Google Chrome 'silently' downloads 4GB AI model to your device

[Non-Euclidean]

Google Chrome 'silently' downloads 4GB AI model to your device without permission, report claims — researcher says practice may violate EU law, waste thousands of kilowatts of energy​

Security researcher Alexander Hanff, also known as "That Privacy Guy," has published a new analysis claiming that Google Chrome is silently downloading a roughly 4GB on-device AI model to users' machines without notice or consent. According to Hanff, the behavior mirrors a separate issue he recently identified involving Anthropic's desktop software, and together the two cases point to a broader pattern of how large tech companies deploy AI features.

Hanff's earlier report focused on Anthropic's Claude Desktop app, which he says quietly installed a browser integration bridge across multiple Chromium-based browsers on a system, including five browsers he did not even have installed. According to the researcher, this happened without any user prompt or meaningful disclosure, and the integration would reinstall itself if removed. He argues that this kind of silent modification of a user's environment violates both user expectations and, in his view, European privacy law.

Full article at:

Google Chrome 'silently' downloads 4GB AI model to your device without permission, report claims — researcher says practice may violate EU law, waste thousands of kilowatts of energy

The integration would even reinstall itself if removed

www.tomshardware.com

 

[NoBoMac]

Will need to have a closer read of the detailed post referenced in Tom's article, but quick scan, not seeing it on my side of things. But that might be due to I've blocked Chrome's ability to do anything automatically (read: update everything Google). Took all permissions away from Google related things so that it can't read/write anything related to them, emptied folders, etc.

% cd ~/Library
% find . -perm 000
./Application Support/Google/SoftwareUpdates
./Application Support/Google/GoogleUpdater
./Google/GoogleSoftwareUpdate
./LaunchAgents/com.google.keystone.xpcservice.plist
./LaunchAgents/com.google.keystone.agent.plist

 

[bogdanw]

Google's statement https://www.engadget.com/2166113/ch...file-without-user-consent-researcher-alleges/
"AI" can be blocked with a configuration profile.
https://forums.macrumors.com/thread...to-turn-off-ai-features.2477076/post-34411633

 

[auxbuss]

Discussed on HN, where despite being by far the most active post for the past day, the story has miraculously disappeared from the top-200 most active posts. Strange.

https://news.ycombinator.com/item?id=48019219

 

[NoBoMac]

Some (maybe) useful stuff here:

https://www.reddit.com/r/chrome/comments/1t536x6/psa_chrome_silently_downloaded_a_4gb_ai_model_on

Some of the instructions I've seen seem to be wrong and or for Windows. Reading over a few sites it seems, for Mac, want to type in "chrome://flags" in Chrome and search for anything with "Gemini" or "AI" in it: toggle "Disabled".

As mentioned earlier, my zeal to disable Google from updating things on their own has blocked this all, but went ahead with disabling the Gemini/AI stuff as well. Will check periodically to see if things are being blocked per my wishes.