Combined with Privacy Sandbox [0], this means the browser can track you directly without cookies, but websites can't track you via IP address. So it has the effect of centralising the tracking to google only.
I haven't used Chrome since this rolled out, since I didn't see a way to object to the new tracking. This is what the linked article [0] says:
> It’s unclear if toggling these features off will stop Chrome from collecting these data altogether, or if it just won’t share the data with advertisers.
Depending on the user’s aims, that could still be a net win… limiting tracking to a single party versus N parties. Obviously not ideal as no tracking at all though.
> The Google-run proxy can observe the user's IP address but not the websites being visited and the third-party proxy can see the web servers being visited but not the IP address of the visitor.
Google will likely already have the user's IP from sync, safe browsing, etc, if Google's proxy doesn't know what sites are visited it doesn't sound like this increases Google's access to any user data.
> Combined with Privacy Sandbox [0], this means the browser can track you directly without cookies, but websites can't track you via IP address. So it has the effect of centralising the tracking to google only
Definitely not the actions of an org trying to exert monopoly power.
Certificate transparency has the same problem. It has the side effect of sending every domain you visit to the certificate log server. An advertisers wet dream. If you are using chrome this is google. Now if you are using chrome I always assumed it was sending everything you viewed to google anyway. So I guess this is... OK, or at least, not worse than the status quo.
Is it because Apple’s motivation is perceived to be selling protection to its hardware customers where as Google’s primary motivation is perceived to be to get a monopoly in the surveillance business?
From other comments it _sounds_ like Google's system is done as a single proxy, which is bizarre to me because it means google can see every site that is loaded which even for google seems on the nose.
Apple's service is explicitly designed to prevent this exact problem. There's a write up for it on apple's security site (possibly part of the system security doc?). There are intentionally two layers, the connection from the device -> apple's servers, and then the connection from apple's servers to Akamai or cloud flare (or some other CDN). The connection to apple's servers is encrypted to a key from the 2nd layer CDN so apple can't read it, that request is forwarded to the CDN which decrypts it makes the request, then encrypts the response to the client's key and sends that to apple, apple forwards that encrypted blob on to the originating device which can then decrypt it.
The end result is apple cannot ever see the destination or response, and the backend CDN can't see the device that made the request. That should be the design of _any_ privacy conscious proxy service (including all the questionable "privacy!" VPNs). That's kind of why I'm surprised that the claim is that Google's service is a single layer - it's so blatantly invasive.
It is not ok for Apple or Google to do this while at the same time operating an ad business.
If they feel this is in the best interest of the end user, then they should divest of either their ad business or control of the browser. Neither company is willing to do this. This IP move is anticompetitive as it consolidates even more control of the ad ecosystem in a handful of companies. Google’s response that they are placed at the same disadvantage as other third parties is not accurate. Google controls the browser and so has full control to communicate any data between the browser and their servers, bypassing the proxies.
There is only one thing that drives these companies and that is maximizing profits for the benefit of their investors. This objective is fine. However, it is disingenuous for either of these companies to hide behind the defense that they care about the privacy of end users.
If Apple cared about the privacy rights of all humans, why do they share all data belonging to their customers in China with the Chinese government. The only reason is profits. Google also shares all their customer’s data with any government that asks.
If there were a thousand companies that each had access to a tiny sliver of a consumers data, we would have a system that naturally protects end user privacy. However, with a few companies controlling the vast majority of the consumer tech landscape, we now have a system where a few for-profit companies are keepers of our data and already sell out when their profits are at stake.
Worse, it’s arguably anti-competitive behavior. Though, truth be told, once I looked at the facts, I would prefer Google to have my data siloed (which itself, yes is not good) than random third party data collectors that would sell it on data markets.
> The Movement for an Open Web (MOW), an organization that has lobbied against Google's Privacy Sandbox initiative by claiming it's harmful to rival internet advertising businesses
They have much more to be annoyed at. VPN companies, The Tor Project, AD blockers, etc
I use the Google One VPN[0] to cloak my real IP, but only sparingly. For most of my Internet surfing I use a two hop VPN setup. One VPN router with kill switch mode, and then I connect to another VPN service on top of that, a sort of fake Tor / private relay setup.
I don't funnel all my traffic into Google One's VPN. I like to compartment and not put all my eggs in one basket. Looks like I'll be doing the same when this new Google-owned IP cloaking feature ships.
>> The Movement for an Open Web (MOW), an organization that has lobbied against Google's Privacy Sandbox initiative by claiming it's harmful to rival internet advertising businesses
> They have much more to be annoyed at. VPN companies, The Tor Project, AD blockers, etc
While I'm sure they dislike those, the key word here is rival - the claim is that Google has its own ad business, and is only deploying privacy features in a way that hurts other ad companies.
> It's designed to run Chrome browser connections through two proxies, one operated by Google and one operated by a third-party (eg, Cloudflare), so that the true public IP address of the user is obscured, hopefully thwarting attempts to track them around the web using that address.
We really need to be thinking bigger here — Google included, to the degree there are pro-privacy folks in the org (which there) - in coming up with something that protects a lot more than the identity via IP of Chrome users, but all web traffic.
I mean, maybe even rethinking IP, TCP/IP entirely.
I always thought there was something that could be done with the BitTorrent protocol... I don't know how well it would work, but an Internet that isn't so brittle mirrors are commonplace and accepted wisdom would be nice.
BT isn't anonymous but a TCP/IP replacement version could be.
The anti abuse points from their github do not sound convincing to me. There will be a high value in farming accounts to either spam or attack. What do you do when the google proxy is dosing your service?
I was just watching a video[0] about how Private Relay under the hood and it sounds like authentication is somewhat tied to having genuine Apple hardware, as well as requiring an iCloud subscription.
If Google's relay just requires a Google account, there's no doubt that dummy accounts will be used to abuse the service. Apparently Private Relay sends a dynamic config of relay servers to use which they could leverage at any time to unmask you. I'm guessing Google will do it similarly.
So Google is doing his why exactly? Since they know everything about everyone they now shut out the competition while sending all the IPs to their own proxy that will log them for themselves "for your privacy TM"???
I mean I would like this if it would not come from Google.
[+] [-] diroussel|2 years ago|reply
I haven't used Chrome since this rolled out, since I didn't see a way to object to the new tracking. This is what the linked article [0] says:
> It’s unclear if toggling these features off will stop Chrome from collecting these data altogether, or if it just won’t share the data with advertisers.
[0] https://theconversation.com/google-chrome-just-rolled-out-a-...
[1] https://developer.chrome.com/en/blog/shipping-privacy-sandbo...
[+] [-] jwells89|2 years ago|reply
[+] [-] Thorrez|2 years ago|reply
I thought privacy sandbox could be used by any website, just the same as Google can use it. Am I wrong?
Disclosure: I work at Google, but as can be seen from my comment, I don't have much knowledge of privacy sandbox.
[+] [-] abraham|2 years ago|reply
Google will likely already have the user's IP from sync, safe browsing, etc, if Google's proxy doesn't know what sites are visited it doesn't sound like this increases Google's access to any user data.
[+] [-] jgalt212|2 years ago|reply
Definitely not the actions of an org trying to exert monopoly power.
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] somat|2 years ago|reply
https://en.wikipedia.org/wiki/Certificate_Transparency
[+] [-] sdefresne|2 years ago|reply
Discussed here: https://news.ycombinator.com/item?id=31387019 or https://news.ycombinator.com/item?id=27467798
Why is it good when Apple does it but terrible when it is Google?
[+] [-] Lio|2 years ago|reply
[+] [-] olliej|2 years ago|reply
Apple's service is explicitly designed to prevent this exact problem. There's a write up for it on apple's security site (possibly part of the system security doc?). There are intentionally two layers, the connection from the device -> apple's servers, and then the connection from apple's servers to Akamai or cloud flare (or some other CDN). The connection to apple's servers is encrypted to a key from the 2nd layer CDN so apple can't read it, that request is forwarded to the CDN which decrypts it makes the request, then encrypts the response to the client's key and sends that to apple, apple forwards that encrypted blob on to the originating device which can then decrypt it.
The end result is apple cannot ever see the destination or response, and the backend CDN can't see the device that made the request. That should be the design of _any_ privacy conscious proxy service (including all the questionable "privacy!" VPNs). That's kind of why I'm surprised that the claim is that Google's service is a single layer - it's so blatantly invasive.
[+] [-] dilipdasilva|2 years ago|reply
If they feel this is in the best interest of the end user, then they should divest of either their ad business or control of the browser. Neither company is willing to do this. This IP move is anticompetitive as it consolidates even more control of the ad ecosystem in a handful of companies. Google’s response that they are placed at the same disadvantage as other third parties is not accurate. Google controls the browser and so has full control to communicate any data between the browser and their servers, bypassing the proxies.
There is only one thing that drives these companies and that is maximizing profits for the benefit of their investors. This objective is fine. However, it is disingenuous for either of these companies to hide behind the defense that they care about the privacy of end users.
If Apple cared about the privacy rights of all humans, why do they share all data belonging to their customers in China with the Chinese government. The only reason is profits. Google also shares all their customer’s data with any government that asks.
If there were a thousand companies that each had access to a tiny sliver of a consumers data, we would have a system that naturally protects end user privacy. However, with a few companies controlling the vast majority of the consumer tech landscape, we now have a system where a few for-profit companies are keepers of our data and already sell out when their profits are at stake.
[+] [-] isodev|2 years ago|reply
[+] [-] leoh|2 years ago|reply
[+] [-] intelVISA|2 years ago|reply
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] sacrosanct|2 years ago|reply
They have much more to be annoyed at. VPN companies, The Tor Project, AD blockers, etc
I use the Google One VPN[0] to cloak my real IP, but only sparingly. For most of my Internet surfing I use a two hop VPN setup. One VPN router with kill switch mode, and then I connect to another VPN service on top of that, a sort of fake Tor / private relay setup.
I don't funnel all my traffic into Google One's VPN. I like to compartment and not put all my eggs in one basket. Looks like I'll be doing the same when this new Google-owned IP cloaking feature ships.
[0] https://one.google.com/about/vpn
[+] [-] yjftsjthsd-h|2 years ago|reply
> They have much more to be annoyed at. VPN companies, The Tor Project, AD blockers, etc
While I'm sure they dislike those, the key word here is rival - the claim is that Google has its own ad business, and is only deploying privacy features in a way that hurts other ad companies.
[+] [-] PrimeMcFly|2 years ago|reply
[+] [-] cynusx|2 years ago|reply
[+] [-] layer8|2 years ago|reply
See https://github.com/GoogleChrome/ip-protection/issues/10 for example.
Of course, Google can conceivably backdoor Chrome, and then the exfiltration of data wouldn’t be obvious from the client-side traffic.
[+] [-] JimDabell|2 years ago|reply
> It's designed to run Chrome browser connections through two proxies, one operated by Google and one operated by a third-party (eg, Cloudflare), so that the true public IP address of the user is obscured, hopefully thwarting attempts to track them around the web using that address.
[+] [-] andylynch|2 years ago|reply
[+] [-] LinuxBender|2 years ago|reply
Yup just like most people using Android have their text messages routing through Google. Some don't even realize this.
[+] [-] leoh|2 years ago|reply
I mean, maybe even rethinking IP, TCP/IP entirely.
[+] [-] Andrex|2 years ago|reply
BT isn't anonymous but a TCP/IP replacement version could be.
[+] [-] LinuxBender|2 years ago|reply
[+] [-] muteor|2 years ago|reply
[+] [-] cedws|2 years ago|reply
If Google's relay just requires a Google account, there's no doubt that dummy accounts will be used to abuse the service. Apparently Private Relay sends a dynamic config of relay servers to use which they could leverage at any time to unmask you. I'm guessing Google will do it similarly.
[0] https://media.ccc.de/v/camp2023-57214-trustmerelay_investiga...
[+] [-] redder23|2 years ago|reply
I mean I would like this if it would not come from Google.
[+] [-] gumballindie|2 years ago|reply
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] kobalsky|2 years ago|reply
[+] [-] unknown|2 years ago|reply
[deleted]