Wednesday, March 17, 2010

Google Chrome to do away with unique IDs


From the forthcoming version 4.1, Google is doing away with the Chrome feature which has attracted the most criticism: unique IDs. Until now, this token has been stored in the user_experience_metrics.user_id key in the User Data\Local State file in the Chrome installation folder (C:\User\[Name]\AppData\Local\Google\Chrome under Vista).



Supplementing other measures to improve the browser's reputation for data protection, in a white paper on Chrome data protection, Google has announced that it will in future delete the token once Google Chrome runs and checks for updates the first time. From version 4.1, the allegedly anonymous ID will only be used to report successful installation of the browser to Google.



This step is largely symbolic, as Chrome has never attempted to identify users using the client ID, which is reassigned each time the browser is updated. Investigations using network sniffers have failed to refute Google's privacy statement that this ID is used exclusively for checking for updates and for the crash reporter (which is disabled by default) – discussions over alleged attempts by Chrome to identify users have nonetheless occasionally taken on extreme dimensions.



Far more problematic from a data protection point of view is the comparison of what is typed into the address bar with search engine results, although this can also be disabled, or switched to competitors such as Yahoo! or Bing from the browser settings screen. The white paper looks at the details of this issue, as well as redirection of 404 pages to the search engine and phishing and malware protection.


Source:

No comments:

Post a Comment