|Privacy/Security in "Recently Viewed" Thumbnails||Carrie.Emily.Murphy||10/31/11 12:45 PM|
Google Chrome version: 15.0.874.106 (Official Build 107270) m
As a suggestion, it might be best to remove the image from thumbnails for recently visited sites that are secure. Perhaps substituting a lock on a blank grey square. As it is now, for example, you can rather clearly see that I have three accounts at my financial institution, and which institution, just by opening up a new tab. While any important information is far from legible, and I can easily remove the thumbnail, it's disconcerting to have an image of something that's secured and password protected that is so easily accessible.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||†Tommy G.†||10/31/11 12:54 PM|
I complained about this years ago. My answer was that it is to small to read. Kinda like, get over it. I hate the thumbnails.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||Carrie.Emily.Murphy||10/31/11 1:08 PM|
I agree that it's rather small, however, you can quite clearly get a great deal of information from it. For example, because of how my financial institution formats their page, you can tell what's checking vs savings. Also, by hitting Ctrl+ you can tell if I have 10s, 100s, or 1000s of dollars in an account. While that's not a specific amount or account number, I think that's quite enough to be getting on with.
I understand that nothing is "simple" in programming, but really it's a if-then. If a site is an https://, then skip the image.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||S_Z||12/7/11 6:22 AM|
The thumbnail should use fake data instead for privacy concern.
however, it will still be a problem for some confidential
non-text information,such as "Charts". in that case, maybe a metaphor
icon can be used instead.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||caver_tim||12/7/11 6:30 AM|
It'd be a lot of work, and an invasion of privacy, if Chrome read the webpage understood it and blured out the correct areas or used "fake data". (even if you can agree what the 'correct' areas are)
as for "https://" sites should be automatically blured, well a lot of pages nowadays use https eg www.google.co.uk facebook.com etc. just being "secure" is not an indicator that the page contains confidential information
(the phrase secure is also a bugbear of mine. I think it conjures an image of safety that is not correct. https simply means that the stream has probably not been intercepted and changed)
Personally i'd not have my online banking as one of the 8 thumbnails, - thats easy to do by removing it by clicking on X.
Perhaps an option to "not display thumbnail for this page" would let you keep the page you want in the list.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||Alupis||10/24/12 8:12 AM|
Why is this still an issue Google?!?!?!?! It is beyond me to believe anyone with half a brain over at Google actually thinks displaying my PayPal Account page to anyone who sits on my computer is a good idea. Are you for real?????
How about NO thumbnails. It's a serious security and privacy concern. Instead, use something like the websites Favicon as a symbol so the user knows which site it is (graphically)... don't display my account information!!!!!!!!!
This is ridiculous! I want to like Chrome. I really do, but until this is fixed, I can't use it. My computer is in a place where others can have access to it (with or without my permission) and I can't risk having sensitive data exposed like this. I might as well stay logged into my PayPal account and Bank Account for them!!!!!!!!!!
|Re: Privacy/Security in "Recently Viewed" Thumbnails||caver_tim||10/24/12 8:30 AM|
if you don't want paypal to appear on the 8 most used then close that thumbnail and it'll get replaced with something else
|Re: Privacy/Security in "Recently Viewed" Thumbnails||Alupis||10/24/12 12:55 PM|
I don't think you fully understand how major of a security problem this can be.
for there to be a thumbnail, it means that chrome is screenshoting things and storing that image someplace. Which means even after I remove it, there is a possibility of someone up to no good getting a hold of it.
Also, majority of users don't know that this thumbnail is even there. The default new tab and homepage screen of chrome is the Apps page, not the Recently Visited page, meaning those unwanted and security problem thumbnails could be there without the user knowing! That is massive!
Also, this completely makes chrome not even an realistic option in the enterprise. My users have been asking if they could use chrome for a while, and I finally said yes because I've heard nothing but good things about it (how secure it is, google does bug bounties to try to find and fix exploits, etc etc etc.). But then I discover this after sitting down at a users desk!??!?!?!?!?!?! Lo and behold, our company PayPal account is screenshotted right there for anyone to see who sits down at the desk.
This is absolutely unacceptable. There are no excuses.
Default behavior needs to be to not have any thumbnails for any SSL sight. Period. The user should have to explicitly enable this, knowing full well the risks. This is ludicrous!
|Re: Privacy/Security in "Recently Viewed" Thumbnails||caver_tim||10/24/12 1:03 PM|
probably not a lot i can say to placate you.
Its not something i'm personally worried about. I don't go to paypal or banking enough for those pages to come up, and the resolution of the thumbnails is not enough to see any sensible details when i do.
If you're worried enough to not want to use chrome you'll not want to use all the other browsers that do this.
|Re: Privacy/Security in "Recently Viewed" Thumbnails||Alupis||10/24/12 7:49 PM|
A question that comes to mind is that Chrome is likely taking a screen shot of your entire screen, then scaling it down to display in the Recently Visited tab. This means a full size image possibly is stored someplace else on your computer. Not good.
Also, as far as I know chrome is the only browser I've encountered that has this behavior by default. Unacceptable for Enterprise. Therefore its back to IE of FireFox.
Come on google! Fix this!!!!!!!!!!!!!!!!!!
|Re: Privacy/Security in "Recently Viewed" Thumbnails||caver_tim||10/25/12 1:02 AM|
If you're that worried about information being cached, you may also like to worry that perhaps all browsers keep a log of all data filled into forms on web pages including credit card numbers.
I've not fiddled with my installs of Opera or Firefox on my PC and they both have "most visited" thumbnails turned on
You just don't know...
|Re: Privacy/Security in "Recently Viewed" Thumbnails||Alupis||10/31/12 9:12 AM|
I'm sorry, this is complete Horse Shit.
Just because this is not a personal problem for your caver does not mean it is not a major problem for many other people. Try to imagine that you are not the only Chrome user out there.
There absolutely needs to be a way to disable the Recently Visited tabs completely! No Excuse. There are serious reasons why someone would not want anything displayed on that page, or at the very least secured sites displayed. Reasons include massive security problems, as well as privacy problems.
This is a major security concern, one that cannot be ignored. This "feature" is not in FireFox 16. This "feature" is not in IE8, or IE9.
I'm moving our entire office back to IE for now. This is ridiculous. Google, get your head out of the "cloud" and fix this broken "feature".