Chrome Silently Installs a 4GB AI Model On Your Device Without Consent (thatprivacyguy.com) 160
Longtime Slashdot reader couchslug shares a report from That Privacy Guy's Alexander Hanff: Two weeks ago I wrote about Anthropic silently registering a Native Messaging bridge in seven Chromium-based browsers on every machine where Claude Desktop was installed. The pattern was: install on user launch of product A, write configuration into the user's installs of products B, C, D, E, F, G, H without asking. Reach across vendor trust boundaries. No consent dialog. No opt-out UI. Re-installs itself if the user removes it manually, every time Claude Desktop is launched. This week I discovered the same pattern, executed by Google.
Google Chrome is reaching into users' machines and writing a 4GB on-device AI model file to disk without asking. The file is named weights.bin. It lives in OptGuideOnDeviceModel. It is the weights for Gemini Nano, Google's on-device LLM. Chrome did not ask. Chrome does not surface it. If the user deletes it, Chrome re-downloads it. The legal analysis is the same one I gave for the Anthropic case. The environmental analysis is new. At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tons of CO2-equivalent emissions, depending on how many devices receive the push. That is the environmental cost of one company unilaterally deciding that two billion peoples' default browser will mass-distribute a 4GB binary they did not request.
Google Chrome is reaching into users' machines and writing a 4GB on-device AI model file to disk without asking. The file is named weights.bin. It lives in OptGuideOnDeviceModel. It is the weights for Gemini Nano, Google's on-device LLM. Chrome did not ask. Chrome does not surface it. If the user deletes it, Chrome re-downloads it. The legal analysis is the same one I gave for the Anthropic case. The environmental analysis is new. At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tons of CO2-equivalent emissions, depending on how many devices receive the push. That is the environmental cost of one company unilaterally deciding that two billion peoples' default browser will mass-distribute a 4GB binary they did not request.
Charge Google rent (Score:4, Insightful)
With the RAM and storage prices these days, they need to pay rent if they're going to "crash at your place" - no squatters allowed!
Re: (Score:3)
You welcomed them rent free. You're free to kick them out at any time.
Re: (Score:2)
WHERE'S MY LAWSUIT U TROLL?
Re: (Score:2)
Hahahaha speaking of rent free.
Re: (Score:2)
Re: (Score:3)
You welcomed them rent free. You're free to kick them out at any time.
A far more accurate analogy is that you invited one friend over, and they invited all their college buddies without asking you, and you've been forced to kick the buddies out repeatedly because they somehow can't hear you when you politely ask them to leave, only for them to end up crawling back in through the bathroom window.
Re: (Score:2)
Re: (Score:2)
Except your beef is with the friend who keeps letting them in again. You can kick the friend out too. You choose not to.
But buddies is the wrong word. Buddies implies whole unique different products along side the browser. The AI model is a feature of the browser itself (check the Chrome beta, it's got a button and AI features built in).
An even more accurate analogy would be inviting a friend over, enjoying their company for years, and then at some point they develop a medical condition like Tourettes which
Re: (Score:2)
If you're so certain of that, why didn't you use an example like that in the first place?
Environmental impact probably overstated (Score:2)
The environmental impact is probably overstated. Chrome uses P2P to distribute updates, which can dramatically reduce the amount of data sent over the wire.
Re: Environmental impact probably overstated (Score:2)
Uhm; sorta.
You still need to receive it all.
That said, the article is dog shit.
Re: Environmental impact probably overstated (Score:4, Funny)
Yeah, but you also send some of it. That's negative data (the opposite of receiving) so it cancels out.
Re: (Score:3)
Google's wire, sure. Your wire, no.
Re: (Score:3)
I'm assuming (the article really isnt clear on this) that its refering to the energy of a bunch of billion computers actually running the AI model, as GPUs running AI chews a tonne of energy. At those scales it does add up.
I've gone and deleted chrome. I'm using Brave, but its crypto-bros in charge of that so I dont exactly trust them either. They just have a really effective adblocker that doesnt seem to trigger youtube into issueing shrill threats about breaking TOSs with adblockers
Re: (Score:2)
>"I've gone and deleted chrome. I'm using Brave, but its crypto-bros in charge of that so I dont exactly trust them either. They just have a really effective adblocker that doesnt seem to trigger youtube into issueing shrill threats about breaking TOSs with adblockers"
I would suggest Firefox + UBO. I have no problems on YouTube or other sites with them (at least that is my experience on my machines which all run Linux). And as a huge bonus, you get to NOT support Google's efforts to control the web (Br
Re: (Score:2)
I use Firefox with UBO and occasionally youtube gets mad for a day or two, then it works again. Yes, I've run updates manually.
I still recommend it as long as it works, though.
Sadly I can't recommend Firefox for mobile any more. It crashes on me every day, sometimes multiple times, when using javascript-heavy sites.
Re: (Score:2)
P2P results in more traffic, not less. The traffic is merely offloaded from google's server.
Re: Environmental impact probably overstated (Score:2)
But that means at least part of the data is distributed from local free range organic internets and not Google's centralized whale oil burning corporate iron internets.
I have a solar Internet collector on my roof, you're welcome.
What do you expect from an advertising company? (Score:3)
Re: (Score:3)
Old Google: Don't be Evil.
Alphabet: BE EVIL.
Chrome is malware and spyware (Score:2)
And should be treated as such.
why so mad? (Score:2)
This is far less annoying than software_reporter_tool.exe
The Scorpion and the Frog (Score:4, Insightful)
Google is an ad company. They give away everything from browsers, to email, to mobile OS for free; because they are an ad company. Do not use the browser of an ad company. Imagine if Facebook had a browser. Would you use that?
Re: (Score:2)
People even use the facebook app.
I read TFA (Score:2, Troll)
and it seems this is happening when Claude Desktop is installed.
Or, to put it another way, Anthropic build Claude Desktop to do this.
My Chrome does not seem to have done this on a Windows machine. No sign of the weights.bin file, and I do not have Claude-anything installed.
I'm thinking this is not a Chrome problem, it's an Anthropic problem.
Prove me wrong. Validate my sig.
4G disk and 4-10G ram just to open an basic webpag (Score:2)
4G disk and 4-10G ram just to open an basic webpage?
weights.bin (Score:2)
What if you write a bunch of random noise of the same file size to weights.bin ... what happens then?
Re: (Score:2)
Then it just weighs down your computer.
Easy fix - ditch chrome (Score:2)
This should be a notification to ditch this slop. Fortunately I never used chrome to begin with.
The comparison is so stupid (Score:4, Insightful)
Google pushed a modification to its own browser with its own feature set. There is literally never an explicit consent asked for individual features of software and there never has been. Even back in the days of ticking checkboxes during installs they only offered you a small selection of what a programmer decided to ask if you wanted included.
Claude Desktop is modifying *other* software without consent. Honestly the comparison here and the complaint about Google is not only is stupid, it sort of makes me think less of Alexander Hanff and his entire world view.
Congrats Alex, I'm on Claude's side now (I'm not really, I agree with the authors original assessment on Claude, I just wonder if he had a stroke in the past week), is that what you wanted with your dumb arse attempt at a shock article?
LOL (Score:2)
That's fucking hilarious.
EULA? (Score:2)
Chrome? (Score:2)
Re: (Score:2)
I can't believe people still use Chrome given that there are other options available. I guess the general public is still stuck in the IE6 era.
Sadly, here's basically the scoreboard:
--Google Chrome
--Microsoft Chrome (Edge)
--Apple Chrome (Safari)
--Chinese Chrome (Opera)
--Crypto Chrome (Brave/Vivaldi)
--AI Chrome (Comet)
--Firefox
--Not-Firefox-Firefox (IceWeasel, Palemoon, Waterfox, etc.)
And, while I prefer Firefox myself...the fact is that web developers hated the drudgework of having to work in anything but a browser monoculture...and Google wanted the browser to be an OS unto itself, which is why the browser has hooks into everything else - overwri
Re: (Score:2)
Re: (Score:2)
The problem with Firefox is that it's better at detecting spyware, via plug-ins: Corporations don't want their customers doing that. Which in turn, means many corporations can't avoid Chrome in their own computers because their computers use someone else's servers.
Another consequence of blocking spyware, is that Firefox (extension) settings need to be tweaked as corporations put new versions of spyware in their web-pages. S
It's still spyware (Score:2, Interesting)
What's the bill when half a billion people download a 60GB game? Let's remember that Google demands those 2 billion computers update Chrome every 6 weeks: Mostly, for UI tweaks, not security and privacy. We're all turning a blind eye towards the environmental cost of our favourite tool and toy.
Chrome does not surface it.
It's getting difficult to tell the difference between "free product" and malware. Google isn't doing this out of kindness, they're doing it to make the user, well the user's data, into the product. This is the lo
U2 Google? U2? (Score:2)
Who remembers how people went apeshit when Apple downloaded the U2 album onto their iPod with asking?
How will people react this time?
They should compensate us. (Score:2, Interesting)
If they're going to use 4gb of my storage, they should extend my Google Drive account by 4gb then.
Corrupt it instead? (Score:2)
Don't delete then file, then. Just remove the first X bytes, corrupt then file and see what happens.
Use a Chromium alternative like Brave (Score:2)
Re: (Score:2)
I installed a web browser 15 years ago, and now it's doing crazy shit.
Re: (Score:2)
Re: I installed software... (Score:2)
Re:I installed software... (Score:5, Interesting)
A lot of companies limit AI model access. That means Google doing this in secret is considered a huge InfoSec red flag. At least one company I know will have Chrome ripped off ALL corporate assets (computers / phones / et al.) by the end of this weekend. They will then ask Google for a version that will NEVER install the AI software without central approval. Google says no? No Chrome on corporate assets.
They have contractual requirements that cannot be avoided.
Re:I installed software... (Score:4, Informative)
Re:I installed software... (Score:4, Insightful)
Hijacking this to say that TFS is fucking trash. Half of TFS is about some completely unrelated bullshit and a quarter of it is on the environmental cost of this, with no sensible technical details included other than half a filepath. No hints as to how to disable it. Just whining.
TFA is not much better. Lots of stuff that nobody fucking cares about. Instead: give us the summary of why it is there, how to disable it if that is possible and what side effects that may have.
Re: (Score:3)
> Lots of stuff that nobody fucking cares about.
Says you, IMHO, companies do need to give a shit about the environmental impact of the software they create (not to mention power consumption). If your reach is 10 people, then maybe don't worry too much, but if your reach is *billions*, then yes, you definitely do need to think about it. Just because we've suffered Microsoft's incompetently inefficient crap for decades is no reason to perpetuate it. If an oil company can be hit with the carbon cost of what
Re: (Score:2)
Re: (Score:2)
And for home users, people who don't know what GPO is let alone have access to it? They're just screwed, aren't they?
people who don't know what GPO is (Score:2)
Dyslexic Republicans?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
"you can disable this via flags or GPO "
Until they turn it back on.
Re: I installed software... (Score:2)
There is an issue of trust though. How do you know Chrome is not going to install another of these in the future, without asking for consent? This should be opt-in or not at all, and the fact that it isn't tells every company how much they can trust Google.
Re: (Score:2)
Re: (Score:2)
Saying "you can disable this with flags or GPO" after the fact is unacceptable.
Re: (Score:2)
Re: (Score:2)
Let's be brutally honest and say Google is the first, and they expect defense from people like yourself. You make it easier to offer a half-hearted apology.
Re: I installed software... (Score:3, Informative)
Re: I installed software... (Score:2)
Except you can't trust that Google's browser isn't snitching anyway, so no, it's really just a way for Google to keep you using their service without having to process your tokens
Re: (Score:2)
if you think google isn't main-lining AI usage in Chrome, even local, you're delusional.
Re: (Score:2)
They limit cloud (AI) access for privacy reasons. A local model is exactly what they wish for as replacement. The problem is not the AI, but data leaving the device.
Re: (Score:2)
"the problem is not the AI, but data leaving the device."
I give you MS Recall.
"It doesn't leave the device!"
But it is available for any other process to send it off device.
Re: (Score:2)
I am not talking about Recall here, but about local LLM and how they enable you to have data not leaving your device.
Re: I installed software... (Score:3)
A lot of companies limit AI model access. That means Google doing this in secret is considered a huge InfoSec red flag. At least one company I know will have Chrome ripped off ALL corporate assets
Most companies limit access to online services and untrusted software, not "models". I'm sorry but this is such a twisted take on things, like twisting the removal of Java from desktops into "limiting access to virtual machines". It's not even wrong.
And ... chrome the free web browser that makes no money from your business. Go ahead and vote with your wallet on that one. Ow, this thread is testing my eye rolling limits.
Re:I installed software... (Score:5, Informative)
Not true. I found the file, having not installed the Gemini extension.
I disabled the flag #optimization-guide-on-device-model then deleted the weights file. So far the flag has stayed disabled, but the file has been reloaded.
This is not installing software. It is force-feeding software not asked for, not wanted and in fact totally repudiated.
Re:I installed software... (Score:5, Informative)
In Chrome, Settings->System then toggle off the Local AI option and it won't be reinstalled.
At least on Windows. I'm wondering if the file is on Android Chrome as well....
Re: (Score:3)
I have done none of those things and it was still on my machine.
What is this "gemeni" (Score:5, Funny)
I don't know, I was born in October, so I use the LibreWolf browser, not Chrome.
Re: (Score:2)
Gougles AI moddel
She agreed to have sex with me once (Score:2)
I really do feel sorry for the women within 50 miles of every single techbro.
Re: (Score:2)
Re: She agreed to have sex with me once (Score:3, Insightful)
It's the techbros who don't understand it, obviously. You agreed to install one thing, they took it as permission to install another thing. Conversely, they also offer to support you, then they release the same product under another name and tell you to go fuck yourself. That shit is fucked both coming and going and you're here to defend it.
Re: She agreed to have sex with me once (Score:2)
You are replying to a troll who thought he just delivered a knock-out punch zinger. He will not understand any argument premised on ethics.
Re: She agreed to have sex with me once (Score:2)
Don't worry, I have no illusions about reaching him. This ain't my first rodeo where he's the bullshit
Re: (Score:2)
How did you arrive at that conclusion?
Re: She agreed to have sex with me once (Score:2)
Might makes right cuts both ways, cry about it.
Re: (Score:3)
No dummy, that's what "install" means.
But you'd think the idiots at Google would understand that when a user manually removes a file, it means they don't want it (that's called "uninstall", since you're obviously clueless), and they've done so because there's no way to do it otherwise, and they weren't asked if they wanted that in the first place, since it's not directly involved in the primary purpose of the app being installed (the browser), or even of any of the other 7 procducts that are equally unrelated.
But as usual, the typical employees
Re: (Score:3)
Re: (Score:2)
But you'd think the idiots at Google would understand that when a user manually removes a file, it means they don't want it (that's called "uninstall", since you're obviously clueless)
I really hope you don't consider removing a file the same as uninstalling. Be careful what you call clueless.
Re: (Score:2)
But you'd think the idiots at Google would understand that when a user manually removes a file, it means they don't want it (that's called "uninstall", since you're obviously clueless)
I really hope you don't consider removing a file the same as uninstalling. Be careful what you call clueless.
Nice of you to conveniently leave out the important part Mr. Clueless:
Re: (Score:2)
Re:I installed software... (Score:5, Informative)
You install software X, but without asking you software X silently installs additional software Y that is not necessary for software X to function, and if you try to remove software Y it gets re-installed without asking or alerting you.
We'd call that a trojan malware in any other context.
=Smidge=
Re: (Score:2)
You install software X, but without asking you software X silently installs additional software Y that is not necessary for software X to function
And they silently install additional software Y a decade after you installed software X. You installed software X many years before software Y even existed.
Re: I installed software... (Score:3)
And they silently install additional software Y a decade after you installed software X. You installed software X many years before software Y even existed.
They silently installed a spell checker at some point. A canvas and drawing API. A native JIT compiler. A WASM VM. I know we didn't scroll through a change log and hit an accept button at the bottom, that is not how software updates work.
But this has us clutching pearls and talking about the environmental impact of the download. Can anyone convince me this isn't picking something you want to be upset about and working backwards. Hate "models" all you want, but don't try to rationalize it so poorly.
Re: (Score:2)
They silently installed a spell checker at some point.
They've had a spell-check feature since the first release. They added "enhanced" spell-check in v28.
A canvas and drawing API. A native JIT compiler. A WASM VM.
Yeah. Stuff users actually want their browser to be able to do. Again, (other than the WASM VM) stuff that's been there since the first release.
And of course, none of that crap is four gigabytes per user.
Re: (Score:2)
They silently installed a spell checker at some point.
They've had a spell-check feature since the first release. They added "enhanced" spell-check in v28.
A canvas and drawing API. A native JIT compiler. A WASM VM.
Yeah. Stuff users actually want their browser to be able to do. Again, (other than the WASM VM) stuff that's been there since the first release.
And of course, none of that crap is four gigabytes per user.
Honestly thank you for the reminder V8 is that old, but we could play this game with Firefox, or any large software project for that matter.
Enhanced spellcheck, literally sent to the cloud and processed by a spelling m.. mmm... moo. Mo mo. A spelling mode... el...?
A drawing API, for GAMeS, on my business softwares?
Assembly, like what hackers use?
We can play the what users want game all day, but the mental gymnastics to say local models are different, it's too much. The long sought after semantic web is here
Re:I installed software... (Score:4, Insightful)
Except it's not "software Y" it's a feature of "software X". The only person who would call that a trojan malware is someone who has no idea what either a trojan is, or malware is.
I honestly don't know why Slashdot is being so stupid about this. Google is including AI features in its browser. Would you prefer it to send all requests to their servers instead? Is that the kind of thing you want? If you're going to say you don't want the feature in the first place then pick another browser. Software is and always has been provided as is. You've never had a say in what features it ships beyond using open source software, forking it, and compiling it yourself under your control.
Re: (Score:3)
We're explicitly talking about a local run model, this is the one case where it isn't doing any spying, dumbarse
Re: I installed software... (Score:2)
Now that more people know what the installation entails, fewer will be inclined to press that button.
Why you find it upsetting that an article would bring to light extraneous installations in one of the most widely distributed pieces of software is beyond me. Seems newsworthy to me.
Re: (Score:2)
Wait till they realize that is not the only model.
C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\OptGuideOnDeviceModel\2025.8.8.1141\weights.bin
"name": "Optimization Guide On Device Model",
"name": "v3Nano",
C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\OnDeviceHeadSuggestModel\20251015.822788937.14\cr_en-us_500000_index.bin
"name": "OnDeviceHeadSuggestENUS500000",
C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\optimization_guide_model_store\2\???
Re: (Score:2)
But, since it's Google, "it's evil".
Congratulations, you finally figured it you - good little bot!
Re: (Score:2)
Re: (Score:2, Interesting)
> Would people be complaining like this if Mozilla added some new feature that inflated the disk consumption? No. Only if it further slowed Firefox.
seriously? of course firefox users fucking complained. That's why the mozilla had to add their AI kill-switch after they got caught auto-adding AI.
Re: (Score:2)
Did they "auto-add AI"? My impression was that they were starting to look at doing this - but not on this scale - but realised pretty much from the start that a lot of people did not want it so they offered an Opt-Out.
btw, this 4GB won't be a one-time "thing", there will be bugs found and updates provided.
Re: (Score:3, Informative)
>"seriously? of course firefox users fucking complained. That's why the mozilla had to add their AI kill-switch after they got caught auto-adding AI."
No. Mozilla never "added AI". They added the ability to optionally hook Firefox into third-party AI systems (with the default on). And there was ALWAYS AN OFF SWITCH. It just wasn't in the main settings, it was under about:config. Then they later added in the main settings as well.
It never downloaded or installed any AI system. Very different.
Re:What A Whiny Little Bitch (Score:5, Funny)
I think we found the dev behind this.
Re: (Score:2)
Mod parent funny.
Also funny that I don't really blame the google for going all EVIL on us? If the once-proud google doesn't grow like a cancer then they will get eaten by a bigger and meaner corporate cancer. Small honest profits are no excuse and no defense against a suitably leveraged buyout.
Re:Consent? It's a file copy (Score:5, Informative)
When you install software, you can see how big it is, in some OSes/installers you are prompted if that's okay, if you want to enable/disable optional bits, etc. When you install Chrome, it's a certain size to get a web browser.
However, at some indeterminate point later, when you RUN Chrome, it downloads a chunk of data (that's not a browser) that's as big as (or bigger than) the initial browser install. It does this per user on a multi-user system. It does it with no prompting or notification. For a home user, this could be annoying (I discovered this right when it started last fall because it exploded my backups); for a corporate (or especially government) environment, this is unacceptable behavior.
This would be like installing Solitaire, and while you're playing it installs Excel in the background.