If you use Chrome, Google can use a network protocol for tracking and ad delivery that can't be seen or blocked by extensions. TL;DR: You really shouldn't use a web browser made by an ad company.

"AdBlock Plus, uBlock Origin, and other extensions cannot block QUIC requests. Recommended best practice is to disable QUIC from the chrome://flags/ URL."

blog.brave.com/quic-in-the-wil

@Endo I am probably switching back to Firefox fully. But Edge is fine if you shut off literally every single tiny bloody option Microsoft has to sync or share data with them.

@ocdtrekkie Firefox also reports back. Ubuntu doesn't stop their app store from doing that too.

@Endo Firefox telemetry is extremely easy to disable with a single setting. And Mozilla doesn't have conflicts of interest like... operating an advertising company built entirely around collecting data about you.

@ocdtrekkie How do you think that Mozilla pays it's engineers?

Also, why are users supposed to use a measurably inferior and less secure product? I know the types of data Google wants me to disclose and it doesn't include ransomware.

I am pretty sure a security fail (e.g., your advice to use Edge, a very insecure browser ATM) is more expensive than a small amortized and minimal privacy cost.

Especially when the only damages people conceive from these are notional.

@Endo Almost every user I've ever supported on Chrome has malicious browser extensions... They're right in Google's own store! The least secure browser is Chrome. Edge is literally impossible to exploit in the same way right now, every extension is hand approved by actual people. Google is too easy to game.

Mozilla's telemetry is easy to disable, Google's is not.

@ocdtrekkie You've defined "malicious" as "leaking secondary data" and I've defined it as "enabling people to encrypt your hard drive and return it for money."

Security is expensive and no one charges anything for browsers. Maybe if we did, your support job would be easier? Not really sure.

@ocdtrekkie As a general rule, I feel that people get far too hung up on easily measurable metrics of privacy like "how many bytes of metrics data does it collect".

This is not idea, but it is likewise a very low marginal cost compared to much more profound privacy lost when someone takes your box with you via a remote execution vector.

@Endo I'm not relying on my browser to prevent that. And if I was... It definitely wouldn't be with Chrome. It's the only browser we actively restrict usage of because of how impossible it is to secure.

Because Chrome likes to let non-admin users install it, I actually have to use our AV solution to block it in some places.

Chrome is the new IE6.

@ocdtrekkie You're relying on anti-virus? Which? One of the many with poorly written code that has been used as an attack vector several times last year?

Security is holistic. Saying, "Well I'm fine with a less secure browser because I have anti-virus" is pretty poor reasoning.

Can't we just agree everything is terrible and we have no good options, but that Firefox is especially the worst of all options?

@Endo No, because Firefox is way safer than anything compromised by Google. And no, the antivirus clients I use are not amongst the poorly written recently compromised stuff.

Sign in to participate in the conversation
mastodon.cloud

Everyone is welcome as long as you follow our code of conduct! Thank you. Mastodon.cloud is maintained by Sujitech, LLC.