Skip links

The truth about Google Chrome using SpyStudio

Everyone has a lot of questions about Chrome.  Some people say that it is spyware because each and every character you enter is sent to Google.  Hundreds of comments like this can be found on the web, like this one that says “Chrome spends nearly as much time phoning home to Google as it does talking to other Web servers.”  On the other hand, you can also find on the web the opposite opinion that claims “If you do not wish this data to be sent to your search provider, you have a number of options: Use incognito mode, turn off search suggestions permanently or change your search provider.”

Who is correct?  What kind of information is really traveling between Chrome and Google?  What data about you is being sent to the web?  Is it true that Google’s browser sends details about everything you do?  Is it an unsafe browser?  What happens behind Incognito mode?

The first thing we want to know is “What information does Chrome send about visited sites to Google”? Many different opinions can be found on the web, and some are really alarming.  One person says that toolbarqueries.google.com collects everything the browser sends to it.  This is indeed true, and you can see in metrics_service.cc [chromium.org], what information about visited websites is being sent.  Although this only happens if you selected it in Chromes ‘Under the Hood’ (Options -> “Help make Google Chrome better by automatically sending usage statistics and crash reports to Google”) this option is not selected by default, you have to specifically select it during the Chrome installation.  Using SpyStudio you can be 100% certain about this by checking and un-checking the option, and watching all the ‘send’ function calls.  So, does Google Chrome send information about every website you visit to toolbarqueries.google.com?  The answer is no, it does it only if you request it to.  This doesn’t mean that other information, like the one send to google-analytics, is not being sent anymore.

However it is interesting to notice that this behavior is exactly the same under Incognito mode.  This means that if the option of sending usage statistics is checked, it doesn’t matter what mode Chrome is running, the statistics are sent anyway.  We know that the only differences between normal and Incognito modes are the logging of websites visited, files downloaded, download histories and cookies.  So this feature is local to the machine, and nobody has said that statistics are not sent under this mode.  Although I think for many of us, we implicitly assume to be anonymous while running Chrome under Incognito mode.  So we better keep the limitations of this feature in mind!  Again, this only applies when sending statistics option is selected.

The other feature we want to inspect is the suggestion made by the address bar: “When you type URLs or queries in the address bar, the letters you type are sent to Google so the Suggest feature can automatically recommend terms or URLs you may be looking for.”  This is highly controversial, we want to know about this feature when using Incognito mode (in which the suggest feature seems to be automatically disabled). Again we can use SpyStudio to make sure.  You can see that Chrome does not send any information to Google about your key strokes when using Incognito mode.  You can also watch calls to GetAddrInfoW function, which provides protocol-independent translation from a Unicode host name to an address.
When you are not running on Incognito, you can turn this off by right clicking on the address bar and selecting “Edit search engines…” Then uncheck the check box at the bottom labeled “Use a suggestion service to help complete searches and URLs typed in the address bar”.

We can now safely stop all the paranoia about Chrome.  We can see the information that Google Chrome sends to Google using SpyStudio and we know that this depends on the options you choose.  So Chrome is not spyware that sends everything you do to Google.   I also believe it is important to understand what features the Incognito mode provides and not assume things about it.

Watch Google Chrome

See for yourself the information that Google Chrome sends to Google.  Use Nektra’s SpyStudio to monitor Chrome’s behavior.  It is very easy:

  1. Download SpyStudio from Nektra’s website free of charge and install it.
  2. Replace the database ‘deviare.fdb‘ with a new version.  You will find ‘deviare.fdb’ in the path you installed SpyStudio: SpyStudiobin
  3. Download the script chromewatcher and then add the path where you saved it to SpyStudio.  Edit -> Preferences -> Python
  4. Run SpyStudio and import the module chromeWatcher by typing “import chromeWatcher” in the Python console.  Then start monitoring by calling the Begin() function by typing “chromeWatcher.Begin()”.
  5. Now watch SpyStudio while using Google Chrome to find out what information is sent by Chrome.

What does the ChromeWatcher script do?

The ChromeWatcher module was specially made to capture calls to the Winsock functionssend‘ and ‘WSASend‘. To know where the information is going, a socket connections track must be kept.  So it is necessary to hook ‘connect’ and ‘select’ functions too.  The idea behind ChromeWatcher is to hook ‘send’ and ‘WSASend’ calls that are made to Google and show them to you.
To understand better this script you can see SpyStudio documentation on: SpyStudiodoc

  1. The business model of Google Chrome is no different from Gator or Bonzi Buddy.

  2. Google Chrome and Google in general is but another symptom of a fearful, control freak, centric style of government. If you liked how the GWB regime trampled your liberties, you’re gonna love the Obamination and Chrome.

  3. Hey CIS, how many pages can you publish your catchy little “Obamanation” ditty? Back these thoughts up with some factual statistics and let the rest of us read helpful information instead of propaganda. j

  4. We TRUST Google.
    Google has been good to us, and for us.
    I intent to install the new Google Browser, and try it.
    I will not lose any sleep.
    I look at Google as my friend, not my enemy.

  5. Advantageously, the post is really the sweetest on that notable topic. I concur with your conclusions and also will thirstily look forward to your upcoming updates. Saying thanks definitely will not simply be enough, for the fantasti c clarity in your writing. I can at once grab your rss feed to stay abreast of any updates. Genuine work and much success in your business dealings!

  6. Google Chrome is just another method of spying on everyone from the biggest secret service in the world, Google. It knows all your searches, wishes, emails, if you use their email system and many more, by spying you through their “free” apps and services which are spread on other sites through the infamous Google Analytics – the biggest spyware app on the planet.

    They want to take your freedom, your thoughts and your computer content, lately through one of the biggest scams in working, the Google OS,…which is nothing more than an interface for your computer content on THEIR servers called a cloud. This cloud thing is the attempt of Google and it’s peers to STEAL your computers, basically and OWN everything you hold on them and YOU, in the end. You will see no freedom using all that Garbage.
    You can escape their spyware by making some efforts, like clean your firefox of all google and geo (geolocation) by entering about:config in the address bar. Also you can install some cookie manager and block all their cookies and adblock plus and block all their analytics code spread all over the internet as well as other garbage, like social facebook buttons and twitter, etc, all that crap.
    Be smart, you don’t need google to search the web or use the internet, don’t lose your freedom. You can use duckduckgo.com, ixquick.com, startingpage.com or scroogle.com. The last two are google searches through proxies and all record no IP’s, searches, details and they don’t spy on you.

    You folks should inform people, is like a duty to community or something. If you don’t say all is going on, we’ll end up in boxes owned by google an paying for mouse clicks on our own content.

  7. Do no evil ! = put a dumb colored logo, call it Google, steal the internet and people’s computers. It all looks like an undercover operation ?

    Google is worse than Microsoft, Apple and AT&T altogether. Is like the public feds on the loose to get everybody and own every thought, political orientation, opposition, FREEDOM.

  8. Google might not be the only spy in town. I found this sight that promoting spy on your spouse, employee, or anybody who as a cell phone.

  9. Some of these comments are so stupid. Google wants to take our freedom and steal our computers? Stop wearing your tin foil hat so tight, it’s cutting off the circulation to what little brains you have.

  10. Google
    Permalink

Comments are closed.

This website uses cookies to improve your web experience.