Chredge snoops your other browser data

Topic

New Reply

Hello,
Beware of this behavior of MSFT Edge. It is reported, that after opening Edge, users see their bookmarks imported withour their permission.

After that, during Edge configuration, if user selects that Edge wont be default browser and does not want to import data from others, bookmarks dissapear.

Source:
https://wccftech.com/microsoft-edge-is-reportedly-stealing-data-from-firefox/

I saw in the past, that Edge without my permission snooped my user data (username and domain – it can be found in Help->About dialog), but I was not able to reproduce this issue at this moment.

Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

PRUSA i3 MK3S+

1 user thanked author for this post.

wavy

Reply | Quote

Replies

I decided to experiment with the chromium based Edge… and downloaded it separately from Windows Update. It respected that it wasn’t set as the default browser, and did not import any book marks.

But… the incidents referred to in the article seem to be associated with people who received Chredge automatically, through Windows Update…

It reminds me that just because there are choices offered, it doesn’t mean that Microsoft has to honor those choices… and Microsoft has shown blatant lack of respect for end users.

I have experimented with chromium Edge because of the promise that it may allow finer control of privacy than Google… it doesn’t bode well if it transfer bookmarks while designating itself default. Again… I did not find this when I installed it separately from Windows Update.

Non-techy Win 10 Pro and Linux Mint experimenter

2 users thanked author for this post.

doriel, CADesertRat

Reply | Quote

Same here Elly, I just downloaded it the other day and it seemed to respect my wishes even though it is not my default browser. I haven’t messed with it very much yet though so I can’t give it much of a review. I think that downloading it instead of getting it through WU may be a good point, as you brought up.

Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).

1 user thanked author for this post.

Elly

Reply | Quote

I’ve just configured a laptop running Windows 10. Due to various concerns of its eventual owner I’ve disabled legacy Edge and also prevented automatic installation of Chredge using a REG file. Instead I’ve installed Brave as the default browser (with Firefox as the backup).

I think I’ll keep an eye on reports re: Chredge for a while before allowing it anywhere near. 🙂

Reply | Quote

Seems like this might just be highlighting the behavioral differences between Windows/MS Updates and the standard (stub/.msi?) installers, nothing to do with ChrEdge, just different wrapper designs.

Windows/MS Updates being designed to be mainly background/unattended/batch, whereas elective installer downloads are very much hands-on/step-by-step.

1 user thanked author for this post.

Elly

Reply | Quote

So the problem that @Doriel provided a link to, in original post, is specific to chromium Edge being received through Windows Update.

The concerns voiced in that article is that they did not want chromium Edge:
– Rebooting the computer resulted in a forced tour of a browser that the person did not want or intend to use.
– Edge copied Firefox bookmarks to Edge favorites without any authorization or approval required by user… the concern being unauthorized access to data.

Before I chose yes or no my bookmarks from Chrome were already on the opened Edge browser’s bookmarks bar. When I clicked no they disappeared.

It is unclear if this is just an oversight from Microsoft’s part, bad code, bad launch, or yet another example of the company tricking more users to its new products.

How can I be sure Edge didn’t save any information? I find it strange that it pulled information from my chrome browser without my permission.

The article also expresses concern that older relatives might be inadvertently forced into using chromium Edge because of the way it presents itself, instead of the browser with which their tech helper has set them up with (with ad-blocker and anti-tracking).

I’ve tried to not ‘trigger’ my own negativity around Microsoft’s overbearing control of my hardware… which is why I did a manual install and did a test run. Unfortunately, I’m not techy enough to test whether Edge becomes another vector for unwanted data vaccumming. Edge worked, as far as browsing goes. It does have the ‘bug’ regarding videos on YouTube and other sites, in that you have to turn off UBlock (the only extension I tested it with) to work with them. But on 1909 Pro, with Update Settings following PKCano’s recommendations, it hadn’t appeared for download, let alone download or set up without permission. So, following those recommendations, and Woody’s DEFCON system, it appears that the problems found in this article just don’t happen (yet?).

I’m a satisfied user of Pale Moon… I know it doesn’t have a large user base, but it does do what I want it to do, has the extensions I need and use, and isn’t being developed to suck data from me. The people quoted in this article clearly don’t trust Microsoft or Edge. I’m glad there are alternatives that I can trust.

Non-techy Win 10 Pro and Linux Mint experimenter

2 users thanked author for this post.

doriel, satrow

Reply | Quote

Elly wrote:

It does have the ‘bug’ regarding videos on YouTube and other sites, in that you have to turn off UBlock (the only extension I tested it with) to work with them.

It doesn’t for me.

Reply | Quote

@b- Which ad-blocker(s) did you test it with?

And did you install chromium Edge yourself, or are you using the version that comes through Windows Update?

Do you use it while signed into a Microsoft or local account?

I think all of those might be pertinent variables.

Were you already using the legacy Edge, so it just assumed your settings, as expected behavior? If so, you didn’t actually test whether it co-opted settings/data from separate browsers… but did you notice anything else that might pertain regarding data snooping, or how it can be controlled by end users? You’re usually up on all the latest… 🙂

Non-techy Win 10 Pro and Linux Mint experimenter

Reply | Quote

reviewgeek.com has an article entitled “Microsoft Edge Doesn’t Wait for Permission to Import Your Data” which seems to have a slightly different angle on this issue.
https://www.reviewgeek.com/46340/microsoft-edge-doesnt-wait-for-permission-to-import-your-data/

Windows 10 Home 22H2, Acer Aspire TC-1660 desktop + LibreOffice, non-techie

Reply | Quote

According to Windows Central a Microsoft spokesperson sent them the following statement:

We believe browser data belongs to the customer and they have the right to decide what they should do with it. Like other browsers, Microsoft Edge offers people the opportunity to import data during setup.

According to reviewgeek, they also said:

During the first run experience, the customer is presented the opportunity to keep or discard the imported data. This data is discarded if they choose not to proceed with the import. If a customer terminates the new Microsoft Edge browser prematurely during the first run experience (e.g. using Task Manager), residual data may not be fully deleted. We recommend customers not shut down the setup process prematurely to ensure an expected result.

The issue for Microsoft is that people are not completing the ‘First Run Experience’ and that therefore, customers expecting not to have their data imported will find that it has been.

This is strikingly different from the issue for end users that have posted, whether on Reddit, or other forums… and that is, end users expect Microsoft not to access their browser data on other browsers without permission. That Microsoft magnanimously decided that the browser data ‘belongs to the customer’ and that we should ‘decide what happens to it’, doesn’t mean that it doesn’t access and use the data (remember Microsoft’s all encompassing EULA?) according to their purposes.

Using W10 means you have given Microsoft access to the data from anything you choose to do with it, and clearly, although you may have chosen to block all Microsoft apps, they can collect and use the data from any other browsers you are using…

Why is that important? See EFF Why Metadata Matters for the best explanation.

Microsoft wants our trust… just check out how they emphasize privacy and respect in presenting chromium Edge in the first run experience. But… their EULA and privacy statement negate both trust, and indicate, profound disrespect for personal boundaries of their customers… and the behavior, that we can see, is that they access our data at will.

The issue isn’t that they misuse that data. Peeping Toms don’t cause direct violation of a person, like rape does… but society has long recognized that peeping, even when the ability to do so exists, is morally objectionable… and that people have a right to expect privacy within their own homes. Microsoft is peeping into our lives… they’ve entitled themselves to access our data… and it is wrong. I would expect an OS to provide actual privacy for end users, even from its developer… not steal it to develop AI, or even to use it to make my user experience better.

Most people accept the privacy curtains that Microsoft has placed for them… most of the time they cannot ‘see’ how invasive and thorough Microsoft’s telemetry is, so they are fine with it. Most will take Microsoft’s reassurance of their ‘rights’ to decide what to do with their browser data as evidence that Microsoft is providing privacy and end user choice. It isn’t. It actually demonstrates how little folks know about the data that Microsoft collects, and in how few places they actually get some choice, and no actual, privacy concerning it. And, no, we shouldn’t just get used to it… or find it acceptable.

Non-techy Win 10 Pro and Linux Mint experimenter

4 users thanked author for this post.

JohnS1606, doriel, Rick Corbett, Ascaris

Reply | Quote

The issue isn’t that they misuse that data. Peeping Toms don’t cause direct violation of a person, like rape does… but society has long recognized that peeping, even when the ability to do so exists, is morally objectionable… and that people have a right to expect privacy within their own homes. Microsoft is peeping into our lives… they’ve entitled themselves to access our data… and it is wrong. I would expect an OS to provide actual privacy for end users, even from its developer… not steal it to develop AI, or even to use it to make my user experience better.

Any evidence that Microsoft does anything with Chrome or Firefox bookmarks other than import them to Edge and then offer to discard them?

Reply | Quote

As I point out, the issue isn’t use, but access. Microsoft’s response is proof that they are accessing data from apps that are not theirs, and not part of W10, intentionally, and without end user permission beyond their over-reaching EULA and (lack of) privacy statement.

anonymous wrote:

Any evidence that Microsoft does anything with Chrome or Firefox bookmarks other than import them to Edge and then offer to discard them?

Part of the problem with telemetry is that end users cannot see what Microsoft is accessing, although it is clear from the Edge implementation that data that on other browsers is accessed, and moved to their browser, before the end user consents.

Since they refuse to provide a telemetry off option, or a way for end users to review and delete telemetry before it is encrypted, there is a chronic power imbalance between Microsoft and their end users. A balance of power, with respect for boundaries, is essential for healthy relationships, whether interpersonal or commercial. Asking for consent, after the fact, is a violation of boundaries.

Non-techy Win 10 Pro and Linux Mint experimenter

3 users thanked author for this post.

JohnS1606, Ascaris, Rick Corbett

Reply | Quote

the question remains ; how to delete a bulk amount of bookmarks in edge, w/o a real manager gui it seems to be a one at a time operation. 🙁

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Favorites, Manage favorites, Favorites Bar, Ctr-A, Delete, Other Favorites, Ctrl-A, Delete.

Reply | Quote