Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Chrome 69 Will Merge Its Sign In With Signing Into Any Google Account
Quote:Let’s start at the beginning. Prior to Chrome 69, Chrome offered an optional sign-in feature. This feature had nothing to do with your various accounts on services like Gmail or YouTube — instead, it allowed Google to synchronize things like cookies and bookmarks across all of the devices on which you used Chrome services. Many people embraced the feature, but Google kept it opt-in. The old login icon looked like a blank outline of a person. When clicked, it displayed the following message:

But now, Google has changed this message. Download and install Chrome 69, and the browser now treats this sign-in option as exercised if you log into any Google account. In other words, Google now treats the Chrome sign-in and the Google account sign-in as equivalent.
But this kind of pattern deployment is fundamentally toxic to trust. It’s particularly toxic for a company that’s proven so willing to end-run around user expectations, including promising two years ago not to track users who turned off location tracking, only to later admit that hey, it’s still tracking users who turn off location tracking. Google has also acknowledged allowing third parties to sweep Gmail for data as well.

On a personal note, it’s deeply unsurprising to see Google do this. Green points out that Google is promising to respect a user’s sync settings after deliberately breaking the conventions that end users were using to tell Google they didn’t wish to sync their software across devices. But this is unsurprising. It’s exactly what Google did years ago with its own opt-out system for automatic updates. The company establishes a mechanism by which users can opt out of something, then breaks that mechanism if too many people opt out of it. We’re supposed to trust that Google will respect the decision of people who don’t want to sync their data with its servers when it just broke the mechanism by which people previously notified it that they did not wish to synchronize with its servers? Muddying the waters with a login that isn’t a login and a “Sync” panel that can seamlessly activate a feature users don’t want aren’t improvements — they’re just as scummy as the games Microsoft played with its Windows 10 update tool near the official end of the free Windows 10 rollout period.

This kind of behavior is profoundly damaging to any conception of trust. Combined with the endless privacy scandals coming out of Google and the company’s willingness to help the Chinese government spy on its own people and it’s worth asking why we respect this company at all.
A workaround is available:
Quote:Shortly after criticism over this decision began, Google said it would update Chrome's privacy policy to reflect this change, and now it's revealed its plans to help clarify the situation. The first will be an option in Chrome's settings to disable this surprise feature, and the second will be a change to the browser's user interface that makes it clear that being signed in to Chrome does not mean the sync feature has been enabled.

The company will also respond to another problem: Google auth cookies persisting even after someone clears their cookies. The company said this was supposed to "allow you to stay signed in after cookies are cleared." Yet that defeats the purpose of clearing those cookies in the first place. So the company is planning to make it so Google auth cookies are deleted and users are signed out like they're supposed to be.

Google said these changes will arrive with the release of Chrome 70 in mid-October. That release's previous highlights were the addition of a Shape Detection API, improvements to the Web Authentication API and various back-end improvements.

Forum Jump:

Users browsing this thread: 1 Guest(s)