

Why I hate Google Chrome? - afshinmeh

It's about 2 years that I switched to Google Chrome from Firefox. All my data, histories and saved authentications are stored in all last two years on Google Chrome.<p>Today, when I was going to the "cookies and data sites" tab from settings menu for removing one specific record from history, suddenly I clicked wrongly on the "Remove all" button inside the box.<p>What you expect to Google Chrome do after clicking on that hell button? Confirming that "Are you really want to remove all your cookie/session data?", right?<p>But it's completely removed all of my two years (cookie and authentication) data, without asking/confirming me.<p>REALLY, I HATE GOOGLE CHROME NOW.
======
lutusp
> But it's completely removed all of my two years (cookie and authentication)
> data, without asking/confirming me.

So at your behest Chrome deleted what is probably the most common, and
commonly misunderstood, everyday security vulnerability, and now you're all
mad about it?

The majority of those cookies were ways for advertisers and merchants to track
you and your consumer preferences, and violate your privacy. I've heard
reports that Amazon shows one set of prices to those with a long record of
browsing and purchases in a given product category (a record keyed to browser
cookies), and another to someone with no history in that category.

Cookies aren't your data -- cookies are the data of merchants and advertisers.
They should be purged regularly.

~~~
afshinmeh
I can accept your reason partially, but just another question, should Chrome
confirm me before remove them all?

~~~
lutusp
> should Chrome confirm me before remove them all?

1\. I am sitting at Chrome right now, Version 25.0.1364.152.

2\. I choose "Settings".

3\. I choose "History".

4\. I choose "Clear all browsing data ...". See the ellipsis? That means it
won't take any action until I allow it.

5\. Next, I see a dialog that says:

    
    
        Clear all Browsing data
    
        Obliterate the following items from the past hour/day/week/month/etc.: 
     
          ☑ Clear browsing history
          ☑ Clear download history
          ☑ Empty the cache
          ☑ Delete cookies and other site and plug-in data
          ☑ Clear saved passwords 
          ☑ Clear saved Autofill form data 
          ☑ Clear data from hosted apps
          ☑ Deauthorize content licenses
    
                 [Cancel] [Clear Browsing Data]
    

6\. Here's a picture of the dialog: <http://i.imgur.com/Du84Y4O.png>

7\. At this point, I have the choice to [Cancel] or [Clear Browsing Data].
_Nothing happens without my permission_.

So tell me -- what Chrome version are you running, that doesn't have a very
complete way to alert you to what's going on?

I invite you to go to your Chrome settings page and see if your experience
differs, and also say what Chrome version you are running.

------
bencxr
A confirmation dialog is something one would expect in a consumer-facing app -
and it isn't difficult to build.

I'd be interested to know what their design decision was not to do that.

~~~
lutusp
I just checked and Chrome _does_ have an elaborate, multi-step confirmation
procedure to delete the data under discussion. Here's a picture:

<http://i.imgur.com/Du84Y4O.png>

------
gregorkas
To be honest, you should've already removed all that useless data. I really
don't get why you HATE Google Chrome now after clearing up your stuff.

I'd say: "Good guy Google Chrome".

~~~
afshinmeh
Those are not USELESS data, those are my all authentications over the
Internet, Facebook account, Gmail account and...

~~~
lutusp
> Those are not USELESS data, those are my all authentications over the
> Internet, Facebook account, Gmail account and...

Yes, and because of those cookies, anyone sitting at your computer can log on
and pretend to be you without having to know your logon names and passwords.
Anyone who hacks your computer from afar and gains access to this treasure
trove of sensitive information can use those cookies to steal your identity.

~~~
claudius
I can’t remember the last time someone else used my computer. And if someone
hacked my computer from afar, I would imagine random cookies to be the least
of my problems.

~~~
lutusp
> I can’t remember the last time someone else used my computer.

Yes -- and if a hacker does his job, you will never remember it, because to
all outward appearances, it never happened.

> And if someone hacked my computer from afar, I would imagine random cookies
> to be the least of my problems.

A random cookie or authentication record containing your logon details for an
online site, with which someone could pretend to be you? Don't you realize
what it means when the browser asks you whether it should "remember" your
logon name and password?

~~~
claudius
> A random cookie or authentication record containing your logon details for
> an online site, with which someone could pretend to be you? Don't you
> realize what it means when the browser asks you whether it should "remember"
> your logon name and password?

It implies saving that password on the hard drive, yes. However, any
interested attacker, once gaining access to my account, can just as easily
install a keylogger and simply wait for me to log in to this site the next
time. Or for me to enter the passphrase for my SSH keys or GPG keys, which is
likely more interesting than my HN account.

He could also access my email account and send spam via my server (because,
yes, I do let Claws save my password…), or could use all the other data on
this hard drive (pictures, CV, instant messaging logs, emails, etc.) to
impersonate me.

Really, what’s so special about authentication cookies that they absolutely
must be secured?

Okay, here’s one difference: Assuming an exploit in Opera allowing for
arbitrary code execution, the OS won’t block access to wand.dat, but it will,
thanks to AppArmor, block access to ~/.ssh (in fact, everything but ~/.opera
and a few other select directories). Circumventing AppArmor either requires
root access (theoretically possible assuming a fault in the kernel) or
tricking me into running code I don't want to run outside of the AppArmor
profile, e.g. by adding an exploit to a downloaded PDF file I then open in
Evince.

But, uh, yes, this requires arbitrary code execution in at least one of the
internet-facing applications, most of which are enclosed in their respective
AppArmor profile, and then some sort of escape from said profile if one wanted
to read anything not naturally relevant to the programme exploited
(~/.opera/wand.dat from Pidgin, e.g.).

However, if someone is actually able to run arbitrary code in Opera, they can
at least access all cookies of the current session, even if I didn't let the
browser remember the password, as well as install backdoors in the browser[0]
to record future logins and send them somewhere. So by not letting Opera
remember passwords, I secured those passwords which I didn't use in the
current session. Considering that usual sessions in Opera last about four to
eight weeks for me, that gain is rather minuscule compared to the hassle of
entering/remembering or copy-pasting passwords from somewhere else.

[0] Opera evaluates user-provided Javascript files in ~/.opera pretty much all
the time, so it is not necessary to write to /usr/bin/opera for that.

~~~
lutusp
> It implies saving that password on the hard drive, yes. However, any
> interested attacker, once gaining access to my account, can just as easily
> install a keylogger and simply wait for me to log in to this site the next
> time.

Yes, but that is much more work, over a longer period of time, compared to
browsing your cookie jar.

By the way, this entire conversation is predicated on a misconception --
Chrome does, in fact, give one plenty of warning about deleting personal
information:

<http://i.imgur.com/Du84Y4O.png>

