
Ask HN: Chrome browser phones home, how to disable this? - goodfellaw
When I startup Google-chrome it &quot;phones home&quot; - makes a TLS connection to Google and exchnages some data. Does anyone know what this data is?<p>It happens with the open source version as well... so this must be documented, and there must be a way to turn it off?<p>Edit: 1. You can confirm this using a network traffic analyzer.
2. Start page is set to about:blank
======
stephenr
> there must be a way to turn it off

Sure. Use a browser whose creator isn't an Ad serving company with a business
model built entirely around capturing and analysing massive amounts of product
(you. you are the product) data.

------
opless
Depends ... are you logging in with it?

There's all manner of things that it will do.

1) try to see if there's a real internet connection 2) check if it's the
latest version 3) log in with your google account 4) sync passwords 5) update
shared history 6) update chrome apps

I've probably missed some things out, but that's what I can think of, off the
top of my head.

~~~
goodfellaw
thanks.

------
abstractbeliefs
Have you looked at intercepting the TLS connection by MITMing yourself?

Tools like Fiddler should allow you to see this data in plaintext, though
identifying what information it contains is another step.

------
lemonade
This is in all likelyhood "Safebrowsing by Google", which is a default service
to run sites you visit past the servers of said company.

[https://www.google.com/transparencyreport/safebrowsing/diagn...](https://www.google.com/transparencyreport/safebrowsing/diagnostic)

That would make you one of the 600 million people using that service, whether
you realise it or not.

Alas, other browsers use it too without any warning, although you can turn it
off it is not easily discoverable:

[https://bugzilla.mozilla.org/show_bug.cgi?id=430741](https://bugzilla.mozilla.org/show_bug.cgi?id=430741)

As suggested, add sb.google.com or whatever endpoint is used to /etc/hosts or
HOSTS file.

------
techietim
There are a set of privacy related patches for Chromium called inox
([https://github.com/gcarq/inox-patchset](https://github.com/gcarq/inox-
patchset)).

If you are on Arch Linux, binaries are available on the AUR:
[https://aur.archlinux.org/packages/inox-
bin](https://aur.archlinux.org/packages/inox-bin)

------
w-ll
> how to disable this?

Don't use Chrome? Build Chromium from source.

[http://www.chromium.org/Home](http://www.chromium.org/Home)

~~~
0942v8653
> It happens with the open source version as well

~~~
w-ll
Build Chromium from source. Debug and trace whats "phones home" and yank it
out.

I dont see why this needs to be a Ask HN.

~~~
goodfellaw
"Due its complexity, Chromium uses a set of custom tools to check out and
build. Here’s an overview of the steps you’ll run:

    
    
        gclient. A checkout involves pulling nearly 100 different SVN repositories of code. This process is managed with a tool called gclient.
    

. . . "

// everytime i upgrade a browser? cmon..

~~~
Voltbishop
I actually build chromium from source for this exact reason, I've gotten it to
stop phoning home. It phones home for the following:

1\. If you are using the Google APIs (see this picture
[http://i.imgur.com/UodLpFh.png](http://i.imgur.com/UodLpFh.png)) for the
browser to have more functionality.

2\. If you have the "Google account Badge" thingy in the upper right enabled.

I don't know exactly what in those two causes the phone home, I assume
(educated guess here) that it's verifying your api keys for browser features
such as spell check, that or getting the "Badge" thing setup. While you may be
opening a new tab labeled blank that "badge" thing is a pure js/html page
thats loaded in the background that does need to phone home.

------
joshmn
Hosts file.

