Security Market Segment LS
Monday, 25 July 2016 10:24

What is your browser really doing? Featured

By

While Microsoft would prefer you use its Edge browser on Windows 10 as part of its ecosystem, the most popular Windows browser is Google’s Chrome. But there is a downside to Chrome – spying and battery life.

It all started when Microsoft recently announced that its Edge browser used less battery power than Google Chrome, Mozilla Firefox or Opera on Windows 10 devices. It also measured telemetry – what the Windows 10 device was doing when using different browsers.

What it found was that the other browsers had a significantly higher central processing unit (CPU), and graphics processing unit (GPU) overhead when viewing the same Web pages. It also proved that using Edge resulted in 36-53% more battery life when performing the same tasks as the others.

Let’s not get into semantics about which search engine — Google or Bing  is better; this was about simple Web browsing, opening new tabs and watching videos. But it started a discussion as to why CPU and GPU usage was far higher. And it relates to spying and ad serving.

Windows Club found a lot of CPU power went to supporting Chrome push notifications. And it wasn’t just notifications from Google’s productivity software but any company paying Google to allow notifications to be pushed to you – advertising.

It recommended that if you use Chrome you turn them off but there was no intuitive way to do it – the option was either all or none. It found that by copying the following text chrome://settings/contentExceptions#notifications into the Chrome URL bar you could see the hostnames and allow or block the push notifications.

That led to privacy discussions and a host of recommendations about turning on the “Do Not Track” Option (under Settings) but it found that CPU cycles were still being used. It recommended that under “Settings and Privacy” all boxes except “Do Not Track” be unticked.

We Are Anonymous has cautioned about using Chrome’s default settings for search but has added cautions against using OK Google as well as it has wider powers outside the search function – email, calendar, personal information, data, device storage, Google productivity, and cloud, etc. It says OK Google opens up new issues as via its “HotWord” extension it continually ‘listens’ without express permission and may use a web camera to determine if you are in front of the device. But more concerning was that OK Google builds a profile of the user that is used for advertising purposes. It also warned that many of the third-party extensions for Chrome could spy on the user as well.

MalwareBytes has warned that some third-party extensions are a security issue. "Chrome extensions are very much like Android Apps as they require certain permissions (access to your contacts, microphone, camera, etc.) and unfortunately more often than not, they require more rights than they ought to have. Additionally, a lot of people don't understand what those mean and will install these extensions and forget about them. This makes it an ideal situation for threat actors to aggressively push bogus apps and use a little bit of social engineering to coerce end users into downloading malware-laden extensions."

Google blacklists known bad extensions but not those that may spy on your browsing habits. Some of the most popular Chrome extensions like Emoji Input, Speakit, and SuperBlock Adblocker are aggressively tracking their users – with Google’s blessing, as they pay for the privilege.

By installing third-party tracking scripts, some extensions are spying on every page a user visits making it possible to “fingerprint” a specific user’s browsing history and gain access to any pages that include tokens used for authentication like Facebook Connect and shared links from sites such as Dropbox.

The extensions do this by including default permissions that allow access to view all websites a user visits. That browsing data is then put up for sale by third-party analytics services, available for viewing by anyone who pays for a monthly subscription fee.

According to Detectify Labs hackers can disable Chrome’s security features. This is at the level of proof of concept at this stage, but that simply means hackers will utilise it sooner rather than later, and it would enable a hacker to see everything you are doing in Chrome.

Comment

I have not looked into other browsers, and that will be done when time permits.

A simple search “Google Chrome spying on you” yielded over 48,000 results. A similar search on Mozilla Firefox yielded over 39,000 results and Opera Browser about 28,000. By comparison, Apple’s Safari has 20,000 results. Any reports mentioned in the article were limited to the last 12 months.

I was unable to do a similar search purely on Edge as it appears to be lumped into Windows 10 as part of its ecosystem rather than a standalone browser.

Read 4532 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

GET READY FOR XCONF AUSTRALIA 2022

Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.


Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event

GET YOUR TICKET!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments