After what can only be described as an untimely release (over a holiday weekend), Google is already on the defensive from privacy advocates about its new browser Chrome. Sure, Google devotees will be quick to point out how it obtained a 1.5% market share in 24 hours, no feeble feat by any means, but it seems that Google has its eyes set on an even mightier target, collecting data about your browsing habits and search terms.
The Washington Post quotes Jane Horvath, Google’s senior privacy counsel as saying: “Google’s Chrome is set up by default to collect about 2 percent of all keystrokes typed into its Omnibox — whether Web page addresses or search terms. One percent is comprised of all the keystrokes for 1 percent of computer users selected randomly, each day, she said. Google also collects 1 percent of all the keystrokes typed into the Omnibox each day.”
Since Google records IP addresses associated with search queries entered by users into Google’s standard search bar for nine months, privacy sensitive European agencies such as the German BSI, are taking an even closer look at the browsers behavior since an IP address is considered a personal identifier that can be traced back to the individual via their ISP.
To top off a bad PR week in privacy, Google also had to issue a patch for one of security’s most common application security issues, a buffer overflow vulnerability that would make it possible for an attacker to take over your system.
Security firm SVRT-Bkis released an advisory, citing they found a critical buffer overflow in Google Chrome that would enable an attacker to take complete control of an unpatched system.
Say what you want about IE, Microsoft has had many years of bad press to address security concerns, or at least make them a high priority in the development cycle. Privacy aside, you would at lease expect the browser to be up to par with common vulnerabilities.
If your a Google fanatic your probably on your iphone right now calling all your friends telling them about Chrome, but if your concerned about your privacy and where your personal browsing data is being recorded, I suggest you take a wait and see approach.
Consumer Watchdog Exposes Google Privacy Problems & Calls for Attorneys General Investigation