Security loopholes in the case of Google Chromium

The Internet browser „Chrome“ from the Google enterprise is considered as a quite popular program for the surfing, reading and downloading of various contents from the World Wide Web. However, Google is also well-known for its lax data protection regulations, respectively for its quite big curiosity in terms of data – this is why the search engine browser is consciously avoided by many PC users.

With Google Chrome, a readily-installed program is loaded on the PC of the user, which is constructed in such a way, that the user cannot reread what the program actually does and which data it installs without prior consultation. For the user it can be very hard to detect, whether and which data the program extracts for its own use. How exactly the programs function and what it finally does, can be reconstructed at a great expenditure; in most cases, moreover, it cannot be reconstructed at all.

For this reason, many users would rather avoid using the related Chromium program. Chromium is the open source branch of the chrome browser and an open source code, so that the user can understand at any time, what the program on the PC does. Without agreement of the user, no additional functions are installed. This transparency of the browser ensured the security and confidence of the users.

Now, however, due to an attentive Debian user, it has become known to the public that precisely Chromium has simply downloaded an additional function from the Internet, without asking the user. A procedure which is not usual for Chromium and has generated high waves of indignation and disappointment among its users. Moreover, this auxiliary function was not Open-Source, thus not visible for the developers. So these could not understand what the new function actually does. The positive image, which Chromium had previously built for itself, was destroyed by this incident.

The mentioned function acts as a „Voice search“. This language search is known for long especially to the chrome users, since it has already been installed here for a long time. As soon as the user says „OK Google“, the language function is activated and the user can ask his search queries in his computer. This means, of course, that chrome can also hear, what the user speaks, as soon as the function is activated. If the user opens a new tab in his browser, then Chrome listens already for the signal words „OK Google“.

And now precisely this function has been re-tooled in Chromium through the back door. Of course this is disappointing first and foremost for the users. For the sake of fairness, one must, however, refer to this: the language search must first be manually activated by each user, so that it functions and listens to instructions. A small consolation, which does not, however, stop users to look around for another, safer and more transparent alternative. Thus, for example, Debian moves more and more into the focus of the users. Here the user can really understand everything and reread every function in the source code – the reason, why also CosmoKey uses Debian.

In spite of Google’s information, that the language search must first be activated, the whole incident remains non-transparent. When activating the option, the user does not know that this is a binary module. In addition to this comes the fact that the users do not finally know what Google monitors through this function and to what extent to data which is heard is stored.

And: more and more data is also used nowadays by many enterprises for online marketing and customer loyalty. Here also it remains non-transparent, which data are collected and which data are transmitted. The direction, in which the whole situation moves, is, nevertheless, clear to see: the trend towards „glass people” might be everything else than hampered by such and other incidents.

Bitte um den ersten Kommentar.

You must be logged in to post a comment.