this post was submitted on 09 Jul 2024
1531 points (99.4% liked)

Technology

59534 readers
3168 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
(page 2) 50 comments
sorted by: hot top controversial new old
[–] VelvetStorm@lemmy.world 17 points 4 months ago (16 children)

Can someone explain this to me like I'm 5. I understand it's not good but I don't know why and I would like to understand it.

load more comments (16 replies)
[–] T156@lemmy.world 16 points 4 months ago (5 children)

Does this also affect Chromium, or is it just Google Chrome?

The article mentions it being affecting Google Chrome through Chromium, but it's not clear if it also affects Chromium on its own, or other Chromium-based browsers.

[–] Andromxda@lemmy.dbzer0.com 8 points 4 months ago

Chromium is also affected.

[–] JTheFox@lemmy.world 7 points 4 months ago

Chromium alone depends on if it's the Google version or the Un-Googled version. For the Google version of Chromium, it still has that hangouts extension. However, the Un-Googled Chromium has that extension removed via the build flags, the one to note is enable_hangout_services_extension=false.

As others have said though, it can also depend on what other Chromium-based is being used. Some browsers like Brave and including Vivaldi can have this turned off in the settings. Others like Edge and Opera are affected as well. However it doesn't affect every Chromium-based browser.

load more comments (3 replies)
[–] trolololol@lemmy.world 15 points 4 months ago* (last edited 4 months ago) (1 children)

This that and the article are very light on details, but I couldn't find an article deeper in details

My laptop, that I own and runs Linux that I installed, has chrome in it. I'm order to log into Gmail for work, it installs an extension that is capable of telling Gmail if my disk is encrypted. I know because you get an error message until my disk was actually encrypted. It was a big surprise to me, and I wonder if this is done by the same piece of code.

Btw would there be a way to do virtualization through perhaps docker or flat pack or chroot that can isolate chrome in a sandbox and prevent it from a) reading and writing files anywhere on any disk and b) get other data such as CPU, disk encryption etc?

[–] Andromxda@lemmy.dbzer0.com 9 points 4 months ago (1 children)

My laptop, that I own and runs Linux that I installed, has chrome in it. I’m order to log into Gmail for work, it installs an extension that is capable of telling Gmail if my disk is encrypted. I know because you get an error message until my disk was actually encrypted. It was a big surprise to me, and I wonder if this is done by the same piece of code.

That's strange, I've never heard of that before

Btw would there be a way to do virtualization through perhaps docker or flat pack or chroot that can isolate chrome in a sandbox and prevent it from a) reading and writing files anywhere on any disk and b) get other data such as CPU, disk encryption etc?

There are some isolation mechanisms on Linux like Firejail or Bubblewrap. The latter is used by Flatpak to sandbox applications. These are rather weak though, and Flatpak weakens the security of bwrap further. By default, Flatpak application permissions are also set in a Manifest file, which is created by the maintainer of the package. To get more control over your Flatpak sandbox, you need to use an application like Flatseal.

Docker (or containers in general) aren't meant for isolation/sandboxing, but this approach would also work. I would create a container using Distrobox or toolbx, and install Chrome inside the container.

This will not prevent Chrome from getting your CPU information though. To protect against that, you would have to use a virtual machine (and spoof the your CPU model if you want to hide that from Chrome).

[–] beeb@lemm.ee 6 points 4 months ago (2 children)

Sounds easier to switch to another browser at that point

load more comments (2 replies)
[–] Holzkohlen@feddit.de 13 points 4 months ago

Refreshing change from reading about some new AI powered tracking nonsense in Windows.

[–] faltryka@lemmy.world 10 points 4 months ago (2 children)

Is this for malicious harvesting or is this part of their chrome device trust product for enterprises?

[–] Andromxda@lemmy.dbzer0.com 10 points 4 months ago

No, as far as I know this has nothing to do with attestation/verification for enterprise users.

[–] hendrik@palaver.p3x.de 7 points 4 months ago (4 children)

LibreWolf, Mull, Chromium, ...

load more comments (4 replies)
load more comments
view more: ‹ prev next ›