Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out (vice.com)

Posted by msmash on from the privacy-woes dept.

Some cybersecurity experts and regular users were surprised to learn about a Chrome tool that scans Windows computers for malware. But there's no reason to freak out about it. From a report: Last year, Google announced some upgrades to Chrome, by far the world's most used browser -- and the one security pros often recommend. The company promised to make internet surfing on Windows computers even "cleaner" and "safer" adding what The Verge called "basic antivirus features." What Google did was improve something called Chrome Cleanup Tool for Windows users, using software from cybersecurity and antivirus company ESET.

[...] Last week, Kelly Shortridge, who works at cybersecurity startup SecurityScorecard, noticed that Chrome was scanning files in the Documents folder of her Windows computer. "In the current climate, it really shocked me that Google would so quietly roll out this feature without publicizing more detailed supporting documentation -- even just to preemptively ease speculation," Shortridge told me in an online chat. "Their intentions are clearly security-minded, but the lack of explicit consent and transparency seems to violate their own criteria of 'user-friendly software' that informs the policy for Chrome Cleanup [Tool]." Her tweet got a lot of attention and caused other people in the infosec community -- as well as average users such as me -- to scratch their heads.

57 of 213 comments (clear)

  1. Inappropriate -- Why be secretive about it? by b0s0z0ku · · Score: 5, Insightful

    If there's nothing to hide and this is only scanning for viruses, why not notify users and GIVE THEM AN OPTION? Even if it's "only" an anti-virus, having one AV running on top of another tends to slow older hardware down.

    1. Re:Inappropriate -- Why be secretive about it? by b0s0z0ku · · Score: 4, Insightful

      No. It's not understandable AT ALL. Security updates can be mandatory, or at least highly encouraged. Forcing UI and compatibility changes on users without warning, without asking them, is completely unacceptable.

      MS's model isn't about security -- it's about control and monetization. The endgame is to gradually replace features with Store programs that require a monthly or annual payment...

    2. Re:Inappropriate -- Why be secretive about it? by dbialac · · Score: 5, Insightful

      But they disclosed they were sending all your files to them on paragraph 30328 sentence 204.

    3. Re:Inappropriate -- Why be secretive about it? by Penguinisto · · Score: 3, Insightful

      Understood, but that still doesn't provide the option to turn it off.

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    4. Re:Inappropriate -- Why be secretive about it? by cayenne8 · · Score: 2, Informative
      Most used browser??

      Wow..really? Do that many people really use Chrome as their browser of choice?

      I know my experience is purely anecdotal, but I don't know any of my peers that use it and I work in IT.

      I've pretty much stuck with FireFox since it came out, and use IE when I absolutely have to, and safari when I'm on a mac (or firefox).

      I've tried chrome a time or two way back, but at that time it seemed so different than FF (almost no buttons)...so, I never really went back to it...I just mostly use FF and update it as needed.

      Maybe it's an old person thing?

      Heck, in some jobs I've worked (government) you have to get special dispensation to install chrome ON your furnished computer....

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    5. Re:Inappropriate -- Why be secretive about it? by Rei · · Score: 2, Insightful

      It's worth remembering that the attack that led to the Shadow Brokers leaks involved AV sending scanned files under the guise of virus detections - and that the way it knew what to look for was that "files of interest" were presented as virus signatures.

      --
      "99 dead duelists of Dios on the wall. 99 dead duelists of Dios! Take one's ring, pass it around..."
    6. Re: Inappropriate -- Why be secretive about it? by Anonymous Coward · · Score: 2, Insightful

      Because people are stupid.

      Ios has tons of spyware on it (see spybot search and destroy's category specifically for it). How many people are convinced that it's there is no issue in regards to privacy?

      You give a dialog box asking to do anything, the following will happen:
      - the end user barely understands but says yes.
      - they see the word virus and automatically assume that it's infested and freak out at every little thing.

      Am i defending Google? Not really. They should have mentioned what they're doing more publicly, even if it's outside the app

    7. Re:Inappropriate -- Why be secretive about it? by eaglesrule · · Score: 2

      Yes, there's no way that heuristic algorithms could have flagged files or executables with no previously recorded hash and uploaded them as samples for detailed analysis.

      In other words, A/V serving its intended function could only be the result of a Russian plot.

    8. Re:Inappropriate -- Why be secretive about it? by theweatherelectric · · Score: 4, Informative

      Do that many people really use Chrome as their browser of choice?

      Yes.

    9. Re: Inappropriate -- Why be secretive about it? by Anonymous Coward · · Score: 5, Insightful

      Nothing "cool and edgy" about it. As an IT security guy, I can tell you that Chrome is a privacy nightmare. Google is a very big danger, but people don't care because they're getting something for free, privacy be damned. Google, Facebook, virtually anything free leaves *you* as the product, not an actual customer. Again, nothing cool and edgy about taking the safer path. The path of Google, Facebook et al. is the path of the lemmings. Firefox is no longer the darling of the tech world, but it doesn't need to be. It's still the most customisable browser out there.

      Want a real eye-opening experience? Install a Raspberry Pi and a Pi-hole and watch the real-time DNS traffic as it exits your network. You would be gobsmacked by what is phoning home. Even your router is "phoning home" to entities besides the router OEM. This insight allows you to block via the Pi-hole, router, or both. Using a Pi-hole also cuts down on used bandwidth, because it blocks content at the DNS level, which means it doesn't even get called. Highly recommended.

    10. Re:Inappropriate -- Why be secretive about it? by Waccoon · · Score: 2

      Even mandatory security updates are not understandable. I once had a machine where a firmware update was mandatory. After the update, it was impossible to do a factory reset, as the original copy of the OS was incompatible with the new firmware. Only the latest version of the OS could be installed after a wipe. Given the tendency of updates to remove features over time, this gave the vendor an excuse (and probably a legal loophole) to permanently remove features that you couldn't restore, even if you had an archived version of the OS. After a "regular" OS update removed a feature I needed, I was really pissed to find out I couldn't get that feature back.

      I'd rather not state what machine this was, as the fanboys will eat me alive and accuse me of making shit up. Nonetheless, stuff like this is our future across ALL platforms.

    11. Re:Inappropriate -- Why be secretive about it? by stooo · · Score: 2

      Google found out a way to legitimize this kind of crap :
      https://malwaretips.com/blogs/...

      Seriously, google, WTF ?
      We did not ask for your snake oil AV, only for a browser.

      --
      aaaaaaa
    12. Re:Inappropriate -- Why be secretive about it? by mysidia · · Score: 2

      There's a good reason not to give users an option to disable anti-malware functionality.
      (1) When it comes to malware defense; it is necessary to try to protect users against themselves, because end users are the problem, in fact.

      (2) If an advanced preference setting is available such as under chrome://flags; malware will simply hook the browser and turn off the feature.

      (3) If a secure UI is available in an easy to find place, then errant users will switch it off -- or follow poorly conceived "troubleshooting" or "optimization" guides suggesting they switch off the critical security feature.

      Some users will do so frivolously in the belief that they are improving system performance, "fixing something", or avoiding waste, when reality the cost of the functionality is low, and the risk reduction should be worth it for all users.

      It may be reasonable for the browser to allow a Group-Policy option to switch it off in a corporate/IT-managed environment; after Chrome makes certain that the user is logged in as a Windows AD Domain joined computer as a non-administrative AD-based login user (non-local account), and the option to disable scanning is defined by a Domain/Forest-Level Group Policy Object, and not just something in the local registry, or a locally-configurable setting.

    13. Re:Inappropriate -- Why be secretive about it? by Radiophobic · · Score: 2

      Most of these companies try to give users as unobtrusive an experience as possible. That means reading as little as possible and not forcing users to confirm prompts if it can be avoided. While the majority of people on slashdot would rather be informed of minor changes, having one or two extra confirmation prompts can mean the difference between having over 50% market share and less than 5% market share.

      This is what happens when you let the free market direct consumer culture.

    14. Re:Inappropriate -- Why be secretive about it? by mysidia · · Score: 2

      I regularly have to install legitimate and mandatory software that fails unless I turn off AV during the installation process

      Have you stopped to consider why that might be? None of that applies to what Chrome is doing which is background file scanning, and if you Exit/Quit all Chrome windows/processes, that's equivalent to "Pausing/Holding off AV" --- Chrome runs with normal user permissions. System Antivirus which is different install disruptive system services that require Administrator access to install and hook filesystem operations at a low level; in order to provide "real time/scan-on-modify" protection, and the system services are written in a manner that causes problems, at the very least delays by blocking normal file operations to await scan.

    15. Re:Inappropriate -- Why be secretive about it? by mysidia · · Score: 2

      Also, not all IT-managed environments use an AD login -- not all companies can afford Windows Server or need its functionality.

      I say must use AD Group Policy, BECAUSE that is existing behavior --- that is: it is the stance Chrome already takes to all
      Administratively-definable settings: Chrome has a group policy template, but all Policy settings will be ignored unless the
      user is logging into a domain, and the settings are defined by a GPO: There is one alternative way to enforce policies in Chrome,
      which is to have a corporate Google G-Suite account with the proper seat licenses you can remotely manage Chrome browsers
      using Googles' services.

      Anyways: If you have Windows clients, and you have an IT department that manages those clients in a professional or businesslike-way,
      then you are absolutely going to have an AD deployment ---- if not, then you've decided to survive Consumer-suitable default behavior and
      Chrome's is relatively minor compared to all of Windows 10's default consumer behaviors, such as exposed AppStore, Games, Advertising, Cortana, Tracking, etc.

      and doesn't interfere with any other software on the computer

      Chrome runs as a normal user identity with limited privileges and is Not a substitute for system anti-malware; it won't
      "interfere" with other software, because the privilege level that Chrome processes run as is an insufficient privilege level
      to interfere with other software. The worst thing that could happen to you is you try to open a specific document file, and
      it fails to open because Chrome coincidentally happens to be open and happened to be scanning that exact same document at the
      exact same time you tried to open it for write access.

  2. Performance by Translation+Error · · Score: 5, Interesting

    And what kind of performance hit do I suffer when this happy surprise software runs on my older computer? Do I get to choose when it runs?

    --
    When someone says, "Any fool can see ..." they're usually exactly right.
    1. Re:Performance by PolygamousRanchKid+ · · Score: 2, Insightful

      Do I get to choose when it runs?

      Yes.

      You chose that, when you installed it.

      Don't want it to run . . . uninstall it.

      Although, even if you uninstall it . . . it will probably run anyway.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    2. Re:Performance by EvilSS · · Score: 3, Informative

      This is my concern as well, but on a larger scale. A lot of my customers insist on running Chrome in a Citrix XenApp or XenDesktop deployments. We already do what we can, including using VDI aware AV products (we we are forced to use them at all), to reduce unnecessary IOPS. Chrome is already a big resource hog (uses lots of RAM, bloats user profiles, etc) now they decided that they need to scan the OS and burn up IOPS as well? Thanks Google!

      --
      I browse on +1 so AC's need not respond, I won't see it.
    3. Re: Performance by Anonymous Coward · · Score: 2, Insightful

      So Chrome is virus scanning without permission. Where does it upload files when it finds something interesting? What else is it doing? Why not crypto mine as well? Perhaps it should enter your bank details and arrange for careful control of your finances. Just in case.
      These behaviours are inherently insecure because secrets are involved. Fun times ahead.

    4. Re: Performance by Rockoon · · Score: 3, Interesting

      So Chrome is virus scanning without permission. Where does it upload files when it finds something interesting? What else is it doing?

      Several years ago I ran into Windows 7 or one of Microsofts security products (defender, security essentials) wanting to upload files so that they can be "examined" or whatever. The files it marked were all copyrighted products and it would be copyright infringement to upload them to Microsoft.

      So now Google may also be in on this click-ok-to-become-a-criminal game? Good idea Google. Sooner or later the wrong file is going to get uploaded and you folks are going to be in a huge world of government hurt because it was the governments data you stole.

      --
      "His name was James Damore."
    5. Re:Performance by reboot246 · · Score: 5, Interesting

      A better question is, have they actually found any viruses? And, if they have found any, have they let the user know about it or have they just quietly deleted it?

      An anti-virus that has been running for a year on millions of computers surely has found something by now. If not, then why run it at all?

      Any answers, Google?

    6. Re:Performance by Anonymous Coward · · Score: 2, Interesting

      No, the better question is - why does Google sneakily try to ship an embedded OS under the guise of a web browser? This is the worst kind of feature creep/bloatware/Trojan horse in the software industry today and Google is not sufficiently being called to task on it. Why the fuck does my OS need an app that installs it's own antivirus, print servers, updaters, networking stack and all the other shit they've tried to jam in there over the past few years?

  3. Freaking out? by 110010001000 · · Score: 5, Interesting

    Why are people freaking out? You let Google run whatever software they want on your computer. They might be reading all your files and sending them to their servers. How would you know? If you care, why would you run Chrome? What a mess this industry is in now. People should have listened to Stallman. Instead we have "open source" Chrome and Android.

    1. Re:Freaking out? by Actually,+I+do+RTFA · · Score: 5, Insightful

      It's perfectly reasonable to expect a legal framework to restrain what software Google runs on you computer. Installing Chrome shouldn't automatically install (and run) Google's anti-malware. And it certainly shouldn't be built into the application in a hidden way.

      --
      Your ad here. Ask me how!
    2. Re:Freaking out? by Albanach · · Score: 3, Informative

      It was widely announced and isn't exactly hidden. [link only works on Chrome 65]

    3. Re:Freaking out? by BlueStrat · · Score: 3, Funny

      ...isn't exactly hidden. [chrome] [link only works on Chrome 65]

      Wait, what...?

      That's a rather "elastic" definition of "isn't exactly hidden".

      It certainly appears that it "isn't exactly" something well publicized enough beforehand if so many people are surprised.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    4. Re:Freaking out? by Waccoon · · Score: 3, Interesting

      When Chrome first came out, I gave it a try. This was also the time SSDs were becoming popular, so I had a tool running to monitor how much data was being read/written to the SSD, so I could gauge the amount of "wear" on the drive.

      I found out very quickly that every time Chrome did a cold start (after a PC reboot) that it would read 20GB and write ~4GB of data on startup. That was the first and last time I used Chrome.

      Thank you for putting "open source" in double quotes. I wish more people were aware that Chrome is a closed source build of the open source Chromium project (and trying to get Chromium to work is a PITA, to say nothing about Google intentionally moving the download location all the time).

  4. Chromium, too? by koavf · · Score: 4, Interesting

    Does anyone know if current builds of Chromium do this?

  5. Re:Chrome is malware by b0s0z0ku · · Score: 4, Insightful

    Even if it's not actually dangerous, it certainly doesn't do good things for the speed of older hardware or heavily-loaded hardware. You bought the machine, you should own the CPU cycles.

  6. Web broser != virus checker by Anonymous Coward · · Score: 4, Insightful

    Why the f*ck is my web browser trying to be a virus checker? If i wanted that I would get a virus checker.

    This kind of idiocy, however well intended, is why we have computer f*cking about SWAP SWAP SWAP SWAP instead of getting on with useful tasks.

    1. Re:Web broser != virus checker by thegarbz · · Score: 3, Insightful

      Why the f*ck is my web browser trying to be a virus checker?

      Because the web is the single largest avenue for viruses to enter the system.

      The better question would be why the fuck not! It would be far more useful if virus checkers only monitored entry points on a system rather than performing a frigging crippling weekly scan > Mcafee on my work machine I'm looking at you, you're making my CPU fan spin.

  7. What does it do with supect files. by Trax3001BBS · · Score: 2

    Would be most important to me. Back when, I'd go into the quarantined folder to get my Keygens back out.

  8. But then how will you know by future+assassin · · Score: 4, Insightful

    what item to buy from the next ad you see with out Google help. Come on Corptizen you want to do all the figuring out yourself and not have Google selects the right choice for you.

    --
    by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
  9. Not okay by Anonymous Coward · · Score: 3, Insightful

    I've got AV, and I've got it set up how I want it, I don't need google deciding it needs to screw with my system just because I use their web browser.

    At the very least, it needs to be simple to opt out of, which it doesn't seem like it is.

  10. Fixed in /etc/hosts by Drunkulus · · Score: 4, Informative

    0.0.0.0 *.scorecard.*[net,org,com,biz,*]

  11. The difference by duke_cheetah2003 · · Score: 4, Insightful

    Their intentions are clearly security-minded, but the lack of explicit consent and transparency seems to violate their own criteria of âuser-friendly software' that informs the policy for Chrome Cleanup [Tool].

    This is the difference between wanted security consciousness and hiding what you're doing to a customer's computer. Communication. If Google had come out and said they would add this to Chrome, before a security researcher came out with this information, no one would have cared or looked twice. It's all about communication. Tell people what you're up to, otherwise, we freak out and assume the worst.

  12. How about I go to Google and scan their offices? by JoeyRox · · Score: 5, Funny

    They can hire me as a chef, but in between my cooking duties I'll rifle through everybody's office looking for dangerous things. No need to panic - I have only good intentions at heart. What, you didn't think a chef should also double as your security detail?

  13. not trusting google by arbiter1 · · Score: 4, Interesting

    I use Eset and purchase their antivirus software on a reg basis and i trust them but i don't for life of me Trust that google is only "scanning for virus's". Given how recent revelation I heard how good pretty much will track gps of where you been and save it for years. Also if sites you visit even when using incognito mode, only thing this tells me its harvesting more info on end users. this video kinda tells you exacty what they collect about you on a reg basis and its kinda scary: https://youtu.be/Ke1gViMc2dY?t...

  14. This is why by 93+Escort+Wagon · · Score: 4, Insightful

    I only use Chrome for accessing sites which require it... or require Flash. Otherwise, I steer clear of Chrome.

    It's also an object lesson proving people right who've consistently argued that Chrome (on the Mac, at least) shouldn't be given the default admin permissions it asks for to "keep itself updated". It's true you shouldn't trust any company too much... but you really can't trust an advertising company to not put its hands in the cookie jar if you've placed it conveniently within their reach.

    --
    #DeleteChrome
  15. State of things by Sperbels · · Score: 5, Insightful

    Your ISP is collecting your data. Your OS is collecting your data. Your search engine is collecting your data. Advertisers are collecting your data. Your browser is collecting your data. The NSA knows what I'm thinking before I do. So now everyone knows the size of my bank account, my shoes, and my dick. Hardly seems worth all the trouble. We've created this huge surveillance network ostensibly so they can market shit to me. Yet, I ignore 99% of the advertising that I see. And the network is predictably (also predictedly) leaky as fuck. Several of my unique passwords and all my identity information is probably floating around in dozens of nefarious databases. Are we better off?

    1. Re:State of things by A+Pressbutton · · Score: 2

      We are better off ...
      ... Unlimited cat videos!

  16. Re:Yeah, right. by CanHasDIY · · Score: 4, Interesting

    You know they are remotely storing metadata about what it scans.

    This; pretty sure Google made the same assurances when they first started scanning everything in your Gmail account... wasn't long before "we're just checking for viruses" turned in to "all your data is belong to us."

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  17. Re:Chrome is malware by Rockoon · · Score: 4, Informative

    Even if it's not actually dangerous, it certainly doesn't do good things for the speed of older hardware or heavily-loaded hardware.

    The reduced longevity of a constantly reading spinning platter hard drive comes to mind also.

    Dear Google. Dont destroy my hardware. K. TX.

    --
    "His name was James Damore."
  18. The setting is NOT persisted across restarts by nadass · · Score: 5, Informative

    In the settings page, chrome://settings/cleanup

    The option is "Report details to Google" and it defaults to being Checked. When I uncheck it, then eventually shut down the Chrome process (on Windows), then restart Chrome and verify its status, it remains as Checked.

    So, essentially, this option cannot be disabled except MAYBE momentarily. Is it a feature or a bug?

  19. aww naw ya diddnt by Anonymous Coward · · Score: 2, Funny

    APK.
    APK.

    APK!


    RUN!

  20. Sandbox model by Tablizer · · Score: 4, Interesting

    It should be up to the user to decide what a given application has access to outside of standard binaries and user-app-data folder sets. If one wants an app to have access to stuff outside of those, then it should be an OS-level setting, not something the app decides, similar to a fire-wall.

    If the app wants to show a tutorial to users for how to config their "folder fire-wall" to allow an app to outside of the sandbox, that's fine, but it should be outside of the app's control still.

    --
    Table-ized A.I.
  21. Re:How about I go to Google and scan their offices by iamhassi · · Score: 2

    They can hire me as a chef, but in between my cooking duties I'll rifle through everybody's office looking for dangerous things. No need to panic - I have only good intentions at heart. What, you didn't think a chef should also double as your security detail?

    Sounds like a Navy SEAL with karate and explosive skills turned cook https://en.m.wikipedia.org/wik...

    --
    my karma will be here long after I'm gone
  22. VIRUS ALERT: Chrome has detected SHTSTORM64 by Anonymous Coward · · Score: 5, Insightful

    Let me ask a really stupid question.

    Imagine you were browsing the web minding your own business. Next thing you know all of the sudden your browser flips out opening windows warning you about viruses on your own computer would you believe it? For years we keep telling people not to fall for this shit.

    Now this... just the uncertainty / phishing leverage alone of browsers doing AV the mere fact this feature exists within a browser puts end users at massive unnecessary risk for no valid reason. Google could simply release a standalone virus scanner if they really gave a shit.

    Try Googling chrome and virus scanner.. The results speak to why doing this is a really really bad idea.

    My personal opinion every means by which data is exfiltrated requires some cloak of legitimacy. You can't just have shit rummage through everyone's computer for no reason. You'll be publically skewered and sued. There has to be a plausible enabling excuse hence the virus scanner nobody knows about. Oh look our scanner found something interesting ... there was no prompt asking the user whether they want their computer scanned in the first place so why does anyone think there would be a prompt before your data (or "metadata") starts getting uploaded to Google "for your own good" ?

    As you may have guessed I don't trust Google enough to run any of their software on my computer. Those who prefer Chrome should consider Chromium.

  23. I would only run ... by Anonymous Coward · · Score: 4, Interesting

    I would only run Chrome browser in a virtual machine to test websites I develop. Otherwise, I simply do not use it. IMHO, it likely spyware with a browsing feature. I confounds me is that most people use it as their main browser, as if the Google spy-widgets in half the sites out there aren't enough for them.

    While Windows is of late too snoopy by default (if you switch to Basic it collects mostly hardware spec stuff which it's been doing since it offered updating back in the 1990s or XP), it would be very reasonable to assume Google and Facebook has far far (far far far) more on folks than Windows and Microsoft ever will.

    Moreover, if one chooses and configures carefully, one can shut off the excessive telemetry stuff (yes you can) and still use from the Windows 10 family of operating systems relatively privately at least at the computer and operating system side.

    I have many of Google's snoopy URLs deadsunk in a hosts file, and FB completely deadsunk except on one computer. They are in the business of snooping in a way Apple and Microsoft are not. So be wary of Google and Facebook. They are trying to be everywhere online watching what you do.

    But to use Chrome !? As your browser !? Are you a dupe !? You've got to be kidding!

  24. Sleeping Disk by holophrastic · · Score: 2

    If I were to be using chrome, this would have been a major problem for me. My documents are on a different drive, and that drive sleeps for most of its life.

    (It's actually kind of funny that in 2018, on a new and wonderful build, It takes longer for me to open an mp3 or a doc file, than it did in 1985! First access of the hour wakes the drive, and between the time-delay and the drive spinning up and the case fans spinning up at the same time, it feels and even sounds almost like a floppy disk drive. It can be up to ten full seconds, though it's usually closer to five seconds.)

    This feature in chrome would cost me major money, in terms of the life of my storage drives -- both HDD and SSD -- as well as the electrical expense, and the fan noise. It would also be a major curiosity and point of confusion as I'd be wondering why my machine were so active when nothing's being accessed.

  25. Wedge strategy at work. by shm · · Score: 2

    Quietly release a virus scanner (in a browser?!?), get people used to it, and then start uploading analytical data, serve even more targeted ads.

    Sounds like a wedge strategy to me.

  26. Once upon a time by nehumanuscrede · · Score: 2

    I would have said:

    " Nothing to be concerned about because if Google got caught doing something crazy like perusing all the files on your system, the backlash would be epic. "

    These days, I've come to realize Google or Microsoft ( of their own design or at the behest of another . . . *cough* Intelligence Commmunities *cough* ) going through your effects with a fine toothed comb and flagging anything of interest they may find. If they get caught, they get a slap on the wrist, a reprimand ( with stern sounding language no less ) and their promise to never do it again. :|

    Then, we simply wait until the storm dies out, and start again under a new name.

    We truly can trust no one anymore because it seems that even the trustworthy are simply hiding the knife until we look away for a moment. ( No, I don't consider either G or M to be trustworthy, but there is always someone who loves to speak up when X gets caught doing something stupid claiming they would never do such a dastardly thing. Like DuckDuckGo or Tor or $League_of_anti_evil_corporation )

    It really gets old.

  27. Re:Leaky Assholes - FTFY [Re:Assholes] by postbigbang · · Score: 3, Informative

    It's free. People look at "free" and salivate like Homer Simpson.

    But they're actually being sold, and after realizing that, rationalize it and then get more free stuff. Android is a similar notion. Just being a consumer helps underwrite the cost of the product. Apple knows it, and there is no escaping the sale of the device user's info. Someone's buying it.

    Does one need a smartphone every minute of every day? No, but like nicotine, opoids, and sugar, addicts are easy targets. Donuts? Sure. Cigarettes? Sure. Opoids? Sure feels good. No one wants to walk away, yet everyone decries monetizing consumers. It's difficult not to have it both ways, even if you're Richard Stallman. This stuff gets paid for, somehow, some way. Until people realize they're the product, they'll continue to have moments of cognitive dissonance.

    --
    ---- Teach Peace. It's Cheaper Than War.
  28. Shocked! by jarle.aase · · Score: 2
    I am shocked, shocked, that Google extend their proactive scan of your data from Google Drive to your private disk. Shocked!

    Let's all pray now for the poor souls that had "hate speech", "terrorist" material or pictures of their kids in the bathtub on their local harddrives and were "... reporting you to the relevant authorities." Amen.

  29. Drop it like a hot potato. by MadMaverick9 · · Score: 4, Insightful

    Why don't people drop google, facebook, et al. like a hot potato?

    Because people are inert, hopelessly dependent on the system. They fight to protect it.

    That is why nothing will change.

    We don't need/want governments to enact laws (Macron, etc.).

    People need to look themselves in the ass and take their own lives into their own hands.

    Same with the new visa requirements for the US. Just don't go !!! Just don't do it !!! For crying out loud - how difficult can it be ?!?!?!

  30. Re:Yeah, right. by thegarbz · · Score: 4, Insightful

    pretty sure Google made the same assurances when they first started scanning everything in your Gmail account

    You have a rosy view of history. Google has pretty much said "all your data are belong to us" from the beginning of Gmail.