Comment on Google Chrome to soon get a new ‘IP protection’ feature: Here’s what it does
sir_reginald@lemmy.world 1 year ago
Since most of Google’s revenue comes from tracking users across the internet and offering them personalized ads, it will be interesting to see how the company strikes a balance between user privacy and revenue generation.
Isn’t it obvious? Google own’s the proxies. And judging by the look of this, they are going to act as a a Man In The Middle for HTTPS, so they will be actually able to see everyone’s plain text connections. This is not a privacy feature, but a privacy nightmare. Like everything else on Chrome, tbh.
fubo@lemmy.world 1 year ago
You can’t MITM with a VPN unless the browser accepts an insecure certificate. And that can’t be done without being detected; and the security community would raise seven shades of hell.
Google has actually helped build the infrastructure that (in a public, provable way that Google can’t subvert) makes it impossible to get away with MITM in this manner. It’s called Certificate Transparency.
Put another way: Google wants other big companies and governments to use Chrome and Android. If Google started MITMing traffic like you suggest, no corporation or government would ever touch their products again. So they’ve built infra that lets them prove they don’t.
_s10e@feddit.de 1 year ago
Yes, but the browser is Chrome and this is a feature built into Chrome.
fubo@lemmy.world 1 year ago
Now try reading the rest.
_s10e@feddit.de 1 year ago
I tend to agree with the trust argument. Google wants people to rely on Web technology and Google products and allowing MITM - or failing to prevent - goes against Google’s interest.
I don’t buy the technical argument at all. Google could terminate the TLS connection at the proxy and communicate with the browser on a proprietary encrypted channel. Chrome could easily show a green padlock item and certificate details as seen by the proxy. The whole thing could be open source and transparent. A minority of users will disable the feature; many will accept it. Corporates can be bought by allowing to opt out for ‘sensitive’ servers.