A lot of security experts went into panic mode when Kelly Shortridge showed on Twitter that her files are been scanned by Chrome. Even the files which aren’t in a special folder like Documents or the Windows dir. She and others started to ask why Google is going to scan private files – but is Google really spying?
Google’s cleanup tool
The program is originally designed to remove Google leftovers in case you want to remove e.g. Chrome or re-install a Google product in order to fix problems. AV developers have similar programs, so this is not really a special case here. The question Kelly asks is why this program scans certain program folders outside Documents, Windows etc. and people started to raise their concerns why Google is doing this.
Chome on Windows looks through your computer in search of malware that targets the Chrome browser itself using ESET’s antivirus engine the button ‘report details to Google’ doesn’t expose your private files, the process itself is also isolated – which means it’s not easy attackable and should prevent MITM attacks – by default the option can be checked or unchecked and it’s not hidden.
As the head of Google Chrome security Justin Schuh explained on Twitter, the tool’s “sole purpose is to detect and remove unwanted software manipulating Chrome.” Moreover, he added, the tool only runs weekly, it only has normal user privileges (meaning it can’t go too deep into the system), is “sandboxed” (meaning its code is isolated from other programs), and users have to explicitly click on that box screenshotted above to remove the files and “cleanup.”
This basically means, Chrome Cleanup Tool is less invasive than a regular “cloud” antivirus that scans your whole computer – including its more sensitive parts such as the kernel – and uploads some data to the antivirus company’s servers. These data are even partially obfuscated in order to protect your identity.
Even experts like Kelly can come to wrong conclusions and it’s not really a surprise that this story got much bigger than expected over the easter days. The problem these days is more and more that people coming to wrong conclusions or simply not doing any research, you post your ‘findings’ on Twitter and then the rest of the world believe that this is the ultimate truth. Some people might even call it fake news, however since Kelly is a known name I’m not going too deep into it, she simply asked why this was happening and we got an official answer. Everything seems okay.
However my advice is to always check the advanced options a program has to offer in order to reveal ‘hidden’ options, in our case nothing was hidden, the toggle was visible right from the beginning, Google maybe just should put a link to it, to explain the scanning process a bit more in detail but that’s all I can see in this story.
- A cleaner, safer web with Chrome Cleanup (blog.google)