Google Spyware is still not removed



  • I, and allot of other persons here assumed that Vivaldi made a proper job of removing the Google/Chrome spyware behaviour that tracks browsing behavior, sends browser fingerprint and other data to Google which they then use to spy on customers and users worldwide.

    But this does not seem to be the case. In the past, I asked about the supposed only Google service bundled, the malware & phishing protection which you can turn off from the settings, and if Vivaldi was using a local download for the URL/sites check or using a remote API service which would mean all your browsing habits and sites are sent to Google.

    Now I noticed that every time you open the browser, several connections are made to Google. What is more concerning is that they send data to Google. This is done EVERY TIME you open the browser. You can close it and re-open it, and again data is sent to Google. WHAT? How many times we open the browser? From the location, or maybe the sites we visited or time, we used the browser?

    Maybe someone from Vivaldi can explain this behavior because trust me, this is not related to the malware/phishing service. You are sending something to Google servers because the data packets are transferred every time the browser is executed even with those settings turned off. I want to assume here you missed something in the Chromium source code and not that Vivaldi has made some secret partnership with Google where you still send them data for free in exchange of using their source code.


  • Moderator

    @terere There is no secret partnership with Google. As nearly as I can tell, the only connections with Google are to compare version numbers/check for an update and to see if he browser wants to "sign in" (which it can't, being a non-Chrome browser). I'll ask around and see if there are any other connections being made.



  • What search engine and extensions are you using?



  • @ayespy said in Google Spyware is still not removed:

    @terere There is no secret partnership with Google. As nearly as I can tell, the only connections with Google are to compare version numbers/check for an update and to see if he browser wants to "sign in" (which it can't, being a non-Chrome browser). I'll ask around and see if there are any other connections being made.

    That sounds terribly inefficient. Sending blank or useless data packets every time you open or close the browser, assuming it's just checking a logging site or update it still sending packets over the network making your connection and the browser startup slower as well. Even if its just microseconds, there is no need for that if it is not something Vivaldi is using or benefiting. Also, take into account it is sending those packets and opening a bunch of connections to Google (5 or more) every time you open the browser, not once a day or once an hour.



  • @catweazle

    OneNote and Ublock Origin one or two more for local stuff (none Google related). I disabled the extensions before testing this, so it is not the extensions calling Google. I mean, sure OneNote does call Microsoft on startup but once disabled it does not. The Google connections are created even without extensions enabled.

    Default search engine is DuckDuckGo.



  • I also want to add that I tested the phishing&malware service and it is actually quite dangerous with Vivaldi. I suspect the reason is that its checking sites remotely first instead of using a local build list.

    For example, if you go to a site that is an identified phishing site (banking, etc.) the page loads fine, I can actually type some things for a few seconds (enough for something like a password manager to fill the fields and auto log in), I see the phishing page for at least 3 seconds until it is replaced with the red warning blocking page.

    The reason for this vast lag is straightforward I suspect. Vivaldi decided to just use the default remote API safe browsing service. That means that URL is transferred to Google, checked and then you need to wait for the reply. If this is true, this is bad for several reason.

    First, it means Google knows EVERY URL we visit.

    Second, it makes every new site you visit slower (network latency lag), even with Google API you still need to wait for a reply. (not even accounting bandwidth)

    And last, it could potentially still leak your credit card details, banking, logins, etc. because the behavior is that it actually loads the site entirely and then blocks it. That time is more than enough for any extension like LastPass, the default login manager or anything else to automate the fields or even a fast typer could type and hit enter. This is even more noticeable on a slower Internet connection or computer. So the protection is flawed.

    All this can be solved by just downloading, for example, hourly the list of malware/phishing sites and using the local file for checks. I mean, common, there are gazillion services Vivaldi can use for this, including Google Safe Browsing as well, they just need to build their local file and use that for privacy, performance and security reasons.



  • Can you please provide some logs which Google services are contacted and which data is sent to them? I guess you already monitored it.
    I would like to check and confirm your reported bug/issue.

    Please, the devs and internal testers appreciate such useful informatoins from users :)



  • Apart of Vivaldi I'm using the UR browser as 2º, (also Chromium, but modified for EU privacy norms). Take a look if You need more privacy https://www.ur-browser.com

    But I think like Gwen, the data sendet will not have much to do with the privacy of the browser


  • Vivaldi Team

    @terere said in Google Spyware is still not removed:

    Maybe someone from Vivaldi can explain this behavior because trust me, this is not related to the malware/phishing service. You are sending something to Google servers because the data packets are transferred every time the browser is executed even with those settings turned off. I want to assume here you missed something in the Chromium source code and not that Vivaldi has made some secret partnership with Google where you still send them data for free in exchange of using their source code.

    You are kinda jumping to the worst case scenario, with your headline and suggestions. ;)

    If there is an issue, it is a bug and we would be more than happy to try and fix it for you. You mention that you know it is not related to the malware/phishing service. Can you confirm that you have disabled this in settings and still see the issue?

    Would you mind starting with the steps you take to see these connections. This not only helps others replicate and verify the issue but also allows us to ensure we are all talking about the same thing.



  • @terere said in Google Spyware is still not removed:

    All this can be solved by just downloading, for example, hourly the list of malware/phishing sites and using the local file for checks. I mean, common, there are gazillion services Vivaldi can use for this, including Google Safe Browsing as well, they just need to build their local file and use that for privacy, performance and security reasons.

    All the time i've used V, I thought that was exactly what IS happening... see my Dolphin pics:

    0_1511175584524_20171120_009.png

    0_1511175632688_20171120_010.png

    Was i wrong?


  • Vivaldi Team

    Just to reiterate, we do not intentionally send data to Google or any other parties. We also give you the opportunity to control data personally, e.g. you can disable connection to services provided by Google in the browser settings. Please note that we do check for and potentially download various components from Google, e.g. certificate info and a media component (widevine), as well as security data updates. If something still doesn’t look right to you, please send us a detailed bug report and we’ll take a look right away.



  • @ruario said in Google Spyware is still not removed:

    @terere said in Google Spyware is still not removed:

    Maybe someone from Vivaldi can explain this behavior because trust me, this is not related to the malware/phishing service. You are sending something to Google servers because the data packets are transferred every time the browser is executed even with those settings turned off. I want to assume here you missed something in the Chromium source code and not that Vivaldi has made some secret partnership with Google where you still send them data for free in exchange of using their source code.

    You are kinda jumping to the worst case scenario, with your headline and suggestions. ;)

    If there is an issue, it is a bug and we would be more than happy to try and fix it for you. You mention that you know it is not related to the malware/phishing service. Can you confirm that you have disabled this in settings and still see the issue?

    Would you mind starting with the steps you take to see these connections. This not only helps others replicate and verify the issue but also allows us to ensure we are all talking about the same thing.

    I'm jumping to that conclusion because I know how Google operates, even based on information from ex-Googlers. I'm not saying that Vivaldi is doing this on purpose, but probably without being aware. I'm almost 100% positive that if you just take Chromium, you need to do several things to get rid of the Google calls and I would say that Vivaldi is missing some of them.

    I turned the malware & phishing protection off, unless the bug is related that Vivaldi is not turning it off, I do check the setting to disable it and even restarted the browser, and it made no difference. Also if you read my previous comment, the data is sent to Google, not received from Google. If you are downloading certificates and other stuff from Google, Vivaldi browser will receive packets not send them out to Google.



  • @ruario said in Google Spyware is still not removed:

    Just to reiterate, we do not intentionally send data to Google or any other parties. We also give you the opportunity to control data personally, e.g. you can disable connection to services provided by Google in the browser settings. Please note that we do check for and potentially download various components from Google, e.g. certificate info and a media component (widevine), as well as security data updates. If something still doesn’t look right to you, please send us a detailed bug report and we’ll take a look right away.

    I'm sure Vivaldi does not intentionally, but developers probably missed some things in the source code that is calling remotely out to Google. Using a wire packet analyzer should quickly fix this.



  • @terere

    @gwen-dragon said in Google Spyware is still not removed:
    Can you please provide some logs which Google services are contacted and which data is sent to them? I guess you already monitored it.
    I would like to check and confirm your reported bug/issue.

    Did you monitor outgoing traffic going to Google?

    Check for more information:
    vivaldi://net-internals/
    or use vivaldi --log-net-log=...
    or vivaldi://net-export

    Please tell us more about your Vivaldi is sending which data to Google.



  • @gwen-dragon
    This may help: I used Wireshark to monitor three instances of Vivaldi (snapshot, last version) on three computers: one Debian/64, two Win7/64, all extensions disabled, all privacy options related to Google disabled, some other settings may differ.
    Two instances (Debian and Win7) were ok, but on third (Win7), every time Vivaldi starts it connects to Google (TCP port 5228, keep-alive), sends and receives some data.

    After one start: 
    Dst: mobile-gtalk.l.google.com (66.102.1.188), ... Dst port: 5228
    After another start: 
    Dst: wn-in-f188.1e100.net (74.125.71.188), ... Dst port: 5228
    

    vivaldi --log-net-log=vivaldi_startup.json



  • Please take this seriously, Vivaldi! It's not the first time this topic has come up.



  • @stilgarwolf You tested Vivaldi your 1.13 Stable with wireshark?

    Please report this to http://vivaldi.com/bugreport/ and send us the wireshark log as attachment in a reply to bugreport mail.
    So we can investigate this.



    1. I live in the USA.
    2. We lack the privacy laws many European nations have.
    3. I have found extensions like Ghostery to, at the very least, give me some control on what Google gets.
    4. FYI, Yahoo collects metadata too.
    5. Here in the USA you will not be able to stop very much of the Google/Yahoo data mining since the NSA, CIA and FBI rely on them for this information. 9/11 changed everything.


  • Soone send us yet a wireshark log to investigate if privacy is really reduced by "Google Spyware". Sad.



  • Those who noticed this please send them some actual logs so that they can investigate this. Thanks.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.