Bad Google Chrome 17: What happened to Don’t Be Evil?

I just read this Ars Technica article on the Google Chrome 17 release and was not happy to read the following:

The new Chrome introduces a “preemptive rendering” feature that will automatically begin loading and rendering a page in the background while the user is typing the address in the omnibox (the combined address and search text entry field in Chrome’s navigation toolbar). The preloading will occur in cases when the top match generated by the omnibox’s autocompletion functionality is a site that the user visits frequently.

I bet this is going to piss off a lot of web server admins. Unless the pre-render is coming from Google’s Cache, it’s going to put extra load on web servers. Web server stats will be inflated, giving a distorted picture for ad revenue. I’m sure google’s smart enough to have thought of these things and has it all figured out, but I’d like to know what their answers were.

Google has also added some new security functionality to Chrome. Every time that the user downloads a file, the browser will compare it against a whiltelist of known-good files and publishers. If the file isn’t in the whitelist, its URL will be transmitted to Google’s servers, which will perform an automatic analysis and attempt to guess if the file is malicious based on various factors like the trustworthiness of its source. If the file is deemed a potential risk, the user will receive a warning.

Google says that data collected by the browser for the malware detection feature is only used to flag malicious files and isn’t used for any other purpose. The company will retain the IP address of the user and other metadata for a period of two weeks, at which point all of the data except the URL of the file will be purged from Google’s databases.

I sure hope this can be disabled. For one, whitelisting download files is the first step to a censored net. Secondly, it gives google access to anything you’ve ever downloaded. Your privacy is no a matter between you and the server. Now you have Google acting as a nanny, reading over your shoulder, making sure that what you’re pulling down over your network connection isn’t going to hurt you (but also very likely in time that it isn’t “bad” in any other sense, either).

While they’re “protecting” you now, eventually they’ll get the idea that they should “protect” you from copyright violation, from information the government doesn’t want you to see for whatever reason, and so on. It puts Google in control over how most people access everything on the internet, and is vastly more power than any single entity should be entrusted with, no matter how competent, how corruption-resistant, or how well-intended they are.

I’m sure malware is still a very real problem, but personally I have not had a run-in with Malware on any computer I’ve used in many years. Justifying Google’s right to do this and using malware as a scapegoat is a bit like saying that due to the possibility of terrorism, you have no right to personal privacy or a presumption of innocense.

We need to speak up about this.

2 Comments

Add a Comment
  1. Would it be so bad if the default were to leave those helpful features off?

      

  2. That would be better, yes. I’d prefer a right-click option over a Tools>Settings checkbox. Or at the very least an override option if Google wants to warn me about what I’m clicking on.

    Since Chrome is open source, it’s possible to strip out the functionality altogether. The Iron browser project claims to do this.

    I worry now that future versions of Chrome will integrate with web-hosted code on Google’s servers, closed source, and required in order for the open-source local executable stuff to function at all.

      

Leave a Reply to Mark W. SchumannCancel reply