upvote

points

by acheron8 hours ago |
comments
upvoteby 7 hours ago|
next
[-]
deleted
reply
upvoteby armadyl7 hours ago|
prev|
next
[-]
> This is a Chrome thing.

This is blatant misinformation. Firefox (and all of its derivatives) also does this.

https://bugzilla.mozilla.org/show_bug.cgi?id=1372288

reply
upvoteby Aloisius4 hours ago|
parent|
next
[-]
This only works if the web page knows the random per-install id associated with an extension.

That can only happen if the extension itself leaks it to the web page and if that happens, scanning isn't necessary since it already leaked what it is to the webpage. It also doesn't tell you what extension it is, unless again, the extension leaks it to the webpage.

The attack on Chrome is far more useful for attackers as web pages can scan using the chrome store's extension ID instead.

reply
upvoteby p-e-w7 hours ago|
parent|
prev|
[-]
And this bug was reported eight years ago, with no serious attempt to fix it since.
reply
upvoteby taneq8 hours ago|
prev|
[-]
Google cares deeply about privacy. Google defines privacy as them not giving your private data that they have collected to anyone else unless you ask them to.
reply
upvoteby dmoose7 hours ago|
parent|
[-]
Google cares deeply about privacy. Google defines privacy as them not giving your private data that they have collected to anyone who hasn't paid them for it or can compel them to give it up.
reply
upvoteby seanw4447 hours ago|
parent|
next
[-]
There's a fourth amendment case on the Supreme Court docket (Chatrie v. U.S.) about Google searching a massive amount of user data to find people in a location at a specific time, at police request. The case is about whether the police's warrant warranted such a wide scope of search (if general warrants are allowed).

Point being: Google will 100% give your info to the police, regardless of whether the police have the legal right to it or not, and regardless of whether you actually committed a crime or not.

Bonus points: the federal court that ruled on the case said that it likely violated the fourth amendment, but they allowed the police to admit the evidence anyway because of the "good faith" clause, which is a new one for me. Time to add it to the list of horribly abusable exceptions (qualified immunity, civil asset forfeiture, and eminent domain coming to mind).

reply
upvoteby ImPostingOnHN7 hours ago|
parent|
[-]
They knowingly participated in PRISM, too.
reply
upvoteby iso16316 hours ago|
parent|
prev|
next
[-]
Why would the police go to all that hassle of compelling google to give it up when it can simply buy it on the open market.
reply
upvoteby autoexec4 hours ago|
parent|
next
[-]
Police do hit up google for data though. https://www.nbcnews.com/news/us-news/google-tracked-his-bike...
reply
upvoteby iso16314 hours ago|
parent|
[-]
So no compelling here. The police asked for it and google gave it, either for free or in exchange for money. They didn't say "no" to the police, they didn't wait for a court order.

The bad guy here is google. And the people that champion data collection by private companies because of free market == good.

reply
upvoteby autoexec3 hours ago|
parent|
[-]
In that case, the main bad guy was the police who didn't bother to do even the most basic investigating after "check Google's GPS records to see who was at the house" including "Check Google's GPS records to see how how long they were there" which would have shown them this was a drive by, but yeah Google is absolutely a villain
reply
upvoteby taneq6 hours ago|
parent|
prev|
[-]
The breaking point with me that caused me to de-google myself was finding out that Google was buying Mastercard records in order to cross-reference them with Android phone data. That shit is not okay.
reply
upvoteby taneq6 hours ago|
parent|
prev|
[-]
Ah yes, I should have said I was describing the official line, not the behaviour. In all fairness the “can compel them to give it up” doesn’t seem to be optional but otherwise, yeah. Agreed.
reply