Google does a lot of standards breaking things.
Like allowing a link on Google Apps Marketplace to open a new window (like popup) with POST instead of GET. (This pretty much ensures that buying an app will fail for browsers that follow the spec)
This garbage behavior is in Chromium as well?
Google Meet can show CPU usage, they aten’t trying to hide this.
Refreshing change from reading about some new AI powered tracking nonsense in Windows.
LibreWolf, Mull, Chromium, …
It’s apparently built into chromium
I don’t think so. I haven’t had a look at the code, but executing that command from the post returns the following on my Chromium:
VM68:1 Uncaught TypeError: Cannot read properties of undefined (reading 'sendMessage') at [HTML_REMOVED]:1:16 (anonymous) @ VM68:1It turns out Google Chrome (via Chromium) includes a default extension which makes extra services available to code running on the *.google.com domains - tweeted about today by Luca Casonato, but the code has been there in the public repo since October 2013 as far as I can tell.
It looks like it’s a way to let Google Hangouts (or presumably its modern predecessors) get additional information from the browser, including the current load on the user’s CPU. Update: On Hacker News a Googler confirms that the Google Meet “troubleshooting” feature uses this to review CPU utilization
The code doesn’t do anything on non-Google domains.
Maybe it’s because you tried it on a non Google site? Idk.
Hehe, I read that sentence, tried it on google.com
But forget what I said. I have the ungoogled variant of Chromium installed. No wonder that’s not in there…
Ianal, but this sounds like something worthy of suing their ass over. There’s not much Google would respond to and good luck beating their lawyers, but the only language they speak is $, so please try to take as much as possible away from them for this garbage.
“Don’t be evil”
Suprise Suprise!
#UninstallChrome
#SwitchToFirefox
Here, you forgot this:
\
Remember when Google pushed for use of open standard in the browser to force Microsoft IE out of the market? Oh yeah I ‘member
They have become the evil they once sought to combat.
Is this for malicious harvesting or is this part of their chrome device trust product for enterprises?
No, as far as I know this has nothing to do with attestation/verification for enterprise users.
WINK
If you’re still using Google Chrome in 2024, you might be a moron. #Firefox
I am “slightly” worried that there’s only a single option left. That’s only 1 organization’s corruption removed from total loss of control over browsing privacy :/
There’s safari and pale moon
And Mozilla main source of income is… Google.
This is bad, very bad.
Google pays them to be the default search. FF is like Steve Irwin, you could have been the biggest poacher, if you gave him money he would use it to buy land to help protect animals. FF is pulling the same thing but for the intetnet
so donate and change that
Does this also affect Chromium, or is it just Google Chrome?
The article mentions it being affecting Google Chrome through Chromium, but it’s not clear if it also affects Chromium on its own, or other Chromium-based browsers.
Chromium is also affected.
Chromium alone depends on if it’s the Google version or the Un-Googled version. For the Google version of Chromium, it still has that hangouts extension. However, the Un-Googled Chromium has that extension removed via the build flags, the one to note is
enable_hangout_services_extension=false.As others have said though, it can also depend on what other Chromium-based is being used. Some browsers like Brave and including Vivaldi can have this turned off in the settings. Others like Edge and Opera are affected as well. However it doesn’t affect every Chromium-based browser.
It allegedly also affects Edge and Vivaldi, so it seems to be chromium not chrome
Just now tested in Vivaldi and it works, so yeah seems like Chromium 🥲
Doesn’t seem to work on cromite desktop (good)
Can someone explain this to me like I’m 5. I understand it’s not good but I don’t know why and I would like to understand it.
Effectively Google has a browser extension (just like the ones you’d install from the Chrome Web Store like uBlock Origin) that comes with the browser that’s hidden.
This extension allows Google to see additional information about your computer that extensions and websites don’t normally have access to, such as checking how much load your PC has or directly handing over hardware information like the make and model of your professor.
The big concern in the comments is that this could be used for fingerprinting your browser, even in Incognito mode.
What this essentially means is that even though the browser may not have any cookies saved or any other usual tracking methods, your browser can still be recognised by how it behaves on your machine in particular, and this hidden extension allows Google to retrieve additional information to further narrow down your browser and therefore who you are (as they can link this behaviour and data to when you’ve used Google with that browser signed in), even in Incognito mode.
So since they only just seem to have discovered this, does that mean this invisible extension also likely to be present on Chromium based browsers such as Brave and Thorium etc…?
Yes, though they could remove it. If they’re open source then you could check easily.
Fingerprinting.
Bingo! Google wants to go cookieless and fingerprinting has been
one ofthe solvesI’ve always read about in the SEO world.even in Incognito mode.
I thought extensions don’t run in incognito mode?
I know Firefox doesn’t run them by default - you can specify which extensions you’d like to run in incognito mode.
I thought extensions don’t run in incognito mode?
They don’t. Unless you check the box that allows them to. And I’m sure Google has already checked that box by default.
I tested it with a stock install of chrome/windows 11. Works.
information like the make and model of your professor
Oh no, not my professor :( (/s)
Oh that’s a good typo, I’m leaving that! I look forward to the LLMs in 2030 telling you to watch the temps on your professor and make sure it doesn’t get exposed by Chrome.
Thank you for this info. If this is just an extension, can we just uninstall it or turn it off?
This is not a typical extension and it cannot be removed. It doesn’t even show up in the list of installed extensions.
Maybe recompiling? But I suspect that Chrome as it is, is closed source?
Seems like a great option. Can anyone more familiar with the code confirm this removes the aforementioned CPU-fingerprinting plugin?
It does. You can even try it out yourself. Install Ungoogled Chromium, go to google.com and paste the following code in the Developer console (which you can bring up by pressing F12 and clicking on ‘Console’ at the top of the DevTools interface):
chrome.runtime.sendMessage( "nkeimhogjdpnpccoofpliimaahmaaome", { method: "cpu.getInfo" }, (response) => { console.log(JSON.stringify(response, null, 2)); }, );If it returns nothing or an error, you’re good. If it returns something like this:
{ "value": { "archName": "arm64", "features": [], "modelName": "Apple M2 Max", "numOfProcessors": 12, "processors": [ { "usage": { "idle": 26890137, "kernel": 5271531, "total": 42525857, "user": 10364189 } }, ...it means that the hidden extension is present, and *.google.com sites have special access in your browser.
Chromium is open source. Google Chrome is not open source.
I already ditched Windows for Linux a month ago because of spyware. Everything Google-related is next. My phone is going to be the hardest thing to de-infest.
Kagi is a great replacement for Google search. It does cost money though.
Or you can take a Duck. Then get one more Duck. Then you can Go.
I kinda want to, but I’m also a sucker for ease of use
For ease of use Apple might be the most convenient alternative to Google. At least for smartphones.
Ease of use and apple are not near each other in my dictionary.
I think a lot of things are designed very unlogical
That might be because you are just not used to it. Comparable to the switch from Windows to Linux.
I’m using Linux and tried different distros. I also used chrome os and windows Phone. I tried ios, hence my feelings towards it
And many people tried Linux and were having difficulties adapting to it at first and most probably gave up. Just like you did with iOS.
Pff, sure buddy. Used it for 4 months due to my phone being dead. Go shill someone else. If the adoption of a new os goes against what I want of said os, then it’s not an os for me. Simple as that
In my experience you either have to trade one devil for the other with Apple or accept buying hardware from the ad company so you can use GrapheneOS.
You could always go the used/refurbished route to not directly give the chocolate factory money
There are more options than GrapheneOS with broader device support, such as Calyx or LineageOS.
But if you use Android already, you can start by using F-Droid (or others) to install apps to find FOSS replacements for apps you use.
Searching for “Calyx” got me a lot of results that had nothing to do with the Android ROM, so for the convenience of anyone else reading this thread their URL is https://calyxos.org/
I’m also doing this. Proton is amazing, for the most part. Ente Photos is also incredible for ditching Google Photos, although I’ll probably switch to Proton Photos when that comes out since Ente is pricey.
Isn’t proton photos built into their Proton Drive already? It’s implementation is… barebones… On Android but it works.
Welcome to the world of freedom. The first months may be a bit uncomfortable, but it’s a journey worth taking. Be welcome!
I already ditched Windows for Linux a month ago because of spyware.
Great!
Everything Google-related is next.
Even better.
My phone is going to be the hardest thing to de-infest.
If you plan on getting a new phone soon, I recommend a Google Pixel, on which you can install GrapheneOS. Yes, ironically Google devices are the best for installing alternative operating systems and removing all the Google BS. GrapheneOS is completely free and open source, and based on the Android Open Source Project. It incorporates many privacy and security enhancements, and gives you total freedom and control over your device. In my opinion, it’s the best option for degoogling a phone.
There is also Lineage OS. It’s not as secure but it is compatible with the most amount of devices.
Unfortunately LineageOS is highly insecure because there’s no ability to lock the bootloader, and Android Verified Boot is completely missing. These are just the biggest and most obvious flaws in Lineage, but there are more: https://madaidans-insecurities.github.io/android.html#lineageos
Not a legal mastermind by a long shot but it seems like a DMA violation. Someone needs to get the EU on their ass.
EU: [RELEASES THE HOUNDS]
Just make sure it isn’t the Pomeranians this time
I had to look up what the Pomeranian dog breed is, because I’m not good with dog breeds. Soon as the page of images loaded I burst out laughing. 😆 Thank you. Good start to my day.
Glad to help. 😁 Get out there with that little dog energy.
lmao is been good so far. Have to make a long trip with the kids today, so it helped. ❤️
Make sure it isn’t just the Pomeranians. Some Pomeranians are definitely going to be in the mix.
Ok, I’m good with that.
