With a massive 62% market share, Google Chrome dominates the web browser market. Chrome’s seamless updates are a major factor behind its success, but now the browser is under attack after its latest upgrade dropped a nasty surprise on millions of users around the world.
In a damning blog post entitled ‘Why I’m done with Chrome’, noted cryptographer and Johns Hopkins University professor Matthew Green has exposed a subtle change to the Chrome sign-in experience which has the potential to not only put your data at risk but also unwittingly synchronize it with any other users of your browser?
From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you, warned Green.
The consequences of this are significant, as anyone who uses your browser now does so with your account. Their browsing history and cookies synchronize with your Google account across all the devices where you use Chrome.
Furthermore, if they log into any Google service it will log you out of the browser and they can import all their bookmarks, settings, etc. When you sign back in, it has the potential to wreak havoc as one wrong click can see your data merged with theirs.
Forbes / ABC Flash Point Cyber News 2018.