Point out that it is a 'dark pattern' that tricks users against changes in specifications when logging in to Google services on Chrome 69 and also logging in to Chrome automatically



Google has changed the behavior of the login function of the browser "Google Chrome" from Chrome 69, but this change is a " dark pattern " to trick the user, which is a problem to make privacy management difficult, said Digital Encryption Technology Experts point out.

Why I'm done with Chrome - A Few Thoughts on Cryptographic Engineering
https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/

It is Professor Matthew Green of Johns Hopkins University that points out that privacy concerns about Chrome's "auto login" feature should be called. Green believes that the login policy that Google has changed in Chrome 69 fundamentally changes the login experience that has been on for ten years since its release, which is a bad thing due to the negative impact on privacy.


In Chrome 69, "Login to various Google services" and "Login using Google Account in Chrome" are linked to each other. Traditionally, if you check Gmail without signing in to Chrome and then log out with Gmail, you never log in to Chrome itself. However, Chrome 69 automatically logs in to Chrome when you log in to your Gmail account.

When using Chrome to access web version of Gmail, Chrome will automatically change to login status when you sign in with your Google Account to use Gmail, even if you are not signed in to Chrome.



Professor Green simply explains that there are two types of usage for Chrome from the viewpoint of data preservation method. One is "Basic Browser Mode", how to use without logging in to Chrome. In basic browser mode, data is stored locally (PC) and never sent to Google. Another mode is "login mode", it is a mode that enables synchronization function by logging in to Chrome, and data is sent to Google server. Professor Green thinks that users can use this kind of mode in consideration of privacy control by using the user's own will.

According to Google's Chrome development team "It's not that the data is uploaded to Google servers just by logging in to the Chrome browser ." For this reason, in order to transmit data to Google, it is required to request a new "consent". If this "consent" is something, it seems that it points to the following procedure.

If you log out of your Google Account after using Gmail, you will see "Paused" in Chrome's address bar and will also be logged out of Chrome, as in the previous example. However, a pop-up appears on the screen prompting you to log in with Chrome. If you click "re-login" here, you will be logged in to Chrome. In addition, you can continue using the browser without logging in to Chrome by clicking on a link that is not easy to understand called "Continue" in English as it is written in English.



Also, clicking "Paused" displayed without logging in to Chrome will display a blue button "Log in again" and you will be prompted to log in to Chrome as well.



Green replied from Chrome developer about the reason for this behavior change "To prevent users from getting confused by" mismatch "that occurs when logging in to another Google account while logged in on Chrome" I am getting it. However, in the first place, this answer is "It assumes a user who is logged in to Chrome, and it is not a reason to influence users who do not log in to Chrome", it is not reasonable and it is a reason for problem solving There is nothing to truncate.


Green points out that there is a risk that a user accidentally logs in to Chrome at an unintended timing by displaying a button prompting login to Chrome as described above. Regardless of whether Google is targeting a wrong click on this change, designs that enable sync functionality without uploading and uploading data have a dark pattern known as a bad design to fool users It is said.

Design aimed to deceive users "Dark pattern" Various - GIGAZINE



Even if you place aside whether Google's change is intentional to target data collection or not, "By ambiguously defining the boundary as to whether you are logged in or not, I do not know if there is anything to do with it "and Professor Green thinks that it is undesirable from the viewpoint of privacy.

in Software,   Security, Posted by darkhorse_log