How to Tame Google Chrome

Post by Karl Lynch

As with an increasing number of observers, I've come to worry about the steadily growing pile of data, personal and otherwise, that Google and various other authorities (such as Phorm) are gathering about the online activities of the denizens of the Internet.

Some are happy to accept the slurping of every word we type in to our web browsers as a small price to pay for better service. To them I say good luck.

I, however, have no interest in better adverts or in allowing reams of my private data to end up on the hard disks of shadowy, unaccountable organisations.

Hence why I have been very sceptical of Google's entry in to the web browser market with 'Google Chrome'. Complete with a search-meets-URL address bar, that very kindly sends all your URLs and search data away to Google for storage against a unique Chrome ID, Chrome represents a great way for Google to grow its vast empire of data collection mechanisms.

Recently many technology commentators have been writing about the virtues of Chrome- it's fast JavaScript engine, it's fine rendering abilities (based on Webkit) and it's speedy start up. I began hunting on the Internet to find out more about what powers Chrome, AKA the open-source Chromium Project.

What I found is a highly configurable piece of software which has great potential, if only we can stop it being a wire-tap for Google in to every email, news website, blog or dodgy URL we visit in our lives.

I've hunted through various forums and technical discussions, and come up with a definitive list of steps which can tame Google Chrome and render it as harmless as any other browser… which makes it absolutely superb. It's fast, slick, compatible, standards compliant and small. Whilst currently unavailable on Mac and Linux, its arrival is imminent and these same steps will help users (who wish to) remove it's fangs.

Step 1: Anonymise your Chrome Installation

As with all things Google, exactly how and why they do things is never explained. How much data do they collect? How is it used? Your guess is as good as mine. Their mission statements are vague and their user licenses very, very broad.

Your first step to removing Chrome's dependency on the Google monster is to anonymise it. Each installation of Chrome generates a unique ID, which can be used to exactly identify that browser in time and space.

Fancy that? Not I. It's a piece of software and can behave as such, if I want an ID card I'll ask for one.

To anonymise Chrome, download 'UnChrome' (a quick Scroogle for this will bring it up). UnChrome will remove this unique ID, leaving your installation of Chrome nice and unfettered. Just make sure to read the messages (and not click on the advert at the end unless you actually want the product it's selling).

Step 2:

Remove Google as the vast, data-munching, intergalactic slug at the waiting end of every URL and search item you type. You can do this by right-clicking the address bar in Chrome and choosing 'Edit Search Engines'.

If you want to replace Google with MSN, Ask (A front end for Google, be warned) or Yahoo you can pick these from a list.

I recommend Scroogle, a Google scraper. All the wonders of the Google search algorithm with none of the cookie-tracking, user profiling dubiousness.

You can add the SSL version of Scroogle (so nobody can intercept what you're searching for!) with this URL once you click on 'Add': https://ssl.scroogle.org/cgi-bin/nbbw.cgi?Gw=%s

From now on, all searches will be performed against your search provider of choice. Lovely!

Step 3: Turn off Google-friendly options!

If you click on Options, and then go to 'Under the Hood', you can turn off all of the various options that help Google slurp up your lovely, lovely data.
From 'Under the Hood', turn off:

Show suggestions for navigation errors (since this involves sending your URLs to Google)
Use a suggestion service to help complete searches and URLs (as above)
Help make Google Chrome better
and set cookies to be 'Restricted' (general good practice)

Your Google Chrome is now, essentially, just 'Chromium': the open-source browser which this software should be. But wait, there's more...

Step 4: Be careful where you type!

Everything you type in to the modern Internet is being recorded somewhere. This worries me, I like my privacy. Don't misunderstand this however- if you are a terrorist or some other variant of ne'er-do-well, the police and security agencies have various tools to catch you regardless.

What I'm talking about is casual snooping, like Phorm or other companies that want to take a gander at what I send and receive over the Internet for yucks and giggles (and not a small amount of profit on a service I already pay my ISP for).

How do we stop them?

Well, for starters, use a free and anonymous proxy service. I use Proxify. This service is free (although some website functions are disabled) and will encrypt all traffic between your PC and your ISP. No casual snooping for me!

Alternatives to this include Tor, which I don't have enough experience with to write about competently given their numerous configuration options, but these services will act like Proxify and ensure that no casual snooper can intercept your precious data.

Further more, although not available for Chromium right now, consider using tools like NoScript and AdBlock+. These tools will be coming very soon, and will not only ensure you never see another advert again they will also minimise the risks associated with JavaScript (such as Cross-Site-Scripting and removing the Google tracking gubbins that now turns up on almost every page on the Internet).

Also remember to make use of Chrome's ability to use Incognito mode (so nothing you type ends up in your history or cache) and also of the 'Clear Browsing Data' tool. Cookies pile up on web browsers very quickly so washing them out regularly is a good way to make sure you're not being tracked any more than necessary (although anywhere you log in on the Internet without disguising your IP or email will be linkable back to you somewhere along the line).

There you have it, four simple steps to keeping your Internet your own using a lovely, slick browser which boots up almost instantly. And don't worry about poor Google, enough suckers will queue up to hand over their personal data to keep the Mountain View Chocolate Factory well-oiled for many years to come.

5d4851cd-1cae-44c3-aca5-3e8007eb9839|5|5.0

Permalink | Comments (2)

Google Chrome not good enoughWhat do I think of the new browser from Google... that they should have done better!Google standard policyLong story short Google got in trouble yesterday for the license agreement which accompanies their n...Useful Links 3/10/09It's quite a short list of useful links this time!

Comments

Daniel Brandt (Sunday, March 29, 2009) #

Thanks for the Scroogle recommendation. By the way, if you want the SSL version of Scroogle, the proper URL is this:
https://ssl.scroogle.org/cgi-bin/nbbwssl.cgi?Gw=%s

The different program name (nbbwssl.cgi as opposed to just nbbw.cgi) allows the program to detect that it started out in SSL mode, so that it stays in that mode when you use the input form at the top or bottom of the Scroogle results page on subsequent searches.

I noticed that nasty installation ID in Chrome when I tried it last September, and I had to use a restore point on XP even after uninstalling Chrome, just to get that thing out of my computer. Another thing I noticed is that it phones home with that ID constantly, presumably for update information. As if that wasn't enough, Chrome created a google.com standard cookie on startup if I didn't have one.

But the thing that upset me most is that Chrome has no way to disable JavaScript. This makes it unique among browsers, and doubly dangerous. Has anyone figured out how to add a JavaScript disable button on Chrome?
Karl (Tuesday, March 31, 2009) #

Hi Daniel,

Thank you for the proper Scroogle URL, you're quite right and my apologies for the mistake.

The phoning home thing is indeed for updates and unfortunately *cannot* be turned off.  This is something the Google team are apparently working on.  Since they can't realistically collect any useful information from the update checker (unless it's some sort of secret keylogger!) I think it's safe to leave on, if you can stand having the background process, reg keys and start up item lurking on your system!  I work on the principle that my system already calls home to Microsoft/Apple/Ubuntu asking for updates, so one more won't hurt as long as that is all it is doing.

Re disabling JavaScript (or indeed ad blocking), your best bet is to filter out your content before it reaches Chrome (this is more secure anyway, since you don't have to rely on the browser or plugins respecting content filtering).  The best way I've found to do this is (on Windows) to install to Tor/Privoxy combination from https://www.torproject.org/.  This not only allows you to connect to the Internet using the anonymous (although unencrypted) Tor network, but also allows you to filter your Internet access as if you were connecting to a Proxy server, in short Privoxy includes a small proxy server which will handle all content filtering (including ads).

I believe there's an Apple Mac version also, and Linux (in true form) has at least a good few million different Tor clients/configurations available.

Hope that helps!  Thank you for your comments.