Skip to main content

Chrome Itself Logs Into Google When Logged Into Company's Services

Google has taken the liberty of logging Chrome into the user's account whenever logged in to any Google service.

Some time ago, Google introduced the ability to have its browser, Chrome, log into the user's Google account whenever the user authenticated for any Google service.  That is, log in to Google Docs, for example, and the browser would be logged in as well.

The pitch was that this relationship between being logged in to a service and the browser also being logged in, can help mitigate confusion when a user logs out of a Google service but fails to realize the browser is still logged in.  The mystery can be eliminated if the browser keeps the two in the same state automatically.

There is the added benefit that the browser would be better able to synchronize the user experience across each browser that was also logged into the user's account. For example, Chrome on a mobile device could have access to the history from Chrome on a laptop.

The idea is not novel anymore, since Mozilla has user accounts that Firefox can log into as well.  Opera has them, Vivaldi has them, and Brave has them as well.  The difference is that Firefox has been overt about its effort to protect privacy.

Users can understand and accept, that while logged in to a service, the owner of that service will be able to aggregate data about their activity.  The suspicious among us, might raise an eyebrow to the fact that a company, widely understood to be addicted to collecting all manner of data about its users, is now making a web browser too.  The fear is easy to understand too.

The browser can easily be a channel to direct all of a user's browsing history to the company, but at least the traffic could naively be assumed to be anonymous.

By automatically logging the user into the browser, the user is tied directly to the traffic, so the situation isn't, "Chrome just loaded page XYZ from this IP address."  Now it's, "Chrome just loaded page XYZ from this IP address, and the user is So-and-so."

The only visible clue is the user icon in the upper right corner of the browser window.  It would be a fool's bet to assume that everyone will notice their browser is now logged in to Google, and sign it out immediately.  And even if they did, the next time they need any Google service, they'll need to log in again, which will of course, log the browser back in, and the cycle will continue.

Granted, this behavior was introduced a year and half ago, and a quick search will turn up a number of outlets talking about the change.  If Chrome isn't a user's daily driver, it can easily go undetected, so maybe the topic is worth another visit.

The behavior can be disabled with the following steps.
  1. Open the Settings
  2. Under You and Google, choose Sync and Google Services
  3. Uncheck Allow Chrome sign-in

Comments

Popular posts from this blog

Skype Now Supports Emergency Calls In the US

With the latest round of updates to Skype , it was noticed today that the instant messaging and VoIP phone service now supports emergency calling in the United States. The release notes for the most recent update to the Android version of Skype indicated that the service now allows calls to be made to US emergency calling systems via 911.  Telephony services like Skype, Google Voice , and Vonage typically don't offer this emergency calling ability without some sort of intermediate step like deferring to the phone's default dialer, as is the case with Voice, or setting up a physical address location ahead of time which is how Vonage handles it. The indication is that Skype will handle the 911 calls natively, but when verifying with an account that does not have a Skype phone number assigned to it, it was found that the instructions in the FAQ explaining how to turn on emergency calling are not accurate. Emergency calling support in Skype for the United States Interestingly, th...

PHP built-in webserver and IPv6 addresses

Though it's difficult to confirm around the Web, it appears as though the IP address scheme the built-in PHP server uses depends on the host name that's provided.  If a fully-qualified domain name (FQDN) is used, such as server.domain.tld, then the built-in server will be listening for IPv6 based requests.  If the server is started with an IPv4 address identified as the host, then it will naturally listen for IPv4 based requests. The closest to anything official around the Web was a comment in the PHP docs that only seeded this conclusion, at best.  But here it is in any case. Built-in web server http://php.net/manual/en/features.commandline.webserver.php#120449 Ultimately, the following answer from Stack Overflow held the "universal" solution.  Thank you dew010. Running PHP 5.4 built-in web server outside localhost http://stackoverflow.com/a/8377378/2487485 Start your development server like: php -S 0.0.0.0:8989

Allow Windows authentication using SQL Server driver with DBeaver

DBeaver will allow Microsoft Windows single sign on access when connecting to Microsoft SQL Server using the SQL Server driver (rather than jTDS ).  From the driver properties settings, set the integratedSecurity flag to true . Open the Connection configuration panel and choose the Driver properties section. Set the integratedSecurity flag to true . A subtle, but important step is to not provide username and password credentials to the connection.