu not Opera Mini, which routes all your traffic through their proxys. http://www.opera.com/mobile/help/faq/#security [opera.com] (third question).

Re:

[dangitman]

They're just pointing out how Chrome steals your privacy to further Google's datamining and pleasuring their advertisers.

While also saying that IE has better security and suggesting that you should use IE instead. How is that not saying you should switch to IE?

Hello, Mr. Pot?

[WrongSizeGlass]

Let me introduce you to Mr Kettle. But, you two should be very well acquainted by now anyway.

If this is the best MS can do then they need to work on their game. I expect the whole MS/Apple/Google wars to get ugly.

Re:

[Ironhandx]

The unfortunate thing here is that when it comes to google, they really don't have much else.

Re:

[c++0xFF]

Exactly. While it's not nearly so explicit, MS has been able to collect the web addresses you enter into the address bar. Ever fat finger an address? Ever get sent to a MS search page instead? Enough data on typos can give you some good data on the addresses you meant to type in.

Google went the next step and does the search on all addresses, not just bad ones. People also enter addresses into the search field, too. It's just that Google made the relationship between the address bar and search bar more

this is news?

[alen]

Google wants to know everything you do. from the user opinions i've read about the Nexus One it sounds like Google is doing the same thing there. Along with Google Wave. they want to know everything you type in and keep a record of it

Re:

[kronosopher]

Google Wave uses AJAX to show other users in your wave what you're typing as you type it. This does not mean "they want to know everything you type". It's a feature, and a tool. Like any tool it can be used for both benevolent and malevolent purposes, but itself is not inherently either.

Bogus argument

[FranTaylor]

"By keeping these boxes separate, your privacy is better protected"

Umm, the boxes are all controlled by the same program, so whether or not there is physical separation between them (does that have any meaning in a user interface?) has nothing to do with whether or not the data is collected or not.

This guy is a product manager?

Re:Bogus argument

[nmb3000]

Umm, the boxes are all controlled by the same program, so whether or not there is physical separation between them (does that have any meaning in a user interface?) has nothing to do with whether or not the data is collected or not.

And you don't understand the problem. This isn't a trust issue with the Chrome application. If it was, you would have lost the battle as soon as you installed it on your computer. This is a privacy problem (a recurring theme with Google's applications).

The issue that MS is pointing out is that because Chrome combines the address bar and the search box, when you start typing hotmidgetoatmealpor, that information is sent directly to Google so they can do auto-completion/auto-searching. Where it is associated with you. And saved. Forever.

In IE, the search box is a separate entity, and you can turn search suggestions on or off for each search provider. Because of this, the only information sent to MS (or whatever search provider you use) is what you type in the search box. You can visit whatever URLs you want to and Bing/Yahoo/Google will never know about them.

Honestly though, I still struggle to figure out what the point of search suggestions are. I suppose they're helpful for people who don't know what they're looking for, but when I go to Google, I already know what I'm going to search for -- that's why I'm there! That said, I suppose it does provide some entertainment [googlelolz.com].

Re:

[AuMatar]

Just as a side point- there's some browsers such as seamonkey which use a single edit box, but don't do search hints, and thus don't send the per keystroke data to google. This is my preference- less UI clutter with total privacy.

Re:

[D Ninja]

Because of this, the only information sent to MS (or whatever search provider you use) is what you type in the search box. You can visit whatever URLs you want to and Bing/Yahoo/Google will never know about them.

Or, so Microsoft says. They could still be sending data behind the scenes and just not showing you that they're doing that. (And, I realize you are saying this is a privacy vs. trust issue - to me it's sort of the same thing.) Not being visible in the user interface != not happening at all.

Re:Bogus argument

[Anonymous Coward]

The issue that MS is pointing out is that because Chrome combines the address bar and the search box, when you start typing hotmidgetoatmealpor, that information is sent directly to Google so they can do auto-completion/auto-searching. Where it is associated with you. And saved. Forever.

From Google's Privacy Blog [blogspot.com] (in 2008):

That's what occurs on the surface of Google Suggest. Here's what happens under the hood. To provide its recommendations Google Suggest needs to know what you've already typed, so these partial queries are sent to Google. For 98% of these requests, we don't log any data at all and simply return the suggestions. For the remaining 2% of cases (which we select randomly), we do log data, like IP addresses, in order to monitor and improve the service.

However, given the concerns that have been raised about Google storing this information -- and its limited potential use -- we decided that we will anonymize it within about 24 hours (basically, as soon as we practically can) in the 2% of Google Suggest requests we use. This will take a little time to implement, but we expect it to be in place before the end of the month.

Suggestion service can be disabled

[Anonymous Coward]

You can un-check the option to use the auto-completion suggestion service for anything you type in the omnibox. Its under Options->Under the hood. At least, that's the case for the latest beta releases. I just started using Chrome and have only used the latest beta software, which is extremely stable.

Re:

[CrashandDie]

Separating these two is a huge thing. As it is with Chrome, Google knows everything you've typed in and what websites you have visited. With other browsers (with separated address and search bars) they only know what you're typing to the search query box. Major difference.

No, it's not. Any developer knows that you could very well have both inputs being sent continuously to whomever they want. Also, you'd be amazed at the number of people who type the URL in the search box anyway. You'd be even more amazed at the sheer number of people who type their URLs in the search box of their Google homepage.

People don't like URLs. Google has become the new DNS.

Re:

[Rockoon]

No, it's not. Any developer knows that you could very well have both inputs being sent continuously to whomever they want.

You are missing it.

The search box *is* sent continuously, in both browsers.

Whereas with an address bar, you are right, "it could be sent continuously"

One of these things is not like the other.

Re:

[nobodyman]

Yes, it *is* a big difference. And I think you fail to appreciate the significance here. Under default settings, Chrome is effectively sending your entire browsing history to Google. I don't like this.

You'd be even more amazed at the sheer number of people who type their URLs in the search box of their Google homepage.

These people aren't the ones using Chrome, are they?

Re:Bogus argument

[vux984]

Hint: Your ISP (or whoever's endpoint your VPN tunnel comes out on) sees all this stuff anyway.

They have a direct legitimate need to see it. That is precisely the service I am paying them to provide. And while I suppose my ISP *could* be using the information to build a profile on me, where i go, what email i send, who i send it to, etc, etc... I'm actually quite confident they aren't actually doing this. I know people who work for the ISP. I know a great deal about how they are setup. So... yes... they could... but they don't. I could be wrong but then a lot of people I know who should know are ignorant and / or lying. Occam's razor....

Google on the other hand... is doing this. That's their business model. That's what they do. That's all they do.

Hint 2: You aren't important enough for anyone to care.

Really? Trotting that one out?

Your wrong. Build a profile on the average person... and people will check it out. Someone *always* cares. Friends, class mates, fellow employees, girlfriends, ex-girlfriends, employers, insurance companies...

Remember the bit of scandal when it came to light that facebook employees could and did (and probably still do) read so-called 'private data'. Build a database of this stuff, and sooner or later it will be abused by someone.

Let me be the first to say...

[kaffiene]

Meh!

I don't care. I know the deal with Google. Everyone knows the deal with Google - they mine your data so they can target ads, you get useful software.

I don't mind Google's targeted ads so I feel no need for a tinfoil hat over this one.

If Google were trying to break into my bank account, I'd be worried, but I don't fear non-obtrusive advertising.

Re:

[Rivalz]

I'm with you and to be honest it is more about perception of the company than anything else really.

When I upgraded to IE 8, their questioneer about what I want IE to do. Everything microsoft related was disabled.
If google wants to collect data I could care less because I have a fuzzy warm trust feeling when I use their software.
Microsoft on the other hand I feel like I have to keep them at bay.

Same with other companies even ones I trust to provide antivirus software, handle my accounting ect. I just don't p

Re:

[vux984]

"If google wants to collect data I could care less because I have a fuzzy warm trust feeling when I use their software."

What happens when they burn your trust? Bit late to take all your information back. Oops.

That warm fuzzy trust feeling...its called good will. They are trading on that. Its an entry on their balance sheet. Its valuable to them. But they'll sell it tomorrow for the right price.

What if they're hacked (again)?

And who knows what direction the next CEO will go? What if their advertising revenue

Re:

[Nerdfest]

I'd rather have Google get my information that all the malware using the frequent IE exploits. That may eventually change, but currently ... I'd stick with Chrome over IE.

Microsoft privacy policy

[Anonymous Coward]

Has anyone ever tried to implment the Microsoft privacy policy? Here is one guy who did. [privacy.net]

Chrome under Linux.

[headkase]

I use Chrome under Linux simply because the fonts look beautiful. I also never type stuff into the address bar - that's what all my bookmarks are for. When I actually am looking for something I use, tada, Google anyway. I am fully connected to a whole wack of Google services so I'm sure they know everything I do. So what. Google is benevolent and any information that could actually be used against you will be gathered anyway by someone with the motivation and resources no matter what browser you use. Now if I get a shiver up my spine I go into the tools menu and choose: "Incognito Window" and for every keystroke being entered into the address bar you can turn that off as well by turning off the suggestion service. So, if you don't use it correctly when privacy matters to you then there are privacy concerns. If you change the convenient settings the privacy concerns go away. Harping on Chrome for its suggestion features is a straw-man, if you want to talk real privacy issues then you talk about Cloud services themselves and laws about whether or not warrants are needed for them and also under privacy you talk about how easily compromised the browser is to leak your information. The address bar and suggestion services are just cross-camp sniping: they are easily changed to what you value if you have half a brain cell. Marketing.

Re:

[Nerdfest]

So far, I consider the services I get from Google to be a fair trade for the information they get from me.

Big deal

[nashv]

Oh, so you mean the morons who are typing "My bank account number is 223344" or "My credit card is visa 2303232300022000 from citibank with cvv 100" into the address bar of their browser have a serious problem ?

Gosh, who knew.

Privacy

[Idiomatick]

If you search for everything with google anyways this shouldn't worry you. If you send data to your ISP unencrypted which almost everyone does you shouldn't be too worried. If you allow cookies this shouldn't really bug you. If you use facebook/myspace or some regular social media you shouldn't care at all. I'm sure there is a long list of other crap invading your privacy as well. I'm not saying it doesn't matter, I agree with MS. Just, there is lots of crap data mining you, live with it or become a hermit.

Redeeculous distinction

[Ancient_Hacker]

Let's try to think clearly here.

Microsoft seems to be saying that you have more privacy when you type a URL into their address bar.

But that just means that your DNS server is now the "evil" thing that knows every place you've visited.

And of course your ISP can trap every URL you access.

So if you use Microsoft's model, you've just hidden from Google, but still exposed to your perhaps Ma and Pa ISP and DNS providers.

another web page.

So it doesn't respect user privacy

[Stan Vassilev]

So, if I get this right... when you use Chrome, you're in risk that it will track your every Google search, your every Gmail mail, your every YouTube video, your every Blogger comment, your every Google Groups post, your every Picasa picture, your every visit on sites using Google Analytics, and while we're at it, they also have a deal with Twitter to get your every tweet and they crawled your every website page.

In short, Google got you long before you started using Chrome. Using any other browser. You may

Obnoxious Motherfuckers

[dangitman]

Just when you think you've seen everything from Microsoft they go and outdo themselves. They really are a bunch of obnoxious motherfuckers, who wouldn't know quality or taste if it slapped them in their monkey-dancing faces.

Re:Obnoxious Motherfuckers

[Rantastic]

What this really means is that Microsoft is scared shitless. Anyone who really cares about security and privacy left Windows and Microsoft behind a long time ago.

Spin

[vikstar]

Earlier that day at Microsoft...
"Hey Pete, we can't get the combined search and address bar to work properly"
"Hmm. Ok, don't worry, we'll just spin it as a security feature".

Easy Fix

[kemushi88]

At least on the OS X version...

Preferences -> Under the Hood -> Uncheck "Use a suggestion service to help complete searches and URLs typed in the address bar"

Gee! Thanks Microsoft..

[countertrolling]

So Chrome is a keylogger. Most of the new commercial stuff probably is. Nobody seems to care enough to do some deep checking...

Exactly why do people trust google

[nibbles2004]

actually as someone who has researched this , Microsoft are actually correct, and Google are the bad guys here, sorry to break it to you, but whats the difference between a company worth $billions and $slightly less Billions, so exactly why do you trust Google more than Microsoft, did Ms rob your house last and torture your kitten, I see nothing but sheep here at slashdot, i fear google far more than MS,IBM or Apple (last one open to debate). time for a new search engine as that's all they really do and it

*source code*

[GNUALMAFUERTE]

What a lame attempt, microsoft ...

1) - If you use explorer, you are using windows. The chances of someone exploiting your browser and getting access to all your files is 90%
          - You can use Chrome in Mac or GNU/Linux. Both Chrome and your OS keep your data secure

2) - I have the source code for Chrome (Chromium) and I can study it, make sure it's safe, or change whatever I want. Also, I know the community has reviewed it, and the company is not trying to hid anything behind a binary
          - I don't have the source of explorer, and microsoft has a huge history of phoning home and spying on users

3 - Chrome is standards compliant, so there's no vendor tie-in. If I find something I don't like, I can move on to another browser
          - Explorer is platform specific, and non compliant with standards. That means, if I develop anything for it, it'll probably be incompatible with other browsers and moving away will be hard.

Sorry microsoft, Google published the source code for their browser, it's well developed, multi-platform, they'll take my patches and if they are good implement them on their source, and they are open and transparent about everything the browser does. They are doing all the right things, and I just love this browser.

Re:*source code*

[EnglishTim]

Did you even read the article? Did you even read the summary?

Yes, you may be able to get the source of Chrome, but you don't have the source of the search provider that it connects to. Microsoft's point is that if you're using Chrome, any URL you type in is sent to Google (by default, anyway) and you don't know what happens to information when it gets there.

So...Use Iron

[argStyopa]

Use SRWare's Iron.

It's google Chrome without the reporting bits (and actually with newer rendering java, so it's actually faster).

It's screamingly fast, and emulates IE-dedicated pages (including nasties like MS Webmail) far better than Firefox. I love it.

Re:

[Bigjeff5]

I've never tried Google Chrome, but now I never will unless they take this "feature" out.

They've already given you the option to disable it, good night.

Don't you do your searches with Google? You can't tell me you use Bing... This is trivial compared to your search history.

You also trust your ISP with everything you do on the net, I don't see you disconnecting your internet for that "invasion" of your privacy.

Seriously, you people need to get a grip. There isn't one person in ten thousand who's address bar history is so important that they'd actually care to dig it up and link it to you dire