back to article Cookie clutter: Chrome saves Google cookies from cookie jar purges

If you tell Google's latest version of Chrome to delete all of its cookies – surprise, you may still end up with Google cookies on your computer. Christoph Tavan, CTO of publishing biz Contentpass, pointed out this week that when netizens tell the browser to remove all cookies from their machines, Chrome 69 keeps users logged …

  1. Paul Herber Silver badge

    Chocolate Teapots come to mind ...

    1. Anonymous Coward
      Anonymous Coward

      China Teapots come to mind too...

      From here:

      https://www.theregister.co.uk/2018/09/24/google_chrome_auto_login/

      ________

      To here:

      https://www.theverge.com/2018/5/17/17344250/google-x-selfish-ledger-video-data-privacy

      ________

      To here:

      https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales

      ________

      Final Destination:

      https://neweconomics.org/2018/07/whats-your-score

  2. Si 1

    Why do people still use Chrome? It’s just a massive piece of spyware, I keep all of Alphabets domains (that I know of) permanently blocked.

    1. K

      "Why do people still use Chrome?"

      Because people would prefer to believe that Google is benevolent and a charity... rather than commercial business, also there was a time, when Google was the up-start underdog and could do no wrong. They've managed to continue playing this role quite well, but it's gradually wearing away!

      The only thing that has kept me using Chrome was the convenience of Chrome Remote Desktop, but Google have now released a HTML5 interface for that, so now I'm tossing up between Firefox and Vivaldi - But i do wonder if they are secretly recording my sessions!

      If I'm honest, with all the Cambridge Analytics fiasco and Android's Location tracking fiasco - Things are starting to creep the sh*t out of me! Won't be long before I do buy a tin-foil hat..

      1. Rich 2 Silver badge

        Re: "Why do people still use Chrome?"

        What I don't understand is why tech-savvy people who KNOW chrome is a big ball of spyware still use it.

        Ditto for facebook

      2. jmch Silver badge
        Unhappy

        Re: "Why do people still use Chrome?"

        "The only thing that has kept me using Chrome..."

        for me it's that only 2 browsers allowed at work - Chrome and IE

      3. Mike Moyle

        Re: "Why do people still use Chrome?"

        "Won't be long before I do buy a tin-foil hat.."

        Buy?! But then they'll know you have one!

      4. bombastic bob Silver badge
        Meh

        Re: "Why do people still use Chrome?"

        if you have an android device, it's a bit difficult NOT to use chrome [in one form or another].

    2. Captain Scarlet

      In the case of my mum, it runs Farmville (Yes its Flash) better than Edge, everyone else they didn't uncheck the chrome install packaged with a random free piece of software.

    3. JetSetJim
      Paris Hilton

      It would be nice if there was a browser which allowed you to easily whitelist particular site cookies so that a general cookie clearout doesn't have you reaching for the numerous post-it's dotted around with site logins that you need.

      Suggestions?

      1. Dan 55 Silver badge

        Doesn't clearing cookies at end of session but setting up a cookie exception list on Firefox do that for you? (If it's still there in v62.)

        Also, Safari 12 seems to have finally got cookies worked out (a different cookie jar for every site). Hopefully this will catch on with the rest.

        1. DropBear

          "Doesn't clearing cookies at end of session but setting up a cookie exception list on Firefox do that for you?"

          Not sure what exactly that ended up doing, but when I last checked Firefox allowed you to do absolutely whatever you wanted with cookies except keeping a select few and deleting everything else. Exceptions was definitely not doing that. I'm still looking for an add-on that would do this, seeing as how the myriad cookie handling add-ons that seem to exist for FF sent my head spinning when I tried figuring out which one would let me nuke absolutely all cookies on each exit except the explicit per-site ones I want to keep, in the simplest one-click way possible.

          1. Dan 55 Silver badge

            In Options > Privacy, if 'keep until' is set to 'you close Firefox', all cookies apart from those set to allow in the exception list get deleted when you close Firefox. This is the only way to do it, I think.

            If you additionally have 'Clear History when Firefox closes' ticked and have 'Cookies' ticked in the window which opens when you click the settings button on the right, all cookies get deleted in spite of the exception list.

            And if you clear cookies in History > Clear Recent History it also won't take notice of your exception list.

            At least that's the theory.

      2. Spazturtle Silver badge

        Sounds like you want Firefox's 'first party isolate' feature that can be enabled in about:config. It gives each site it's own cookie jar and cache, preventing cookies from being used to track you across sites and restricting them to their original purpose (of storing logins and settings). And Firefox's new content blocker will blocks tracking scripts and cookies that's only purpose is to track you.

        1. Dan 55 Silver badge
          Thumb Up

          I didn't know 'first party isolate' was a thing in Firefox (it's not shown in the settings). Now I do, I'll enable it.

    4. vtcodger Silver badge

      "Why do people still use Chrome?"

      Because some websites won't work right with other browsers? I don't use chrome myself, and put up with a lot of websites not working very well although I do use a lot more profanity than I used to. My perception is that between security issues, javascript, vendor misbehavior, government misbehavior, and miscellaneous lunacy, the Internet is rather closer to total chaos than most folks realize. But maybe I'm wrong. I am sometime.

      1. Anonymous Coward
        Facepalm

        "Because some websites won't work right with other browsers?"

        You mean Chrome is the new Internet Explorer?

        It wasn't a good reason to keep on using IE, though...

      2. Dave 15

        come now

        By the time Microsoft has sent your data to the Americans, that porn virus has copied it to everyone else, what the browser does is a bit of a waste. If you think that your android or apple are any better I wouldnt put a penny on it. Heaven only knows what goes on in the code of linux either... yeah, we may know about the kernel but what about the other stuff wrapped up in that distribution or the apps you need

        Governments dont want the plebs to get together and find out how much the rich are getting richer and more powerful while the plebs are shafted, after all its the rich that fund them

    5. DropBear

      "Why do people still use Chrome?"

      Why, what would you do when neither Palemoon nor Firefox ESR 52 can coax any sign of life out of Yet Another Website no matter where you click? Happens at least once a day, btw. Funnily enough not a single one of these rejects ever failed when trying again in Chromium. It's a must have I use for nothing else unless a site fails, but I very much need it nonetheless.

      1. Dan 55 Silver badge

        Why, what would you do when neither Palemoon nor Firefox ESR 52 can coax any sign of life out of Yet Another Website no matter where you click?

        Switch to Waterfox. There's also Vivaldi and Opera.

        1. DropBear

          "Switch to Waterfox. There's also Vivaldi and Opera."

          Thanks for the Waterfox tipoff - I swear I saw it before but apparently I managed to forget about it somehow. As for Opera, I used to have that as another fallback as well, but ever since it has been bought by China I'm not all that keen on using it. As for Vivaldi, I definitely checked it out at some point but the UI was way too weird for someone like me who still refuses to use the title bar as a menu and thinks of flamethrowers and chainsaws at the sight of any "hamburger" button.

      2. Anonymous Coward
        Thumb Down

        "what would you do when neither [...] sign of life out of Yet Another Website"

        Ignore that site, which was obviously created by morons, and move to something else.

        1. bombastic bob Silver badge
          Unhappy

          Re: "what would you do when neither [...] sign of life out of Yet Another Website"

          ack on the 'Ignore that site' - and I also 'ignore that site' for anything that uses nginx and returns 'Forbidden' because I'm running 'noscript'.

          As far as I can tell, the 'nginx "Forbidden"' problem is due to one or more cloud services front-loading a 301 or 303 re-direct with script in the header, which then fails because you have 'noscript' running. Not only is it *INCREDIBLY LAME* it's *INCREDIBLY IRRITATING*. Web authors that write such [expletive deleted] DESERVE the cat-5-o-nine tails, the cluebat, AND a nice long tongue lashing from an El Reg commenter with a really good vocabulary.

          [and because it's always nginx involved, I will *NEVER* use their application, nor recommend it, because as far as I'm concerned, it's "noscript" hostile]

  3. Shadow Systems

    Just wondering...

    If you fire up a ChromeBox but don't connect it to a network, can you then go into the file system & alter the properties of the cookies folder to be Read Only? Would that stop the thing from writing cookies at all, or would it just find somewhere else to store them? Or would it pull a Microsoft & just ignore your settings in favor for its own the next time it went online, downloaded updates, & "accidentally" negated the RO setting?

  4. kain preacher

    Makes edge look exciting

  5. Nolveys
    Big Brother

    The Fonz Vs The Sharknado

    Back in the early zeros Google could do no wrong. Their services were excellent, sometimes even revolutionary. They generally seemed to act with some measure of morality, or at least not in the despicable way that typified most of the rest of the computing industry.

    Then they jumped the shark.

    Now we have deteriorating services, increasingly shady practices and slime-ball antics. Just a few short years ago an article like this would come out only once or twice a month. Now it's every day, and the "creepy asshole" factor is through the roof. The rate of decay is accelerating.

    If you work in anything web-related then Google is almost completely unavoidable. Many platforms have hard dependencies on Google Maps and Google tracking services. This doesn't seem to be getting better as it becomes more and more blatantly obvious what Google is really about.

    Google has already turned into a creepy nightmare from hell. I really don't want to think where we will find ourselves in ten years time.

    1. This post has been deleted by its author

      1. Anonymous Coward
        Anonymous Coward

        Re: The Fonz Vs The Sharknado

        Brin e Page had an excellent search engine, but not a way to make money from it Schmidt was brought in from investors because he is the heartless executive you need to make the company a money machine - he's the "adult" in such sense.

        He's been also very effective is building a Google Propaganda Machine to paint the company as the "good one" against the evilness of Microsoft & C, brainwashing many people while throwing some free bones at them.

        It looks it was exactly only paint, and it's crumbling apart. Let's see how long before an antitrust and privacy investigations start...

  6. nematoad
    Unhappy

    Yep.

    Having read the above article I checked my cookies, which is something I do regularly especially with anything from Google, and lo and behold there was a Google nasty sitting there. Now I don't use Chrome or anything else from Google so it has me puzzled as the where it came from. Maybe a drive-by from a site associated in some way with these characters?

    As I use Palemoon I was able to deep-six it immediately.

    Turds of the first water.

  7. Anonymous Coward
    Anonymous Coward

    Cry "Margrethe Vestager!"...

    ...and let slip the dogs of war!

    Any previous resistance to GDPR that I once possessed is now spent. Nail these creepers.

    1. bazza Silver badge

      Re: Cry "Margrethe Vestager!"...

      Quite. This is yet another reason for the European Commission to get its teeth into Google, who really don't seem to be learning that the damage being done by all these negative findings will accrue.

      Also how long before Samsung et al decide that shipping Android infected with Google's stuff is damaging to their business? Google free Android sounds better and better.

  8. Ucalegon
    Coat

    When I consume a Chocolate chip cookie I don't expect to poop undigested chocolate chips.

    1. Shadow Systems

      At Ucalegon, re: cookie poop.

      You also don't expect it to be laced with Picolax.

  9. Dan 55 Silver badge

    Who's moved the creepy line?

    Seems Analytics, web fonts, Adwords, Doubleclick, Captcha, DNS, Android location services, Play Services, and their Android apps aren't enough. *

    The aim is to get a unique user ID for everyone and to use Chrome to do it.

    * I've probably missed something.

  10. Adrian 4

    This is why I don't use Chrome. Having both the web service and the application from the same source of moral turpitude is unreasonably trusting.

  11. Tim99 Silver badge
    Big Brother

    Its Google (again)

    This is what they do. Why are people surprised? (Yesterday's post)

    Hopefully this still works - About 3 years ago when I looked after some Windows PCs for a seniors computer club, I found that the only way to clear out Chrome was to delete the:-

    [X:\Users\*User*\AppData\Local\Google\Chrome\User Data] folder

  12. onefang

    "and has pressured its own advertising clients to be more transparent about their own cookie policies in the past."

    Ah, do as I say, not as I do.

  13. Anonymous Coward
    Anonymous Coward

    G$$$$$$$$gle

    Sell outs

  14. Anonymous Coward
    Anonymous Coward

    concerning to privacy-conscious users

    But any of them, if really conscious, would never use anything from Google...

  15. Anonymous Coward
    Anonymous Coward

    Just checked....

    OS: Fedora28, kernel 4.18.9

    Chrome: Version 69.0.3497.100 (Official Build) (64-bit)

    *

    google-chrome/Default folder: SQLITE3 database called Cookies -->> Empty

    google-chrome folder: SQLITE3 database called Safe Browsing Cookies -->> Empty

    *

    ....but then -- I have NEVER logged into either Chrome itself, or into one of the Google services.

  16. pavel.petrman

    Case for a new Marx

    This time it won't be labour, it will be personality (or, euphemistically, personal data). New movements, new fights for data-welfare state, new iteration of communists insisting on all your base personal data, photos, location info etc. are belong to us - and the iron curtain after the war. The whole package. With a bit of luck, our generation (I'm 30) will still be able to have a bit of fun before the storm comes.

    I've had this though for the past four or five years and Google et al. are doing their best to prove me right, which is very sad indeed.

    1. Anonymous Coward
      Big Brother

      Re: Case for a new Marx

      Just, Google & C. understood from 1984 what proles want - they're giving them aplenty (especially YouTube), so they won't turn against the Big Brother.

      1. Uncle Slacky Silver badge
        Big Brother

        Re: Case for a new Marx

        > Just, Google & C. understood from 1984 what proles want - they're giving them aplenty (especially YouTube), so they won't turn against the Big Brother.

        Indeed: https://en.wikipedia.org/wiki/Prolefeed

    2. bombastic bob Silver badge
      Meh

      Re: Case for a new Marx

      considering that Marx and Engels were complete morons, but their B.S. "manifesto" was believed by enough clueless people to get MILLIONS KILLED (and BILLIONS oppressed) because of it, makes the idea for a 'new Marx' sound pretty bad.

      How about some reasonable anti-trust laws applied directly to Google instead? You know, don't allow the source of an operating system to strong-arm you into using ONLY its services from end to end...

      This was tried with Micro-shaft a while ago, like during the 'browser wars', but for some reason it wore off. maybe it's time to resume the countdown... for a 'duopoly' between MS and Google is as bad as a monopoly when both of them do THE! SAME! DAMN! THING!

      Google+Chrome+Android

      - or -

      Bing+Edge+Win-10-nic

      choice. wheee.

  17. VinceH

    Optional

    Again, Google's new slogan should be something like "We're Google. We don't take no for an answer."

  18. Mystic Megabyte
    WTF?

    A couple of years ago they were going to label my YouTube uploads with my real name. I had to alter my name in my Gmail account.

    1. Anonymous Coward
      Anonymous Coward

      Did you not have a normal YouTube account?

      Whilst they did basically create a new YouTube account using my Google account a few years back, and tried to get me to use that rather than my YouTube account, I simply ignored it and continued to use my pre-existing YouTube account, which is still working quite happily today.

  19. Test Man

    Google are going to reverse this in Chrome 70 - https://www.blog.google/products/chrome/product-updates-based-your-feedback/

    I find this behaviour weird - if I want to clear all cookies, I'm explicitly asking it to clear ALL cookies including Google ones, so I expect to be logged out of everything. What issue did they think they were solving by keeping Google cookies persistent?

    If they want to give the option of the user keeping Google cookies persistent while deleting everything else, they simply need to produce a better cookie deletion interface that lets people delete individual groups of cookies instead of users having to rely on the Inspector to do it.

    1. David Nash Silver badge

      Not defending them but wondering, this happens so often that I wonder if they are evil or just blind to what users really want.

      Do they think, "heh heh, we will keep them logged in so we continue to track the unsuspecting users" or do they think, "poor users would be logged out of Google, nobody wants that, we had better keep those cookies"?

      Could it be that they think they are being helpful rather than creepy?

      1. Anonymous Coward
        Anonymous Coward

        No, they just try how much slurping their usersproducts can sustain before switching to a different browser.

      2. vtcodger Silver badge

        "Do they think...?"

        Most likely thing is that they don't think at all. I would guess that every personal computing device at Google is permanently logged into a wide variety of Google services. It'd be aggravating if they had to log back in constantly, so they don't clear their own cookies. The notion that folks outside of Google might not want to be logged into all that stuff permanently probably never crosses their minds. That's the way large organizations tend to work.

  20. Steve Jackson

    Don't be evil, just our kind of evil

  21. Harry Stottle

    Sandboxie is your friend

    First line of defence for me and most of my clients.

    This particular issue is trivial for SB users. If you've set the relevant sandbox to delete on exit, whatever google et al have dumped onto your machine (cookie caches, profiles, unwanted updates, plugins etc etc) all evaporate on exit.

    More important than that, in the ten years or so since I started bullying my clients into using it, it has caught and prevented at least a dozen ransomware attacks and several dozens other malicious attempts to infect users. Typically, the ransomware will exhibit its normal behaviour (eg lock screen with warning that your hard drive has been encrypted and you need to pay bitcoins to this address to recover blah blah) and my client calls me in a panic. The usual fix is "right click on the Sandboxie icon and choose terminate all programs". Threat and sweat eliminated instantly.

    It's also particularly good for testing out software that you're not sure you can trust. Install it into its own sandboxie (which you set NOT to delete on exit) then run as normal. If it does anything suspicious, it can't cause harm outside the box.

    Unscrupulous users have suggested that it's also a good way to run "30 day trial" software forever (delete on expiry, rinse and repeat) but you didn't hear that from me.

    The only downside is that it is so good at preventing change that you have to remember to disable the Sandbox to permit those changes you actually want (like browser updates, adding plugins etc)

    I would say it has prevented far more damage than all my other routine defences put together (firewalls, av, anti-keyloggers, etc)

  22. Stevem278

    Don't log into Google then

    No one is forced to log in, or to use Chrome for that matter. Free stuff is never really free.

  23. Anonymous Coward
    Anonymous Coward

    Chrome v Firefox

    I don't use Chrome if I can avoid it, but the latest release of Firefox has borked it to such an extent that pages can take 10x or 20x times longer to load than in IE - I can set both browsers pointing to the same site and Firefox just hangs there long after IE has finished.

    Oh, and I note that Google has started aggressively hobbling their response to IE 11, making the Google homepage look like some homage to Netscape 1, at least on some machines.

    Basically, a pox on all their houses.

    1. Anonymous Coward
      Anonymous Coward

      Re: Chrome v Firefox

      Why are you still using IE 11 for anything on the Internet?

      It's a dead product, with no new updates other than critical bug fixes, was replaced by Edge back in 2015, and was only included on Windows 10 for compatibility with 'old' intranet sites.

      No one should be using IE as a daily browser for anything on the Internet at all. I doubt the likes of Google bother testing their web sites against IE, due to it being a dead product!

  24. adam payne
    Coat

    Use Google services and get tracked, who'd have thought that </sarcasm>

  25. matjaggard

    How is this even a story

    Button that tells you what it does, does what it says it will. Shocker.

    It deletes all your cookies and the logs you back in like it promises too, how is this a problem? Surely anyone who cares is not logged in to a Google account anyway?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like