Google Spyware is still not removed

terere

@catweazle

OneNote and Ublock Origin one or two more for local stuff (none Google related). I disabled the extensions before testing this, so it is not the extensions calling Google. I mean, sure OneNote does call Microsoft on startup but once disabled it does not. The Google connections are created even without extensions enabled.

Default search engine is DuckDuckGo.

terere

I also want to add that I tested the phishing&malware service and it is actually quite dangerous with Vivaldi. I suspect the reason is that its checking sites remotely first instead of using a local build list.

For example, if you go to a site that is an identified phishing site (banking, etc.) the page loads fine, I can actually type some things for a few seconds (enough for something like a password manager to fill the fields and auto log in), I see the phishing page for at least 3 seconds until it is replaced with the red warning blocking page.

The reason for this vast lag is straightforward I suspect. Vivaldi decided to just use the default remote API safe browsing service. That means that URL is transferred to Google, checked and then you need to wait for the reply. If this is true, this is bad for several reason.

First, it means Google knows EVERY URL we visit.

Second, it makes every new site you visit slower (network latency lag), even with Google API you still need to wait for a reply. (not even accounting bandwidth)

And last, it could potentially still leak your credit card details, banking, logins, etc. because the behavior is that it actually loads the site entirely and then blocks it. That time is more than enough for any extension like LastPass, the default login manager or anything else to automate the fields or even a fast typer could type and hit enter. This is even more noticeable on a slower Internet connection or computer. So the protection is flawed.

All this can be solved by just downloading, for example, hourly the list of malware/phishing sites and using the local file for checks. I mean, common, there are gazillion services Vivaldi can use for this, including Google Safe Browsing as well, they just need to build their local file and use that for privacy, performance and security reasons.

Catweazle

Apart of Vivaldi I'm using the UR browser as 2º, (also Chromium, but modified for EU privacy norms). Take a look if You need more privacy https://www.ur-browser.com

But I think like Gwen, the data sendet will not have much to do with the privacy of the browser

Ruarí

@terere said in Google Spyware is still not removed:

Maybe someone from Vivaldi can explain this behavior because trust me, this is not related to the malware/phishing service. You are sending something to Google servers because the data packets are transferred every time the browser is executed even with those settings turned off. I want to assume here you missed something in the Chromium source code and not that Vivaldi has made some secret partnership with Google where you still send them data for free in exchange of using their source code.

You are kinda jumping to the worst case scenario, with your headline and suggestions.

If there is an issue, it is a bug and we would be more than happy to try and fix it for you. You mention that you know it is not related to the malware/phishing service. Can you confirm that you have disabled this in settings and still see the issue?

Would you mind starting with the steps you take to see these connections. This not only helps others replicate and verify the issue but also allows us to ensure we are all talking about the same thing.

Steffie

@terere said in Google Spyware is still not removed:

All this can be solved by just downloading, for example, hourly the list of malware/phishing sites and using the local file for checks. I mean, common, there are gazillion services Vivaldi can use for this, including Google Safe Browsing as well, they just need to build their local file and use that for privacy, performance and security reasons.

All the time i've used V, I thought that was exactly what IS happening... see my Dolphin pics:

Was i wrong?

Ruarí

Just to reiterate, we do not intentionally send data to Google or any other parties. We also give you the opportunity to control data personally, e.g. you can disable connection to services provided by Google in the browser settings. Please note that we do check for and potentially download various components from Google, e.g. certificate info and a media component (widevine), as well as security data updates. If something still doesn’t look right to you, please send us a detailed bug report and we’ll take a look right away.

terere

@ruario said in Google Spyware is still not removed:

@terere said in Google Spyware is still not removed:

Maybe someone from Vivaldi can explain this behavior because trust me, this is not related to the malware/phishing service. You are sending something to Google servers because the data packets are transferred every time the browser is executed even with those settings turned off. I want to assume here you missed something in the Chromium source code and not that Vivaldi has made some secret partnership with Google where you still send them data for free in exchange of using their source code.

You are kinda jumping to the worst case scenario, with your headline and suggestions.

If there is an issue, it is a bug and we would be more than happy to try and fix it for you. You mention that you know it is not related to the malware/phishing service. Can you confirm that you have disabled this in settings and still see the issue?

Would you mind starting with the steps you take to see these connections. This not only helps others replicate and verify the issue but also allows us to ensure we are all talking about the same thing.

I'm jumping to that conclusion because I know how Google operates, even based on information from ex-Googlers. I'm not saying that Vivaldi is doing this on purpose, but probably without being aware. I'm almost 100% positive that if you just take Chromium, you need to do several things to get rid of the Google calls and I would say that Vivaldi is missing some of them.

I turned the malware & phishing protection off, unless the bug is related that Vivaldi is not turning it off, I do check the setting to disable it and even restarted the browser, and it made no difference. Also if you read my previous comment, the data is sent to Google, not received from Google. If you are downloading certificates and other stuff from Google, Vivaldi browser will receive packets not send them out to Google.

terere

@ruario said in Google Spyware is still not removed:

Just to reiterate, we do not intentionally send data to Google or any other parties. We also give you the opportunity to control data personally, e.g. you can disable connection to services provided by Google in the browser settings. Please note that we do check for and potentially download various components from Google, e.g. certificate info and a media component (widevine), as well as security data updates. If something still doesn’t look right to you, please send us a detailed bug report and we’ll take a look right away.

I'm sure Vivaldi does not intentionally, but developers probably missed some things in the source code that is calling remotely out to Google. Using a wire packet analyzer should quickly fix this.

stilgarwolf

@gwen-dragon
This may help: I used Wireshark to monitor three instances of Vivaldi (snapshot, last version) on three computers: one Debian/64, two Win7/64, all extensions disabled, all privacy options related to Google disabled, some other settings may differ.
Two instances (Debian and Win7) were ok, but on third (Win7), every time Vivaldi starts it connects to Google (TCP port 5228, keep-alive), sends and receives some data.

After one start: 
Dst: mobile-gtalk.l.google.com (66.102.1.188), ... Dst port: 5228
After another start: 
Dst: wn-in-f188.1e100.net (74.125.71.188), ... Dst port: 5228

vivaldi --log-net-log=vivaldi_startup.json

matt2kay

Please take this seriously, Vivaldi! It's not the first time this topic has come up.

Para-Noid

1. I live in the USA.
2. We lack the privacy laws many European nations have.
3. I have found extensions like Ghostery to, at the very least, give me some control on what Google gets.
4. FYI, Yahoo collects metadata too.
5. Here in the USA you will not be able to stop very much of the Google/Yahoo data mining since the NSA, CIA and FBI rely on them for this information. 9/11 changed everything.

stilgarwolf

@gwen-dragon OK, reported.

mottenmouse

@stilgarwolf @gwen-dragon : Do you use notifications? Please check chrome://settings/content/notifications.
If yes:

• you allowed notifications before
• a cookie (google. com - Channel-ID) was set
• on every Vivaldi start you will get at once a connection to the described IP-address on port 5228 (keep-alive)

For testing purpose: www.utopia.de is using notifications.

Windows 10 Pro. Vivaldi 1.13 (last stable)

mottenmouse

@gwen-dragon

• Google drive: no
• any Google software: no
• tested with fresh Vivaldi standalone installations (1.12 and 1.13)

Steps to reproduce:
on a fresh Vivaldi 1.13 Stable installation, no extension.

• Settings --> Privacy: disabled all "Third Party Services")
• Settings --> Startup -> Homepage: "blank page"
• Settings --> Startup -> Startup with: last session
• visit utopia.de -> allow notifications
• close all tabs, close Vivaldi
• restart Vivaldi with the log command
• the Vivaldi logfile and the firewall (G-Data, non free) shows the entry on port 5228

How can I send the logfile if I'm not the originator of the bugreport?

mottenmouse

@gwen-dragon No I didn't make a bugreport. I want to send the logfile direct to VB-34858. I will create a new bugreport with the same title and send the attachment in reply to the bugreport mail.
New bugreport: (VB-35103) "Vivaldi connects to Google at startup, if notifications are allowed".
Logfile was send in reply to the bugreport mail.

paul1149

@ayespy said in Google Spyware is still not removed:

the only connections with Google are to compare version numbers/check for an update and to see if he browser wants to "sign in" (which it can't, being a non-Chrome browser)

I'm not sure what you mean by that, but Slimjet is a non-Chrome browser that signs into and uses Google user accounts.

Ayespy

@paul1149 Pretty sure SlimJet is not non-Chrome, but rather modified Chrome.

paul1149

@ayespy Thanks. Interesting.

TbGbe

@gwen-dragon said in Google Spyware is still not removed:

That will add a connection. See vivaldi://gcm-internals/

A new page !!
Hmm, apparently GCM involves time travel, should we be concerned ?

Next Checkin Tuesday, 2 January 1601 at 23:58:45

Slightly overdue!!

TbGbe

@gwen-dragon said in Google Spyware is still not removed:

Check it in Chromium 62

No chrom* on my PC.
Only Vivaldi and Opera using chrom* engine.
On Opera(dev) all entries on the internal gcm page are blank/empty, nothing enabled.

However, I'm not expecting to go to 1601 soon