Google, Mozilla Spy on Users via Mozilla Safe-Browsing and Chrome Update Checker

Posted on October 16th, 2013 Dan

I noticed a lot of attempted connections to Google’s shadowy 1e100.net from my Thunderbird email client lately, at semi-random intervals.  Clearly some kind of spyware, same thing with “Safe Browsing,” (on by default) sending Google every URL you visit in your Mozilla Firefox or Chrome web browser

.  Perhaps for users who need their hands held on the internet that is justifiable, but the temptation to spy on them would be too great for corporations or intelligence agencies to resist…

From ha.ckers.org

Safe Browsing is designed to protect you from phishing and malware sites by using a blacklist approach that gets downloaded to your browser on a regular basis. In an experiment that I let run for 24 hours, I watched the amount of connections Firefox made out to Google. It averaged around 30 times an hour.

When I started looking at Chrome I noticed two additional pieces of information that were being phoned home outside of Safe Browsing. This time, instead of it being 30 times an hour, it was more like once every 5 hours, which is still quite a bit if you ask me. The two extra pieces of data were “machineid” and “userid” – both computed information based on machine/user information. This information is sent along with a bunch of other browser information to ask Google if they should download an update. Now here’s the real question: why would Google need to know my machineid and userid to give me an update – wouldn’t the version number of my browser be enough to make that decision? I just can’t believe this isn’t used for tracking. There’s no more plausible deniability. What a perfect way to spy on people too… use their own browser against them in the name of security.


Comments are closed.