Users balk as Chrome 69 forcibly signs them into the browser
Chrome users have reacted angrily after the discovery of a new forced sign-in for the web browser. In short, the change means that when you sign into a Google service -- such as Gmail -- you are also automatically signed into this account within Chrome itself.
While a handful of people have welcomed the new sign-in activity, there is a very vocal number who are extremely unhappy. In addition to the perceived privacy concerns, what has particularly upset people is the fact that they are being signed into Chrome without being told about it.
- Chrome OS 69 rolls out with Linux app support and new Material Theme
- Microsoft quietly stops interfering with Chrome and Firefox installations on Windows 10
- How get rid of Chrome's stupid new rounded look
One of those who was disgusted to learn about the change is cryptographer Matthew Green who blogged about the issue over the weekend. He is among many who say they will no longer be using Chrome, and he explains what has changed:
A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It'll do this without asking, or even explicitly notifying you.
Your sole warning -- in the event that you're looking for it -- is that your Google profile picture will appear in the upper-right hand corner of the browser window.
Referencing this blog post, security expert Graham Cluley took to Twitter to announce that he was walking away from Chrome:
“Why I'm done with Chrome” https://t.co/AnzmPFM3q4
— Graham Cluley (@gcluley) September 24, 2018
As noted by infosec and system architect expert Bálint, "Chrome is a Google Service that happens to include a Browser Engine". He explains:
Just to spell it out: this means Google logins for Chrome are now de-facto mandatory if you ever login to a Google site. (Clarification: Sync/browser history/password sharing still requires user confirmation to happen, this is purely about the login itself.)
Although there is no data synchronization taking place, it's probably reasonable to ask when this might start happening -- otherwise, what is the point in the browser log in? But whatever is happening, there is a distinct lack of transparency. As Green notes: "This change has enormous implications for user privacy and trust, and Google seems unable to grapple with this".
Is this enough to make you move away from Chrome, or are you happy to continue to trust Google?