Hacker News new | past | comments | ask | show | jobs | submit login
Chromium calls home even in incognito mode with safe browsing turned off (debian.org)
450 points by calpaterson on Oct 22, 2015 | hide | past | favorite | 155 comments



Chrome can log SSL keys if you want. There's need to speculate about "unknown" data.

https://www.imperialviolet.org/2012/06/25/wireshark.html


I'll add that I can't find a report of this issue upstream on the Chromium issue tracker. :/

If we remember the hotword detection issue from a few months ago, once the issue was filed, Chrome engineers responded rather quickly. (As of today, hotword detection is 100% removed not just from Chromium but Chrome as well).

If anyone can reproduce this issue, I'd like to help getting it filed so we can determine what's going on.

Edit: We've found the upstream issue: http://crbug.com/498272 In it, we've isolated two separate pings in this scenario. One is to grab an experiment status; we're looking into if this is neccessary. The other ping is for the component updater, to evaluate if your Chrome extensions should be updated. Neither of these pings report what sites you are visiting to Google.


Great response IMO. Thanks Paul!


I don't think that chromium should call home at all but incognito mode is not about this... it is about not leaving traces of your browsing history on the local computer.


Agreed. They actually specifically say that when you open an incognito tab...


There's an implicit corollary that, if your trying to avoid leaving behind traces of activity on your own computer, you probably would also like to minimize traces of activity left behind on other computers as well.

This might carry the expectation that unintentional interactions with other systems should be eliminated, since, the fewer systems touched, means the fewer traces of said activity there are in the entire world, no?


That is a common misconception, but bears no resemblance to reality. As the other commenter noted, incognito mode (for any browser) only concerns with the local machine.

What you mentioned, "minimize traces of activity left behind on other computers as well", is a difficult task. Attempting to do so requires more advanced techniques that entail tough compromises. Consider using Tor, you are anonymous to the endpoint (e.g. the website you visit does not have your IP), but confidential data is not safe from prying eyes in the process. Alternatively you can use some sort of crypt to sign and encrypt your connection... your data is safe from prying eyes (potentially verified as well) but you are no longer anonymous. This can all be mitigated to some extent, but it is well outside the scope of a browser.


Certainly is an echo chamber in this whole thread.

Count the motivations to resist alterations that would doubtless improve Chromium's respect for privacy.


> Count the motivations to resist alterations that would doubtless improve Chromium's respect for privacy.

That's a very indirect way of explaining motivations. I am certain that there are conflicting requirements that have tradeoff and not as black-and-white as you make it seem.

Firefox is a great contrast to Chromium since they are likely to have greater respect for privacy. Is there a privacy aspect that Chromium lags significantly behind Firefox? If not, then your hypothesis (on motivation) is wrong (proof by contradiction: Mozilla doesn't have the same motivations)


If they were true, they would disable cookies, as they allow servers to track you. But they do not. They just make sure the cookies are not stored on the computer.

Thus the point is to avoid leaving traces on the computer, not the server.


None of this precludes the capacity to alter the program's behavior, except the willingness of the developers.


But what is home?


Google


Baby don't spy on me, don't spy on me

No more.


Who?


Haddaway.


Chromium is an open source branch of chrome, offered as a convenience. It is not a standalone product with its own goals. Shouldn't there be a "Chromium-Privacy" project that branches Chromium and reviews code changes, to keep it aligned with such goals?


> Shouldn't there be a "Chromium-Privacy" project that branches Chromium and reviews code changes, to keep it aligned with such goals?

Maybe Iridium is what you're looking for. From their fp:

> Iridium is a free, open, and libre browser modification of the Chromium code base, with privacy being enhanced in several key areas. Automatic transmission of partial queries, keywords, metrics to central services inhibited and only occurs with consent. In addition, all our builds are reproducible, and modifications are auditable, setting the project ahead of other secure browser providers.

https://iridiumbrowser.de/


Unfortunately these forks -- of which there are many -- often fall behind Chromium's security updates and even introduce serious bugs of their own. E.g. "WhiteHat Aviator", another "security-oriented" fork, had this fiasco:

https://plus.google.com/+JustinSchuh/posts/69qw9wZVH8z

Maybe Iridium has a better record but with so few eyes on them it's hard to have much confidence.

Probably the best thing to do if you're worried about Chromium spying on you is to use Firefox.


More went wrong with Aviator than that: they munged up the code rebranding it and made it much harder to track upstream. It also didn't start out open source!


It's not a branch. It is the base of Chrome. See the sibling comment from mod here: https://news.ycombinator.com/item?id=10433435


Have you ever tried hacking on any of Google's "open source" projects? Android is ~100GB just to download for example, but I think chromium is smaller.


Privacy is not in Google's interests, so they aren't likely to help with any such effort, and I suspect the number of non-Google contributors is pretty low.


>It is not a standalone product with its own goals.

Uh, what?

>Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. [0]

[0] https://www.chromium.org/Home


> Chromium is the name we have given to the open source project and the browser source code that we released and maintain at www.chromium.org. One can compile this source code to get a fully working browser. Google takes this source code, and adds on the Google name and logo, an auto-updater system called GoogleUpdate, and RLZ (described later in this post), and calls this Google Chrome. As such, everything which applies to Chromium below also applies to Google Chrome

http://blog.chromium.org/2008/10/google-chrome-chromium-and-...


Yep, it's its own project. Google then takes that project and wraps their proprietary pieces around it.


Yep, that AS is Google:

    $ whois 2a00:1450:4009:80c::200d
    [snip]
    inet6num:       2a00:1450::/29
    netname:        IE-GOOGLE-20091005
    descr:          Google Ireland Limited
    country:        IE
    org:            ORG-GIL4-RIPE


If you're using incognito mode for anything more than not recording local browser history, I think you're using it wrong.


I use incognito mode to get Chrome (or Firefox) to pretend to have an empty cookie jar. So that I can log into some site again with a different account, for example.


I stand corrected. No local history + cookies then.


And making sure there is nothing cached


And seeing a website as a first-time visitor to make sure the color of non-visited links is OK


Just an FYI there is a pretty neat chrome extension called Click and Clean, it allows you to whitelist cookies and deletes the rest with the click of a button. Good for web development, etc.


I routinely use it to test alternate logins, given that it behaves as a separate browser session.


and to prevent installed extensions from running.


What's this about?

The link doesn't contain any useful information besides that Chromium was somehow opened "in incognito mode" (there's no such thing, incognito mode applies to windows, not browser itself) and there are some connections spotted. No information whenever Chromium had sync enabled, whenever it has Google account associated, whenever it has any extensions installed, etc.

Say, I see a C2DM connection to get push notifications about updates. Whenever it's legit or not depends on the context. If browser's core has logged in user and a bunch of extensions installed, I'd say it's a bug if said connection is not present, even if no non-incognito windows are open at the moment.


Maybe it's updating its list of sites that are known to be infected with malicious code? Firefox does this, and it seems like a good idea to me. (I wish it didn't.) How is Chromium's malicious site filtering implemented?

It's good to be transparent about this, but maybe this is something legitimate and safe that's already documented, and the Debian user and maintainer just haven't found the documentation yet.


That's what "safe browsing turned off" (or "malware protection" in the report text) is ruling out.


Oh, thanks! I didn't understand that part.



No, the hotword component has been removed.

https://productforums.google.com/forum/#!topic/chrome/6wIqlx...


Using a web browser from a company basing most of its income on web advertising does come with such unpleasantness.

I was hoping mozilla would have their users' back, but a default install of Firefox also makes multiple connections to mozilla, google and other domains when started. Some extensions (notably NoScript and Ghostery) ping the mothership.

Safari connects to configuration.apple.com and the google website blacklist. uBlock for Safari tries to update itself even if no one asked it to.

Later edit: I have been told that I am perhaps being unfair to Mozilla. Let's see - I started reading https://support.mozilla.org/en-US/kb/how-stop-firefox-making..., to see how I can stop Firefox from connecting to servers without being requested to. While it's nice that they provide this page, this article's breadth only serves to prove that this browser is out of control when it comes to making connections to servers by itself.

I have the following settings:

* disabled Firefox health report

* disabled crash reporting

* never check for updates

* do not check for addon updates

* block reported attack sites

* block reported forgeries

After reading the page, it turns out that I also have to disable the following from about:config:

* the addons blocklist

* link prefetching

* DNS prefetching

* speculative pre-connections

* firefox Hello

* tiles, even if they were already disabled from the UI

* the default search engine geo-location

* the what's new page

* add-on metadata updating

* the heartbeat

For reference, here are the connections that Firefox tries to establish immediately after startup:

Outgoing to self-repair.mozilla.org (54.230.200.16), Port https (443), Protocol TCP (6), 0 B sent, 0 B received

Outgoing to shavar.prod.mozaws.net (52.26.89.67), Port https (443), Protocol TCP (6), 0 B sent, 0 B received

Outgoing to safebrowsing.google.com (2a00:1450:4001:809::1005), Port https (443), Protocol TCP (6), 0 B sent, 0 B received

Outgoing to tiles.r53-2.services.mozilla.com (52.25.98.110), Port https (443), Protocol TCP (6), 0 B sent, 0 B received

Outgoing to cmp-cdn.ghostery.com (54.152.180.212), Port https (443), Protocol TCP (6), 0 B sent, 0 B received

Outgoing to search.services.mozilla.com (54.69.18.27), Port https (443), Protocol TCP (6), 0 B sent, 0 B received


I was hoping mozilla would have their users' back, but a default install of Firefox also makes multiple connections to mozilla, google and other domains when started.

Firefox checks for updates, and will update the malware/phishing databases a bit after startup. That's actually the same SafeBrowsing the OP mentions. All of this can be toggled. I'm not sure what your vague "other domains" is.

I'm a bit puzzled at the extreme shortsightedness of a browser checking for security updates being branded as "not having their users' back".


Isn't also shortsighted to expect every application to implement its own system for checking for security updates? Wouldn't it be more secure to have this managed by the OS or a package manager instead of hoping every application does it correctly?


That depends on whether the OS or package manager does a better job of providing security updates, or the application does.

Historically, browsers -- because of their enormous potential risk (easy to exploit) -- have done a better job of providing security updates quickly than have other tools.


That's only true if the OS has a solid, secure and open package manager. Linux users have had that since the mid-90s but it still doesn't exist for Windows or OS X users unless you count their respective app stores or are talking about a few niches (Flash, drivers) where Microsoft is willing to distribute things through Windows Update.


At least Mozilla documents every connection made and explains why they're made, and how to disable them:

https://support.mozilla.org/en-US/kb/how-stop-firefox-making...


This is about Chromium, not Chrome. A lot of people assume that Chromium is safer because things like this should get caught by the community.

I think the lesson to be learned here is that FOSS can be just as dangerous as commercial software if not enough people are inspecting the code and following development. It seems there are a lot of people who unconditionally trust anything that's open-source.


I have been told that I am perhaps being unfair to Mozilla...For reference, here are the connections that Firefox tries to establish immediately after startup

So: It connects to Mozilla itself and to Google (specifically their server for the malware/phishing DB). The fact that Ghostery is in there is because you have third party addons installed.

FWIW shavar.prod.mozaws.net is a Mozilla server which updates the blocklist for Tracking Protection. Somewhat ironic you're complaining about it given the context.


The flipside: https://groups.google.com/d/msg/mozilla.dev.planning/wBgLRXC...

"That said, the fact that Linux distros might switch off Telemetry and [Firefox Health Report] by default causes issues right in that way: they are undercounted and [Mozilla] may disregard them completely in data-driven decisions. If you are a Linux distro package manager, think about that."


These requests are trivial to detect and block with a proper gateway firewall like pfsense or others. Consumer grade firewalls just don't have enough options, or resources to support those options.

Trust, but verify.


They do have the user's back. That means not wearing a tin foil hat. In order for a modern browser to work in a halfway decent manner, they need to ensure that things are reasonably up to date, that developers see crash reports so they can discover bugs and security flaws before someone malicious does, and that lists of malicious sites get updated. Not checking for updates, not providing bug reports is the opposite of good software hygiene.


> Some extensions (notably NoScript and Ghostery) ping the mothership.

could you explain what this means? Been using uBlockOrigin+NoScript+Ghostery combo for quite a some time now and never realized how NoScript might be unsafe


I'm going to guess they use lists of exceptions (NoScript) or of trackers (Ghostery) that need to be updated.


NoScript is unfortunately quite sketchy, I don't use it any more.

It has a whitelist supposedly to not break "top websites", but this list contained IMO some questionable choices last I checked it. It also tries to connect to the dev's website for no reason at all (addons are updated directly from Firefox) and after updates, "to show the release notes".

Last but not least, this is the same dev which got involved in a scandal for trying to underhandedly whitelist the said website into an ad-blocking addon.


What list is that? I'm looking at it and I'm pretty sure I personally whitelisted all of those domains. The only ones that seem to have come from NoScript are the about:... ones


I reinstalled it to check again and it seems you are correct, there's nothing except about:* links. I remember it had some big portal websites I hadn't visited and would not enable JS for, however I am willing to accept I was wrong. Unfortunately, I can't edit my initial comment any more.

Thanks for checking and sorry for my confusing initial post...


Wow, didn't know that. Any suggestions for NoScript alternatives?


I guess it's a cost benefit. Does noscript block more than it leaks? Given the noscript is integrated into the tor browser bundle it can't be that bad... Right? We hope...


Perfect is the enemy of better. As long as you stay away from browsers with strong for-profit origins, especially Google who thrives on data mining, you'll be better off.


Yeah hold on let me fire up Opera. No. What do you suggest? Compile Chromium from source?


Firefox. Explorer. Safari. All three don't make their money off of data-mining / ad revenue.

Not that I'm advocating for them (I use Chrome myself), but those fit what the parent suggested.


Browsers don't make money at all, not directly, as you know.

Microsoft pulls in 11 figures a year in online advertising revenue. As of earlier this year, Apple was still earning more mobile ad revenue than any other firm. And Mozilla is funded almost entirely by companies that earn billions in online ad revenue like Yahoo and Google.


>Browsers don't make money at all, not directly, as you know.

Which is neither here, not there. As I wrote those three browsers don't make money off of ad revenue and/or private data. Chrome does.

Whether the money are made directly or indirectly is beside the point for the purposes of the discussion.

>Microsoft pulls in 11 figures a year in online advertising revenue. As of earlier this year, Apple was still earning more mobile ad revenue than any other firm. And Mozilla is funded almost entirely by companies that earn billions in online ad revenue like Yahoo and Google.

Not that relevant either. Apple sells display ads (iAds etc) and that's it. They don't deal in personal data. Mozilla even less -- whether Yahoo/Google pays it to be the default search engine or not.


Apple sells targeted advertising and their T&C say they may use data for targeting.


You should really read up on where Mozilla's money comes from. See the financing section of https://en.m.wikipedia.org/wiki/Mozilla_Foundation


From selling its "default search engine" spot -- I'm on this web business professionally since 1995, I know that.

That's not direct ad sales and Mozilla wasn't created with the specific purposes to sell ads or collect private information, nor is owned by an ad-selling company.

Besides you can change the default search engine in a heartbeat.


I certainly consider that funding by direct ad sales. It's like any other affiliate model: your contribution is to get their product to be sold.


Someone said that that all of those call home as well. I need a browser that just lets me browse instead of filling me with constant "1984-esque" anxiety and paranoia for every URL I go to, and apparently all the extensions I run ALSO call home and leave a uniquely identifying finger print.

Honestly I'm moving to backend work and using a terminal browser. This is so fucking stupid. Wish there was at least one program on my computer that isn't trying to constantly stab me in the back.


>Someone said that that all of those call home as well

Obviously, since all have update-check (and auto-update) features, live content (e.g. intro page), etc.

That's not the same as mining your every search, and they don't own an add company or anything.

>I need a browser that just lets me browse instead of filling me with constant "1984-esque" anxiety and paranoia for every URL I go to, and apparently all the extensions I run ALSO call home and leave a uniquely identifying finger print.

It's even worse: EVERY IP (and/or page) you visit is registered on your ISP.

About apps phoning home specifically, you can install an application firewall like Little Snitch and be warned and in control of any such attempt.

It's not something that you should trust on the browser vendors not to do, anyway...


Opera 12 still works for most web sites (including HN).


True, but it will need someone with magic touch soon to binary patch OpenSSL, more and more websites require ECDSA (cloudflare giving out free certs)

Im seeing more and more Error 40 every week :(

Other than elliptic curve BS Opera 12 is a perfect browser for me.


It would be nice if there was an extension/script that enabled "max privacy mode" by frobbing all these config bits.


Where do you think Mozilla makes most of its money? Hint: it ain't donations.


They get money from Yahoo for putting it as their default search engine in the USA.

What was your point exactly? I fail to see any relation here.


Is it Yahoo again? I thought it was Bing now. But it's advertising. It's advertising for whomever gets their shitty search engine in the prime real estate.


I believe yahoo search is bing.


...and don't forget: WGET is a "hacker tool"


Could be it is pinging home for synchronization and not actual browsing data.


The limited checking I did on my machine points to this, at least that's what the URLs in the code appeared to be for. Didn't really look at the code, just searched for the URLs.


What do you mean by synchronization?


Chromium & chrome sync all of your bookmarks, settings, etc across browsers. If I fav something in my mobile, it shows up in my desktop.


That should only happen when logged in, and given the context here, I assume the user was not logged in (since when you're logged in, all privacy is definitely completely lost).


Sync of tabs/bookmarks etc.


The maintainer's reply is a sad statement on how hard it is just to package and distribute a modern web browser.


This is in the Debian bug list, not on the chromium bug list. The maintainer who replied is not a chromium developer, so I don't blame him that he doesn't have a lot of time to look at chromium's source code since a 'modern web browser' is really big. I have built chromium from source before. The android application alone is 44MB, not including the libraries, just saying, for one person to 'look' at chromium will take awhile to do so.

The person who replied did have a good comment with the 'chrome://net-internals/#sockets'. It will list specifically what this person is looking for.


How so? He just says: this seems like it'll be hard to track down and I don't have much time to dedicate to it. I don't see how that says anything about (1) packaging and distributing specifically or (2) modern web browsers specifically. It just says that complex pieces of software can require a lot of work to debug. What am I missing?


Packaging and distributing anything for endpoint devices is a profound exercise in pain and suffering. If your target is anything other than a Mac or a phone, multiply it even further.

It's a major driver of Internet centralization: things must be centralized to escape the deployment nightmare. It's exponentially easier to manage deployment on a handful of servers than it is to actually ship an app to users.

With our app, we test our Windows build on Windows Vista, 2008 Server, 7, 2012 Server, 8, 8.1, and 10, on both x86 and x86_64. It always passes before we ship. Then inevitably we get bug reports: the UI won't open, device drivers won't install, the app mysteriously crashes, etc. Investigation always reveals some weird little variation or clashing piece of software on the customer's machine. Every Windows machine is a special snowflake, and as Windows machines run they accumulate 'OS rot' and gradually become less reliable (due to the mutability of the OS and dependencies). To fully test deployment you'd have to test hundreds of thousands of VMs with different software install histories, etc. In the end we have to tell people 'sorry, we tested with clean Windows installs on eight different versions, you're on your own.'

Mac is the only tolerable deployment target and that's because it's a fascist dictatorship compared to Windows: uniform hardware, strict restrictions on OS modification, and enforced software conformity. Phones aren't too bad either but that's because they're also fascist dictatorships with locked-down OSes.

Basically the modern OS is broken. Things are mutable that shouldn't be, process isolation is a joke, etc. Server OSes are broken too but at least if you own all the servers you can make sure they're all broken in the same way. Even there the trend is toward statically linked binaries (Go) and packaging apps as entire containers with their own OS (Docker) to basically deprecate the OS and achieve predictable deployment.


Insightful! I didn't know it was that bad. Did your team ever consider using something like Turbo Studio (called Spoon Studio until recently), which is a bit like Docker, but different, and for Windows?

Their promise is that they basically solve most of the problems you mention, so I'm curious how well it stands up in practice or why you choose not to use it.

https://turbo.net/studio

EDIT: I'm a bit confused: I just got two downvotes for asking a question. So just to be absolutely clear: I don't have any relationship with Turbo or whatsoever.


You shouldn't be confused. It's all just numbers and ideas. There isn't really such a thing as a "vote" or "clear" or even "Hacker News" apart from the idea you have of it in your mind.


A fairly common practice is shipping applications utilizing Citrix to have end users remote into a citrix server to minimize the various configurations of a desktop application. Personally I dislike the architecture in that the user experience is compromised (glitchy/laggy/hacks for interfacing with the client) but it does return some of the control back to those managing the host


Anyone monitoring their connections has already noticed this long ago, I know I have. It is not a bug. If privacy is a concern you wouldn't (or at least shouldn't) be using chromium in the first place.


> If privacy is a concern you wouldn't (or at least shouldn't) be using chromium in the first place.

Privacy is a concern for everyone, whether they understand that or not.


So is oxygen, but I'm not going to carry a scuba tank with me everywhere. Just when I'm diving or doing something where it is equally important.

Same reason you don't use TOR on a virtual machine over a drone mesh network to starbucks for the majority of your internet browsing.


You can say anything with faulty analogies.

The fault in your analogy is that you seem to think that oxygen is somehow less important in situations where it's easily available. You say, "Just when I'm diving or doing something where it is equally important." But oxygen is always equally important. It's just that in most situations it's easily available to you: all you have to do is inhale.

Your analogy isn't even internally correct, but even if it were, it still doesn't prove anything about privacy, because privacy isn't easily available, at least not over technological channels. Privacy isn't oxygen, so accurate claims about oxygen don't imply anything about privacy at all.

Analogies are for explanation, not evidence. If you can't make an argument without an analogy, you're may want to consider that you're wrong.


Analogies are inexact by semantic definition, and that doesn't make then "faulty".

Privacy is readily available through https, two factor OAuth, etc. just like oxygen generally is. What's your point?


> Analogies are inexact by semantic definition, and that doesn't make then "faulty".

Well, it makes them useless as evidence. An argument by analogy simply isn't a valid argument. Don't you remember the "You wouldn't steal a car" ads?

> Privacy is readily available through https, two factor OAuth, etc.

HTTPS is broken by privileged man-in-the-middle attacks (attacks where the attacker has key signing power) and downgrade attacks. And that is when it's even available (it isn't always). And even against attackers with less power, it only provides privacy for what you send over the wire, not who you send it to. And finally, this all assumes that you're sending your data to an entity which won't simply sell it to whoever is willing to pay a few bucks (an uneducated user might think, for example, that data sent through GMail is private).

I'm not even gonna touch "two factor OAuth"; I'm not sure what kind of privacy you even think that provides.

In short, you clearly have no knowledge about what does and does not provide privacy. It would behoove you to not make claims on topics you are ignorant of.


Analogies aren't evidence, they're a tool for explanation, again by semantic definition.

It's committing a no-true-scotsman to say that "privacy isn't as easily available as oxygen" when you change it to "true privacy is is really perfect privacy" when faced with HTTPs and OAuth.

All privacy & security tools are are imperfect, but most of us find the right level, rather than live in a faraday cage in our mother's basements (that's the point). Unless of course, copsarebastards, you need that level of privacy - then I'm not going to judge.


> Analogies aren't evidence, they're a tool for explanation, again by semantic definition.

Agreed, that's what I've been saying all along.

So then why did you use an analogy? Did you really think the sentences "Privacy is easily available" or "People only have to use privacy tools when they are doing something that they want to keep private" needed explanation? Perhaps I assumed you were using it as evidence when you weren't, but you have to admit that's a reasonable assumption given that the analogy is completely pointless otherwise.

> It's committing a no-true-scotsman to say that "privacy isn't as easily available as oxygen" when you change it to "true privacy is is really perfect privacy" when faced with HTTPs and OAuth.

Imperfect privacy isn't privacy. Either people are able to look at your data or they aren't. If people are able to look at your data, you don't have privacy. This isn't a complicated idea or a "no true scotsman" fallacy, it's the meaning of the word "privacy".

We have plenty of evidence showing that the NSA surveils data which is "protected" by HTTPS, ergo, HTTPS does not provide privacy. And the NSA isn't the only actor with this capability.

And OAuth doesn't provide privacy. It's not even the problem that OAuth tries to solve. OAuth provides authentication, which is an element of privacy, but it takes more than simply showing that a person is who they claim to be to provide privacy.

> All privacy & security tools are are imperfect, but most of us find the right level, rather than live in a faraday cage in our mother's basements (that's the point).

That's exactly not what happens. The average user simply is not informed enough to make an educated choice about what level of privacy they want and make choices to get that level of privacy. As a result, people don't find the right level of privacy. Closeted gay people get outed by their Facebook friend graph, pregnant teenagers have their pregnancies publicized by their targeted ads, celebrities have their nude photos leaked to the public, adultery website users and corporate employees have their information leaked, women are found by their jealous law enforcement exes misusing surveillance technologies. Only a fraction of these people actually knew what risk they were taking when they friended someone on Facebook, searched for goods on Amazon, texted a nude photo to a lover, put their credit card into a website, gave their info to their employers, or made a phone call.

Obviously living in a faraday cage in your mother's basement isn't the answer: that's a straw man argument.

The answer, in my opinion, is both social and technical. Socially, we need to get people to prioritize privacy and use privacy by default, we need people in power to respect and protect the right to privacy rather than actively taking it away from people. From the technical side, we need privacy tools that are faster, more secure, and easier to use, and we need decentralization so that violating people's privacy is no longer an option.


Yes but the expectation is that people around you aren't pumping poisonous fumes into the AC.


but then people know when your diving, if you carry all the time they won't know


All they'll see is the diver's flag, just as all they'll see is a random computer on TOR at starbucks.

Likewise, if you use the gear all the time, people will figure out that you're probably a scuba diver.


Why? I thought Chromium was supposed to be the open source (libre) version of Google Chrome. It shouldn't do anything "evil". I guess you would have to change the search engine and perhaps disable update checking if you plan to do that yourself, but other than that...

I personally prefer Firefox regardless, but that's not because of paranoia reasons (I just like it better with about:config and the available add-ons and the way the url bar works and... just usability reasons).


Things like this just reinforces my impression that Chromium & Chrome is slowly crossing the line from being privacy-invading to actual spyware.

And yes. Obviously I don't use them.


but isnt chromium open source?


Sure. But the theory that open source prevents problems of this sort is a theory, not a universal law. The solution is social and based on trust.

https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thomp...


You mean hypothesis, not theory.


Working theory: This is not a useful distinction in colloquial usage of english.


I just did a search for "working theory" in all the dictionaries I could find. None of them had it. Where did you get this phrase from?


Yes it is. Words have meaning, we would all benefit if we used them correctly.


And language evolves, c.f. "literally".


This is my pet peeve, as well. People who conflate the two are stating ignorance of the scientific method.


Yes, and it's not just usual ignorance, but they seem to be proud about their ignorance in a way that makes them behave irrationally and become offensive. For example how people downvote me in this thread, right now, although I got this treatment in many other venues, and in real life as well.

And of course the "argument" that language changes doesn't hold water. They are not merely using different words, they are de-facto eliminating the word that describes a "theory". People who actually make scientific hypothesis and scientific theories use the word correctly, it's the ignorants who can't use it, and who quite often will utter phrases like "X is just a theory!", like somehow that should lessen X.


honestly, I blame the phrase "conspiracy theory" and it's constant misuse for the fact that people conflate hypothesis and theory.


Intriguing. Never thought of that.


Being open source doesn't mean the source code is easy or quick to read.


I remember looking into compiling Chromium >year ago, and it required 16GB ram minimum at the time ....


I've been compiling chromium for a while now, even back when I had only 8 GB of RAM :/


Me too. It does take a long time, though, even with ccache on.


That unfortunately doesn't make it easy to see where those requests are coming from, especially given that the vast majority of Chrome(ium) developers are from Google.


I'm not puzzled, at all. In fact, I'm puzzled that your puzzled.

What's hard to understand about maintaining radio silence?

Does no one understand that keeping your mouth shut, and not accidentally blabbing packets across the network is ALSO a security posture?

Anyone between you and The Mother Ship now has a shiney new target to MITM payloads at.

Why do you hate freedom?


Please don't conduct flamewars here.

We detached this subthread from https://news.ycombinator.com/item?id=10433068 and marked it off-topic.


>What's hard to understand about maintaining radio silence?

What's hard to understand about the fact that "radio silence" is a desirable trait in war (and that in certain circumstances only) -- not in desktop software, and even less so in one whose PRIMARY PURPOSE is connecting to thousands of addresses everyday?

And that, being up-to-date with the latest security patches, including for users who would otherwise wouldn't bother to install is better for everyone involved?


I would assume that step zero of "maintaining radio silence" isn't "launch an application which has as its raison d'être making connections to other machines over a protocol that was never architected to be stealthy in the first place."


The point of incognito mode is to send out less information. The web browser can update itself perfectly well a) through the normal OS software update process b) when started in regular browsing mode.


Incorrect. The point of incognito mode is to record less information locally, not send less information. It doesn't store cookies (beyond the duration of the session), doesn't record history (beyond the duration of the session), etc. On the Chrome incognito start page, it clearly says:

>Going incognito doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit.


The point of incognito mode is to SAVE less data to the computer.


If I'm consistently reprimanded for not maintaining an up-to-date system against potentially hours-old zero day vulnerabilities, then pardon me for the mistaken perception that I'm not perpetually under attack.

Having to assume that I am always at risk of being attacked is known as being placed under "siege mentality" and yes, it is a symptom of war. [1]

[1] https://en.wikipedia.org/wiki/Siege_mentality


The whole idea with auto-updates is that you are neither reprimanded nor worried about "maintaining an up-to-date system" -- the browser is.

You just enjoy your browsing being automagically always update with the latest available patches...

Comparing the situation to "siege-mentality" etc is taking a far-reached association so far that it's not even on the solar system anymore...


Listen.

It's not an absurd expectation that a system only does exactly what it's told to do, and only when told to do so.

Don't paint that premise as if it were some ridiculous pie-in-the-sky unattainable cadillac of desires.


>It's not an absurd expectation that a system only does exactly what it's told to do, and only when told to do so.

Now, you listen: most simple (non techie) users don't know what they need to "tell browsers to do" in the first place, aside from loading webpages.

We had what you propose and people were stuck with 10 year old IE6 versions, tons of viruses from old exploits and plugins, etc.

Now we expect modern browsers to be evergreen and to keep themselves secure. That's part of what browser developers are implicitly "told to do" -- and people jump to those browsers (e.g. Firefox when it pioneered that evergreen thing and then Chrome).


Unless you personally are constantly under attack by exploiters using hours-old 0-days (which, let's be honest, you wouldn't be as a personal user; there's far more high value targets than you), then you're not "consistently reprimanded" for not keeping your system up to date to fight these 0-days.


Not blabbing packets across the network to a security provider, while blabbing packets across the network to many other hosts, is not a security posture.

If you want radio silence, exit the program


Pah! I laugh at that answer.

So, you mean to tell me that I'm not allowed presume that I might actually be in complete control of the machines my program is holding conversations with? Is that what you're saying?


If you want to be in complete control, you need to understand the complete source code. Otherwise, you at least need to trust whoever wrote the software you're using.


Things like this may represent a violation of trust, depending on who you are, where you live, and who you perceive your adversaries to be.


I guess nobody is happy that chromium opens a undocumented network connection to transfer unknown data.

But the biggest problem is that we don't (yet) _know_ exactly why and what is happening. Fortunately we can understand it by looking at the code, and somebody will do that.

Then we can discuss if this was a violation of trust, a simple error, a useful feature etc.


> Why do you hate freedom?

Um, this isn't reddit. Out of all of the snark you posted you had one, tiny, possible point about creating a vector for MITM attacks but since the connection is over TLS it's not much of a concern at least at the moment plus I'd imagine they would sign such things (but I don't know for certain).

So I guess good job at taking your only point and surrounding it with nonsense which is always downvoted on HN.


> Um, this isn't reddit.

It's way more reddit than it used to be. It happened to Reddit, it's already almost completely happened here. This place is basically a decent subreddit in culture now. Kind of sad.


Just curious, how long have you been around? Your current username is less than a year old.

Because based on my impressions as someone commenting or lurking here 5+ years, HN has experienced a significant uptick in quality over the past year or so. I see many older commenters making the same type of observations.

And Reddit-like comments are consistently downvoted here.

EDIT: Removed "Of that there's no question." from my statement about comments being consistently downvoted, since clearly that's not true.


Mostly a lurker. I've checked the articles here since.. I dunno.. sometime in 2007-8, at least regularly anyhow. I remember when it was called "Startup News".. heh.

Much like my Reddit experience - was a long-time lurker, but have a more recent account.

Both sites have gone downhill in terms of community quality.

> HN has experienced a significant uptick in quality over the past year or so

In the news articles I'd agree. In the comments? Drastically the opposite as far as I've read.

> Reddit-like comments are consistently downvoted here.

I wish. The worst meme-crap sure, I agree with that, and it's a good thing. However it's not that that's the problem: it's the community attitude and outlook; just seems to have got a lot worse - especially in the last year or two.

Case in point: down-votes for disagreement rather than lack of content. See my comment above for a great example of that.


> down-votes for disagreement rather than lack of content

The debate about downvotes for disagreement rather than lack of content has been going on here for years. For me, it's as clear as day that this is getting much, much better. From about 2012 to early 2014, there was some type of either bot or some very, very eager HNers who would rapidly downvote topics they didn't like, 3-4 downvotes within the first 5 minutes, even if it was a quality comment. I would regularly upvote comments even though I vehemently disagreed with the commenter just to offset those downvotes. I find myself having to do that much, much less now.

It is clear that HN is getting more "traditionally" polite as well as what many would consider politically correct, so if that pisses you off then I can definitely see how the site would seem to be worse.

But I strongly, strongly disagree with the Reddit thing. By the way, take a look at the HN guidelines:

https://news.ycombinator.com/newsguidelines.html

It says:

"If your account is less than a year old, please don't submit comments saying that HN is turning into Reddit. It's a common semi-noob illusion, as old as the hills."

If I'm not mistaken, that guideline has been in place since I got here back in 2010-2011 or so, so that should tell you something. People have been complaining about Reddit-like comments on HN since at least back then.

(As as you will have noted, people are quick to downvote comments saying HN is becoming Reddit for this very reason)


There should be a corollary to that guideline of "if you have to repeatedly deny that you're turning into something... you're turning into it".

I mean... seriously. It's been a problem SINCE 2010-2011 so I'm not surprised. You're right tho - it DID get better. So did the quality of Reddit for a white - then it got a lot... LOT worse.

> people are quick to downvote comments saying HN is becoming Reddit for this very reason

Well no, mostly it's just the false sense of superiorly that this place has actively cultivated over Reddit for many years. Got to maintain that.


I've noticed the opposite. I see more jokes than before and they don't seem to be downvoted when I'm around. The jokes aren't even clever; just low reaching ones just like on reddit.


Can you cite one, please? I'd like to see an example of a comment considered to be Reddit-like that isn't downvoted on HN to diminished visibility.


They are all over, I think it's easy to spot them. Here's one I saw earlier: https://news.ycombinator.com/item?id=10433865 While HN has with exceptional moderation effort made this place "nice", as opposed to the generally "mean" Reddit, it's optimized for a certain kind of niceness that doesn't necessarily align with the hacker aesthetic, and reddit's brand of rudeness is just one characteristic of reddit, general low quality comments are the problem. Quality has been declinining since at least https://news.ycombinator.com/item?id=2403696 and on the aesthetic side I think this thread sums up what's good and bad about the site: https://news.ycombinator.com/item?id=8214343 (The bad: complaining about the name, political correctness in general.)


Jokes seem inconsistent on HN. Sometimes I'll see a good, quick one and it'll be upvoted (which honestly I'm fine with; jokes are fun) and sometimes they'll be downvoted immediately. But the common theme I always noticed with jokes and HN is that, even when they're upvoted, they don't turn into mega pun threads like Reddit's do. I rarely see a joke just keep going on HN.

In the end I think the HN and Reddit audiences are different. Yeah there is overlap but I don't think there is a ton of overlap.


Even if this is true (and [jnbiche](https://news.ycombinator.com/item?id=10433503) argues that it isn't), what's the use of saying so? If you don't like the increasing Reddit-ness of HN, then pointing out that HN isn't Reddit is the right thing to do to stop the trend.


er... no. Calling out that kind of thing (especially ignorance to a trend) is exactly what the right thing to do is.

Awareness of a problem is the first step in combatting it after all.


Yes, that's what I said:

> If you don't like the increasing Reddit-ness of HN, then pointing out that HN isn't Reddit is the right thing to do to stop the trend.

That "isn't" might have been a bit confusing, but, with parentheses, I meant:

> If you don't like the increasing Reddit-ness of HN, then (pointing out that HN isn't Reddit) is the right thing to do to stop the trend.

My point was that, when BinaryIdiot said "Um, this isn't Reddit", you said (https://news.ycombinator.com/item?id=10433352):

> It's way more reddit than it used to be. It happened to Reddit, it's already almost completely happened here. This place is basically a decent subreddit in culture now. Kind of sad.

I took this to mean that you thought that BinaryIdiot's chiding was inappropriate, or useless.


> In fact, I'm puzzled that your puzzled.

Obligatory *you're :)


>Why do you hate freedom?

They're probably a cheese eating surrender monkey and don't realise the good you are doing by trying to force your skewed version of "freedom" on to them


[deleted]


Bug report: 61 words. Your ignorant comment making assumptions about what the bug report: 138 words. Sometimes people need to listen before they talk.


Sometimes it takes ages for an age to get aged.


These codebases are too large to vet easily, and I've always been suspicious of someone hiding something like this in plain sight. I'm a FF user since before 1.0 and I never switched to Chrome, for obvious reasons. I did keep Chromium as a media browser on Linux, now I'm done with Chromium too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: