Tuesday, May 08, 2018 by David Williams
Google Chrome has quickly risen to become the most used web browser in the entire world. Ever since it was first introduced all those years ago, Google, the internet search giant, worked hard to make it as appealing and as hard to switch away from as soon as you became a user.
Recently, the browser got fitted with a few new upgrades, including “basic antivirus features” that, in theory, should be a welcome addition for all users. However, it has been revealed that this feature has ended up allowing Chrome to basically spy on its own users, particularly on the Windows platform.
It is well-known that Windows is quite easy to exploit compared with other operating systems. After all, it’s the world’s most popular operating system on the desktop. Since the same exact thing applies to Chrome, with it being the world’s most popular web browser, any mishap that occurs involving it is going to be a wide-reaching incident regardless of the cause or origin.
But in the case of Google Chrome and its apparent act of spying on its own users, there is evidence to show that there is no one to blame but Google itself. It all started when Google introduced a feature in Chrome called the Chrome Cleanup Tool, which was developed using software from the antivirus and cybersecurity company ESET, and meant to be used by Windows users. Through this tool, Chrome is supposed to offer users a “safer” and “cleaner” web browsing experience than they would otherwise get. And their computers would be kept safe from the harmful effects of any web-based viruses. (Related: Read GLITCH.news for more coverage of technology glitches.)
The Chrome Cleanup Tool couldn’t seem more innocuous. On paper, it’s meant only to scan for any active malware threats to your computer with the use of ESET’s built-in antivirus engine. In the event that it finds any suspicious files or potential malware, it will immediately send meta-data with relevant information on the file and its location to Google. Afterwards, users are asked for permission to remove any and all suspected malicious files, so nothing happens without a user’s express consent. And it’s possible to opt-out of sending information to Google entirely simply through deselecting the checkbox that says “Report details to Google.”
According to Kelly Shortridge, an employee at a cybersecurity startup called SecurityScorecard, the reality is that the tool might be over-stepping a little bit in use. She discovered that Chrome was quietly running antivirus scans on her Windows computer. And what’s more, the scans were being conducted on her computer’s Documents folder. As it turned out, Chrome had been doing these scans since last fall at the latest, and some people are understandably unhappy about it. (Related: WATCH OUT: Google is recording everything you search and say.)
“In the current climate, it really shocked me that Google would so quietly roll out this feature without publicizing more detailed supporting documentation — even just to preemptively ease speculation,” she said in a statement provided through chat To VICE Magazine’s Motherboard. “Their intentions are clearly security-minded, but the lack of explicit consent and transparency seems to violate their own criteria of ‘user-friendly software’ that informs the policy for Chrome Cleanup [Tool].”
Google Chrome’s head of security, Justin Schuh, was quick to explain the situation away by issuing a statement on Twitter, saying that the tool’s “sole purpose is to detect and remove unwanted software manipulating Chrome.”
Regardless of what Google intends to do with this feature, users should have full control of its actions and it shouldn’t be running in the background without a user’s knowledge. It may be par for the course for a company like Google, but for more sensible users, it could end up in a change of browser.
Read more about other privacy violations conducted by companies like Google in PrivacyWatch.news.
Tagged Under: Tags: antivirus, chrome, Chrome Canary, Chrome Cleanup Tool, computer, computer security, cyberhacking, cybersecurity, cyberterrorism, Glitch, Google, google chrome, invasion of privacy, malicious files, malware, My Documents, online privacy, privacy, search engine, spyware, user consent, virus scan, web browser, web browsing, windows