Doesn't Chrome send your entire browsing history to Google as well?
Edit: I thought this was a well know fact and if it isn't I might have been to harsh about Google and Chrome.
Edit 2: Thinking about it and searching a bit I conclude that IIRC Google at least used to have access to your browsing history as part of syncing it unencrypted.
Only through sync, which you can encrypt with a separate password to your Google account.
My sync is encrypted so I can't test this for you but I believe if it's not, you can check (and clear) your history here: https://myactivity.google.com/myactivity
Ah I was wrong about this!!!
SafeBrowse uses hashes.
Edit: never be afraid to admit your were wrong folks :) So it only gets a “potential list” of sites you visited. Wonder if the operators could aggregate the data enough to deanonymize things
> Doesn't Chrome send your entire browsing history to Google as well?
Most browsers/users do, essentially. When a person searches Google for example, results are links to Google that redirect to the target sites. Try it, mouse over a result, and look at the URL. Then a user clicks on one and finds a page that likely has doubleclick.net/adsense/analytics/fonts, which all feed back to Google. Or buttons/pixels/whatever for Facebook. Or both. Or both and 10 more organizations. Then since all mainstream browsers by default send referrer info, and since tracker code is so pervasive, and since browsers are easily fingerprintable, trackers follow you along as you click links going from page to page. Trackers are getting redundant high quality data. They're right there with you as you browse; they see what you see. Although some browsers are easier to configure for privacy, IMO the browser you use is less important than how you use it.
Multiple organizations have the potential to possess a near-complete view of your browsing history.
Everything you type into the address bar gets considered for possible completion, right? And part of that quite possibly entails sending it off to Google servers which take a stab at finding completions for it. Your claim seems plausible at least.
Also note there is a “roulette” feature in most address bars, where the browser starts loading and rendering the site before you ever hit submit. Very handy for sites wanting to pursue persistence
My activity[0] is Google's official way of telling you what it has collected about you from sources like Chrome. Things there will be used to personalize your experience.
If you are logged into Chrome your history is synchronized across platforms, tied to your Google account. Same as with Firefox Sync. Not sure about behavior when not logged in, or when incognito.
It is not so easy to do this MITM trick with Chrome, it has Google certs pinned down.
"For the transparent proxy to work, it needs .google.com to be added to the URL whitelist to allow all traffic to .google.com. This configuration is not supported because of Chrome security features that are in place, and we recommend that you avoid the use of transparent proxies." https://support.google.com/chrome/a/answer/3504942?hl=en
If you sign in it syncs history across devices, so I assume it does. Although it would technically be possible that they encrypt it using a key Google doesn't have, I wouldn't assume they implemented that.
Edit: I thought this was a well know fact and if it isn't I might have been to harsh about Google and Chrome.
Edit 2: Thinking about it and searching a bit I conclude that IIRC Google at least used to have access to your browsing history as part of syncing it unencrypted.