144
Google Chrome to soon get a new ‘IP protection’ feature: Here’s what it does (indianexpress.com)
submitted 11 months ago by macallik@kbin.social to c/technology@lemmy.world
62 comments fedilink hide all child comments

Google will soon start testing a new ‘IP protection’ feature for Chrome users, offering them greater control over their privacy. The tech giant the upcoming feature prevents websites from tracking users by hiding their IP address using proxy servers owned by Google.

To give you a quick recap, IP address is a unique numerical identifier that can be used to track a user’s geographical location and is used by advertisers to track a user’s browsing habits, see which websites they visit and provide personalized ads.

According to Google, the IP protection feature will be rolled out in multiple stages, with Phase 0 redirecting domains owned by Google (like Gmail) to a single proxy server. The company says the first phase will allow them to test its infrastructure and only a handful of users residing in the US will be enrolled.

Google also said that the upcoming IP protection feature will be available for users who have logged in to Chrome. To prevent misuse the tech giant will be implementing an authentication server that will set a quota for every user.

In the following phases, Google will start using a 2-hop proxy system, which essentially redirects a website’s request to a Google server that will again be redirected to an external CDN like Cloudflare.

While the IP protection feature might enhance user privacy, the tech giant has clarified that it is not a foolproof system. If a hacker is able to gain access to Google’s proxy server, they will be able to analyse all traffic passing through the network and even redirect users to malicious websites.

Since most of Google’s revenue comes from tracking users across the internet and offering them personalized ads, it will be interesting to see how the company strikes a balance between user privacy and revenue generation.

top 50 comments
sorted by: hot top controversial new old
[-] cmnybo@discuss.tchncs.de 148 points 11 months ago

That will just allow google to track every website you visit.

[-] bus_factor@lemmy.world 115 points 11 months ago

Both. It will prevent other sites from seeing some of your data, while giving Google more of your data. Of course Google wants to do this, it gives them a competitive edge. Smells like brewing lawsuits, though.

[-] radix@lemmy.world 33 points 11 months ago

Using one dominant position (Chrome market share) to extend into another (data brokerage) is textbook Monopoly 101.

[-] bus_factor@lemmy.world 8 points 11 months ago

Yeah, we saw Microsoft do that with Windows and Internet Explorer back in the day.

[-] andrew@lemmy.stuart.fun 20 points 11 months ago

Nobody can track what you're looking at*!

*For free any more because now they'll have to pay us for that data which we'll have wayyyy more of."

[-] vector_zero@lemmy.world 3 points 11 months ago

Nah, they don't sell your data. They sell their ability to serve you ads based on their data about you.

[-] helenslunch@feddit.nl 11 points 11 months ago

Smells like brewing lawsuits, though.

This is America. No one cares about your privacy and corporations own the government.

[-] bus_factor@lemmy.world 7 points 11 months ago

Google also operates in the EU. They'll probably get a slap on the wrist in the end, but first there will be a widely publicized lawsuit.

[-] obinice@lemmy.world 6 points 11 months ago

Damn, and here I thought I lived in the United Kingdom.

I guess this is America? Who knew!

load more comments (2 replies)
load more comments (1 replies)
[-] deegeese@sopuli.xyz 99 points 11 months ago

Google’s idea of privacy is to capture all your activity through Google’s VPN so nobody but Google’s advertisers can see it.

[-] zingo@lemmy.ca 14 points 11 months ago* (last edited 11 months ago)

Looks like a great business plan to me.

Edit: Firefox is a great option for more privacy.

Librewolf is a hardened fork of Firefox, but not for everyone. Although I am very happy with it personally.

[-] Siddhartha-Aurelius@kbin.social 3 points 11 months ago

Mullvad also has a browser.

load more comments (5 replies)
[-] knobbysideup@lemm.ee 88 points 11 months ago

So a proxy of their own so Google can watch everything you do themselves? GTFO.

[-] A_Random_Idiot@lemmy.world 79 points 11 months ago* (last edited 11 months ago)

Ah yes, filter all my internet browsing through google servers for ~~analysis, data harvesting and exploitation~~ "privacy"

Then again, anyone actually caring about privacy probably wouldnt be using chrome to begin with.

[-] CrayonRosary@lemmy.world 8 points 11 months ago

Don't worry. They'll "strike a balance"

[-] RanchOnPancakes@lemmy.world 70 points 11 months ago

Hopefully what it does is popup a message urging users to STOP USING GOOGLE CHROME

[-] andrew@lemmy.stuart.fun 20 points 11 months ago* (last edited 11 months ago)

That's pretty brilliant, actually.

I propose a nice server side open source library that will replace pages served from Google IP space with redirects to the Firefox download page. Or just a page presenting the problem and danger.

Or like an nginx plug-in. So many options.

[-] sir_reginald@lemmy.world 63 points 11 months ago* (last edited 11 months ago)

Since most of Google’s revenue comes from tracking users across the internet and offering them personalized ads, it will be interesting to see how the company strikes a balance between user privacy and revenue generation.

Isn't it obvious? Google own's the proxies. And judging by the look of this, they are going to act as a a Man In The Middle for HTTPS, so they will be actually able to see everyone's plain text connections. This is not a privacy feature, but a privacy nightmare. Like everything else on Chrome, tbh.

Edit: I don't know if they will be breaking HTTPS or no, since I didn't see the details of how this works. But even if they don't see your plain text traffic, they are logging your every request, which is scary.

[-] fubo@lemmy.world 9 points 11 months ago* (last edited 11 months ago)

You can't MITM HTTPS with a VPN unless the browser accepts an insecure certificate. And that can't be done without being detected; and the security community would raise seven shades of hell.

Google has actually helped build the infrastructure that (in a public, provable way that Google can't subvert) makes it impossible to get away with MITM in this manner. It's called Certificate Transparency.

Put another way: Google wants other big companies and governments to use Chrome and Android. If Google started MITMing traffic like you suggest, no corporation or government would ever touch their products again. So they've built infra that lets them prove they don't.

They could use this to get more accurate figures about the popularity of different sites or services by IP and port. But they don't need to; they have search.

[-] _s10e@feddit.de 5 points 11 months ago

You can't MITM HTTPS with a VPN unless the browser accepts an insecure certificate.

Yes, but the browser is Chrome and this is a feature built into Chrome.

[-] fubo@lemmy.world 5 points 11 months ago

Now try reading the rest.

load more comments (2 replies)
[-] Knusper@feddit.de 44 points 11 months ago

Guess, AMP didn't give them enough control over servers, now they also want to capture the clients.

[-] Fades@lemmy.world 42 points 11 months ago

fuck chrome

[-] aeternum@kbin.social 12 points 11 months ago

FUCK GOOGLE moar liek it.

[-] BearOfaTime@lemm.ee 3 points 11 months ago

Por que no los dos?

[-] Blackmist@feddit.uk 34 points 11 months ago

Well that would be great if Google wasn't the main culprit trying to track me.

Is that really the best business plan they have now? Stop everyone else tracking you so their own data is worth more?

[-] BearOfaTime@lemm.ee 3 points 11 months ago

Credit where credit is due - they've been hypocrites since at least the day the posited "Don't be evil".

Like any decent person needs to say that.

load more comments (1 replies)
[-] 0oWow@lemmy.world 31 points 11 months ago

So this is Google’s version of Microsoft tracking. Microsoft does it with Windows and Edge, Google does it with proxies. Sad.

[-] Ghostalmedia@lemmy.world 7 points 11 months ago

I would wager that this is probably more of a response to iOS and Apple’s encrypted proxy “Private Relay” feature.

Google doesn’t care about Edge. If you look at the browser stats, mobile Safari is their major competitor. Especially in the states.

[-] DarkThoughts@kbin.social 24 points 11 months ago

Google will soon start testing a new ‘IP protection’ feature for Chrome users, offering them greater control over their privacy. The tech giant the upcoming feature prevents websites from tracking users by hiding their IP address using proxy servers owned by Google.

Jesus fucking Christ...
I wonder how much Indianexpress gets paid for this bullshit advertisement.

[-] macallik@kbin.social 4 points 11 months ago

This was actually the least-biased coverage of the day:
https://www.techmeme.com/231023/p18#a231023p18

[-] Treczoks@lemm.ee 22 points 11 months ago

So instead of the websites tracking me, it would just be google that does so. With much more control and detail than ever. And then google will sell that information to those websites for even mroe profit!

[-] Zealousideal_Fox900@lemmy.world 19 points 11 months ago

THE FUCKING IRONY

[-] RandomVideos@programming.dev 12 points 11 months ago

So instead of giving random websites your general location, you give google everything you do on the web?

load more comments (1 replies)
[-] Haywire@lemm.ee 10 points 11 months ago

I'm using Google's VPN now. They promised they won't look. Honestly I think a lot.more is leaked via the GBoard keyboard, but what do I know.

[-] iopq@lemmy.world 7 points 11 months ago

This would actually be good, because combined with encrypted client hello, a TLS connection to some website would only be identifiable by the IP and DNS queries. You don't have to use Google's DNS either.

So Google will basically see that you're connecting to a cloudflare hosted website or whatever the case is. Doesn't help much because they can't see encrypted data

load more comments (8 replies)
[-] macallik@kbin.social 4 points 11 months ago

Curious to hear more opinions. I think there are technical nuances that I don't quite understand based on reading this comment (& subsequent replies)
https://mastodon.social/@ocdtrekkie/111281971968074869

[-] kaitco@lemmy.world 28 points 11 months ago

It’s some high-level BS, is what it is.

A better way to protect privacy is to use a neutral, paid VPN; use Firefox with all the best blockers; and not sign into anything while doing searches.

Google is doing this so that they can see everything and so that others will have to pay them to see the everything they’ll have. Yes, it can “technically” be private from other parties, but Google’s bread and butter comes from collecting data and selling it. This is only a tool to collect even more data.

[-] DarkThoughts@kbin.social 9 points 11 months ago

To quote the "article":

While the IP protection feature might enhance user privacy, the tech giant has clarified that it is not a foolproof system. If a hacker is able to gain access to Google’s proxy server, they will be able to analyse all traffic passing through the network and even redirect users to malicious websites.

This means that if a hacker can do this, then obviously the same goes for Google itself. Google will analyse all your online traffic data and use it for themselves. This isn't pro privacy, it's the complete opposite.

[-] WhyJiffie@sh.itjust.works 5 points 11 months ago

Yes, this is straight out deception, and another avenue of making other targeting based ad networks less useful.

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 23 Oct 2023
144 points (100.0% liked)

Technology

58125 readers
3730 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world