> I work with all of these devices. Yet I don't want any of that syncing.

So... you're happy that they're giving you the option to turn it off then, right? I mean, you appear to concede that someone users want this. You want the option to turn if off, which you're getting. That seems like good news.

Except your tone doesn't seem to match your logic.

FWIW: I use Firefox too. But... I mean come on folks. They messed up, they're fixing it. The obsession with hatred and flamage is getting a little out of control.

The issue is that trust breaches can't just be rolled back. You put people in a situation where they don't want to get caught out by the next change that the press doesn't pick up and/or you don't hear about.

It's possible that I want my passwords (of other sites) synced on all instances of Chrome across my devices, but I don't want Google to know these passwords (obviously). They have an "encrypt-passwords" feature for that.

https://support.google.com/chrome/answer/165139

Perhaps you have never visited passwords.google.com :-)

The link says:

> Passphrases are optional. Your synced data is always protected by encryption when it's in transit.

Data is protected when in transit and passphrase is optional. How is this a good feature?

The difference is whether or not Google can see your passwords.

When you use a passphrase, your data will presumably be encrypted with your passphrase and thus only be visible to you with knowledge of the passphrase. Not even Google could see the data while it would be stored on their servers.

Encryption during transit means that no bad actors like hackers, unscrupulous ISP's or overzealous governments can access your data _while_ it travels over the wires towards Google's servers but Google can still do what it wants with your data.

My question is why is that not on by default? Why would it ever be acceptable for Google to have unencrypted copies of your bank password for example?

I would assume it's the standard tradeoff - if you lose the key to the password DB (be it an actual cryptographic key or a password you synthesize it from), you lose access to the data, and some people are more interested in guaranteeing access to their data over avoiding storing it with an external entity.

(I work for Google but on nothing remotely related to this.)

One advantage that wasn't mentioned is the ability to send a tab between devices.

I'm looking at something on my desktop, have to go somewhere, so I just send the tabs to my phone and continue consuming. If I forget to do so, I can also use the url bar to search through common history, so that I could enter a few words from the title and go back to that article.

That being said, I personally wouldn't trust Google to do this, so I use Firefox that I believe encrypts data client-side by default.

Your use of the word "consuming" definitely solidified the idea that I'm all set without these features, I don't miss them that much.

> The thought that Google wants to send my 'recently opened tabs' to their servers makes me shudder. So they get the whole browsing history of every one of their users?

They claim sync data is end-to-end encrypted. However they would already have your browsing history if you have address bar suggestions enabled.

Chrome is not really a web browser, it is a part of the Google crawling machine.

Distributed, and it pays for itself using AdSense.

What if other people do want it?

Beware the The Tyranny of the Minimum Viable User:

https://old.reddit.com/r/dredmorbius/comments/69wk8y/the_tyr...

Hilariously, that WOT doesn't address my point.

Here's one way: there's not a singular axis that users wanting sync and users not wanting sync can be placed on and compared.

The other poster expressed how the feature sucked for their purposes. But the feature wasn't made to punish them, it was made after evaluating the preferences of many users, which is what my question is getting at.

Features can introduce risks in various ways. I discovered this long ago through a software vendor's annual feature request solicitation, in which I learned to be ware of what others ask for: you may get it.

Specifically as to sync: I would love to be able to sync certain elements of browser state between my systems.

Not between one of my systems, some arbitrary third party of questionable trust and intentions, and another of my systems. But directly between my systems.

Google actively thwart this.

A feature of most early browsers was the ability to save bookmarks to a file, and import that elsewhere. By slight extension, a browser session or tab state can be saved, either directly, or as bookmarks.

Chrome does not do this, either at all, or on all platforms. It's most resistant to this on the consumption-only platform of Android.

This has been a major point of frustration to me for a year and a half as I've been wanting to dump user state from one system to another, without Google intermediating that exchange for me. I've found no means of accomplishing this.

That is one element of the tyranny of the minimum viable user, as well as of Google cattle-prodding its users into the feed chutes.

They already have most of your browsing history simply by having you logged into your Gmail and browsing the sites having Google Analytics installed (which is most of the sites on the internet these days).

Some of us don't use the gmail web interface (opting for IMAP or a different provider instead), and use an ad blocker to take of analytics.

I do the same but sometimes I get email from google telling that I should disable access to those unsafe apps.