Phone Home (Google behind the scene)



  • If you have the time, this is a good read for all the "Phone Home" Google stuff in the Chromium browser, even though a lot is removed from it in (Vivaldi), there still is a lot of behind the scenes stuff with Google. Interesting ... https://www.google.com/intl/en/chrome/browser/privacy/whitepaper.html



  • Wow, I just found out that Google even owns the "Widevine" plug-in ! Who knows if that sends info to them too, what don't they own on the web?

    https://googleblog.blogspot.com/2010/12/on-demand-is-in-demand-weve-agreed-to.html

    using it disabled right now to see what happens in Vivaldi



  • Sites like Spotify webplayer won't work without the WiDevine plugin.


    Windows 10 (x64) | Anniversary Update
    Opera Stable · Beta · Developer

    Opera Test profile | Opera Back up Linux · Mac · Win



  • OK you got me, whats Spotify? don't know if I came across it.



  • :o xD

    It's a music service, I think it's more known around Europe.



  • Thanks @Zalex108 didn't know that about Spotify.
    So far all web sites I usually go to work fine even with watching videos, the one that doesn't without the Widevine plugin seem to be like Netflix, Hulu, latest TV shows and Movies, Roku type stuff, but every thing else seems to work fine even just regular You Tube uploaded videos, interesting test to see what does and doesn't work with Widevine plugin.



  • It seems it has some relation with Flash, at least on that site Spotify.
    Without the WiDevine:

    • On Vivaldi just doesn't play the music.
    • But on Opera, a warning about "Install FashPlayer" is showed.


  • @stpvid1 Ok, let's see...

    omnibox - this applies to search suggestions and default search engines. Searching without supplying search keywords is quite missing the point; search suggestions only apply to those search engines for which it is configured (in Vivaldi, e.g. not for Google). Otherwise, this is your choice as user and by default not pointing to Google in Vivaldi.

    Network prediction - Didn't find something about this in Vivaldi. Might be a chance to confirm it's removed or not.

    Google search locale - obsolete. Even if Vivaldi tried to determine locale (extending on language selection in settings), Google does this via IP geolocating. Try using a dutch VPN server and read dutch Google results ;) (or polish, if you're in the Netherlands...)

    New tab page - as far as I could discern, the new tab page might contain your speeddial links, but I've still to see a "suggestions" page like in other browsers. Might be a strong argument against Vivaldi, then. But only then.

    Touch to search - applies only to mobiles. Vivaldi on RasPi, anyone? :)

    Safe browsing protection - integrated, documented and - sadly - activated by default in Vivaldi. Turn it off. I think some other browser tried to proxy the safe browsing servers so users can't be identified by Google anymore. No, you're only identifiable by your browser manufacturer. Not necessarily the better option, YMMV.

    Unwanted software protection - didn't know this... feature. Seems to be a (optional) standalone function on Windows only. Can't see where this is relevant to Vivaldi. Maybe a reference in chrome://settings, go down to "advanced". Was turned of in my install.

    Navigation error tips - present in Vivaldi, accessible via chrome://settings, go down to "advanced". Was disabled on my install. ... And I have a ton of opinion on "assisted browsing", but that's another topic altogether.

    Software updates - this is relevant to Vivaldi, as V. connects to the Google play store to check for installed extensions' updates and if I remember correctly, to Googles update servers for internal chromium-related components. I guess this could be disabled by the devs, but seeing that keeping systems updated is more important that antivirus software, I'm willing to accept this. I'm aware though that not all others will agree with me on this topic. But then, not-Google-based browsers might be a better choice...

    Network time - haven't heard if Vivaldi uses its own time references or system time. No references is flags page. Might be an item for the devs to comment on.

    Counting installations - Vivaldi does this explicitly, but on their own (see https://vivaldi.com/privacy/browser/), not by Google. Thing your own of it.

    Measuring effectiveness of promotion - It is known that Vivaldi has partnered with some web sites, e.g. search providers, which generate revenue for Vivaldi. This can be circumvented by not visiting the relevant bookmarks, not using the relevant search engines or reconfiguring the search engines not to use the Vivaldi partner tags, although this might have a (small) negative effect on Vivaldi financing. Vivaldi does not take part in the described scheme of Google - obviously, as Google is interested in Chrome installations, not Vivaldi installations.

    Usage statistics - couldn't find any hint in Vivaldi's settings, flag or website statements on this topic (except for the installation info, see above). By the way, it is a nice touch of Google to admit that they deep-analyze non-encrypted sync data (!) .... and even nicer of Vivaldi to recommend a different password for their own sync encryption so your data stays private.

    Translate - applicable to Google web services. Never saw anything of this in Vivaldi.

    Sign in to Chrome - not possible in Vivaldi. You can sign in to the Vivaldi community, but only a) on web pages in any browser, b) in the sync settings to identify the account to sync to.

    Autofill - employed by Vivaldi, possible to opt-out or better not-use. Currently subject to security concerns because of "autofill-data harvesting" by invisible form fields. The devs are reported to being working on this. Use at your own risk (but still, autofill data is stored locally, not on Googles servers)

    Payments - online feature / web page feature. Not applicable.

    Geolocation - done by Google webservices for Google search users (and Google maps users). Not a Vivaldi function, as far as I could see so far.

    Speech to text - no idea if this is supported by Vivaldi? In any case I'd recommend a system-wide and unified service, not application-specific.

    Hands-free voice search - "Ok, Vivaldi...". As far as I know, not even on Windows yet. (Still, Cortana and Siri are some kind of competition...)

    Google cloud print - wow. This is some scary idea. Available on Vivaldi on request (vivaldi://settings/cloudPrinters)

    SSL reporting - another "assisted browsing" feature in Chrome, not in Chromium. However, Vivaldi will connect to Googles OCSP servers (clients1-9.google.com) to check for revoked SSL certificates. This CAN be suppressed by firewall rules, but I strongly advise against it. One of the few necessary web services. I'm not sure if it's possible to use other servers / services for this purpose, because I wouldn't want third parties to make me reject otherwise valid certificates and send data unencrypted...

    Token binding - seems to be a new web standard. Not sure if Chromium/Vivaldi already use this. Devs?

    Installed applications and extensions - Vivaldi makes use of the Google store for extensions (installing and updating; probably server-side usage count). If you have extensions locally, you can get away with not using the Google store.

    Push messaging - as far as I know, the technologies behind this are available in Vivaldi, but this is dependent on the message provider, not Google in general. As far as Google sync is used for authenticating, this is not possible in Vivaldi as Google sync is not implemented.

    Chrome custom tabs - seems to be Android-only.

    Continue where you left off - more or less session handling deluxe. Local feature generally present in Vivaldi, though maybe not so thoroughly as in Chrome.

    Chrome variations - seemingly similar to recent Firefox feature testing without the user knowing. Vivaldi does this, also - but it's called "snapshot" and you have to download it yourselves. I love it... ;)

    Do not track - header preference. Option in Vivaldi settings. Effects are purely dependent on the web server operator's willingness to comply...

    Plugins - available on Vivaldi. Flash and Widevine are pre-installed and can be disabled. Vivaldi might think about default settings here...

    Media licenses - available in Vivaldi through Googles (!) Widevine plugin. Other plugins possible.

    Cloud policy - not natively supported by Vivaldi; supported on all Google services web sites. YMMV.

    Data saver - not (yet) available on Vivaldi. Was available on Opera (as Opera Turbo). An excellent way to literally throw your privacy at the proxy operator, whoever that might be.

    Supervised users, kid's accounts - apparently not present in Vivaldi. Personally, I prefer proper media education over technical solutions, but who am I to recommend this...

    Incognito and guest mode - Private browsing is implemented in Vivaldi, guest mode (temporary blank profile) not as far as I know. Might be possible via command-line switches to use a different data directory. Nowadays probably easier to use a new or guest account on the computer itself. Not only keeps your profile clean, but also you data private...

    MacOS handoff support - not (yet?) available. Seems to be a cool feature for Mac users, but it does use Apples servers. YMMV.

    Security key - FIDO U2F (universal 2-factor) keys seem to work on Vivaldi, according to reports on the web. Have seen no official statement to this effect.

    Physical web - bluetooth device integration with Chrome. Don't know if Vivaldi supports this - "bluetooth low energy (BLE) advertising in chrome apps" is a flag in Vivaldi, but "not available on your platform"...

    Bluetooth - see above. Not sure if this is the same or not.

    Chrome data that Android sends to Google - not applicable as long as Vivaldi is not ported to Android.


    Oh, and furthermore and sporadically touched in the whitepaper - anyone who is collecting Google cookies as a user (or without 3rd party block as a ignorant user) or even better, who is logged into Google - forget everything in the paper. You are actively distributing your infos to Google, so don't bother talking about any browser "phoning home" as long as you don't try and prevent being identifiable anywhere...

    Personally, I know about the observed connections from Vivaldi to Google without my intervention (OCSP, extension updates, Chromium component updates) and can accept them. Up to now, I have not been able to monitor additional connections to Googles servers or services which were not initiated by me. This was confirmed on two Macs and a Windows PC with Wireshark. I am aware that I am not able to see inside the encrypted connections.
    However, I will dedicate my remaining paranoia towards securing my privacy towards web sites from Google and in general, and not against the browser. If I don't trust my software (including the OS!), then I switch and use other software. Happy browsing :)



  • Wow ! Somebody did their Homework !



  • Autofill - employed by Vivaldi, possible to opt-out or better not-use. Currently subject to security concerns because of "autofill-data harvesting" by invisible form fields. The devs are reported to being working on this. Use at your own risk (but still, autofill data is stored locally, not on Googles servers)

    This is worrying. I use Autofill way too much lol


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.