back to article Microsoft probes complaints of Edge leaking URLs to Bing

You might want to think twice before typing anything into Microsoft's Edge browser, as an apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API. The issue, identified by Redditor HackerMcHackface in the r/browsers subreddit last week, appears to be related to …

  1. Omnipresent Silver badge

    One question?

    What did you THINK was happening? These tech companies are not nice people doing nice things. They are using you. Selling you. Surveilling you. Selling you. Targeting you. It doesn't matter who the tech company is. YOU are the product.

    1. Anonymous Coward
      Anonymous Coward

      Re: One question?

      Haven't they always done this?

      Even way back before Edge when they brought out Bing if you typed in the URL to download Firefox it didn't go to that URL it performed a Bing search

      1. Omnipresent Silver badge

        Re: One question?

        IDK what a lot of folks think has been happening, but it's not nice stuff out there. I can tell you from experience that over exposure is simply putting you, and everything you know, at risk of attack. For goodness sake don't give the internet what you care about. It will came back like a typhoon. It's not exactly private. Grandmas giving the internet your history without knowing might be the greatest mistake of man kind.

        1. Doctor Syntax Silver badge

          Re: One question?

          Grandchildren are just as likely to do that, maybe more so.

          1. heyrick Silver badge

            Re: One question?

            How about trendy parents putting every aspect of their children's lives on mommy blogs...

            1. Joe W Silver badge
              Pint

              Re: One question?

              Blog?

              That carbon dates you... do kids these days even know what a blog is?

  2. Doctor Syntax Silver badge

    " the feature was limited to a subset of social media sites"

    That's not a feature, that's a bug.

  3. druck Silver badge

    FTFY

    If you're worried about Edge leaking every page you visit to Bing, disabling the functionality by navigating to... not using Edge

    1. Jellied Eel Silver badge

      Re: FTFY

      If you're worried about Edge leaking every page you visit to Bing, disabling the functionality by navigating to... not using Edge

      Or just stop using Edge, Bing and Google. Something seems to have changed recently so they don't act as a search engine anymore. Was looking to confirm something earlier and all both Bing & Google would return were a bunch of irrelevant news articles. In some ways that may have been confirmation in itself given I wanted to contrast a Bbc story about political impression with a rumored law change in Ukraine that makes criticism of their government illegal and punishment by up to 7yrs in jail.

      1. Wexford

        Re: FTFY

        The search engines are fine, and that looks like a browser hijack to me, so I'd be running a malware scan.

        1. Dan 55 Silver badge
          Pirate

          Re: FTFY

          The commentard in question has probably been browsing one .ru site too many and now has malware in their software and wetware.

        2. Jellied Eel Silver badge

          Re: FTFY

          The search engines are fine, and that looks like a browser hijack to me, so I'd be running a malware scan.

          I don't think so. I'm using Firefox and suspect it's due to some GPT-style change, rather than just acting as a simple search based on keywords. Kinda why I support the EU and UK proposals to reduce search engine's ability to manipulate results, or explain how/why they're being manipulated and a way to get back to traditional results. I've spent years honing my search-fu since the good'ol days of Alta Vista, and it isnt a good change. In case anyone's interested, I was simply trying to verify this story-

          https://en.news-front.info/2023/04/23/democracy-in-ukraine-5-to-7-years-in-prison-for-criticizing-authorities-on-the-internet/

          which doesn't seem like a very reliable source. So it could just be that site is spreading misinformation. Ukraine's Rada usually good at providing English translations of it's work.

          But that's a lil OT. I've noticed that the OS/search engines have been steadily hijacking and manipulating behavious though. I'm old-fashioned. If I want to search the web, I'll use a search engine. I expect the entry box at the top to do what it's always done. Let me enter URLs. That shouldn't be forwarding or leaking any 'search' terms, just maybe looking locally at the browser history for a match. I have had a couple of attempted hijacks, eg Amazon's been very bad at trying to insert itself as a default 'search engine'. It would seem pointless though to echo URL queries as they're typed given the format of an FQDN. WWW tells you nothing, and it's not until you get to the last bits that you know who the SOA may be.

          1. Anonymous Coward
            Facepalm

            Re: FTFY

            Pro tip: reliable news on controversial topics rarely comes from a .info site.

            1. Joe W Silver badge

              Re: FTFY

              I agree - but they also wrote "which does not seem like a reliable source"...

              1. Jellied Eel Silver badge

                Re: FTFY

                I agree - but they also wrote "which does not seem like a reliable source"...

                Thank you for noticing. It's a lil OT, but also potentially highlights the dangers of browser hijacking and search manipulation. For me, the red flags were..

                .info, which is not necessarily a red flag given the explosion in TLDs and new/independent news channels.

                The lede, ie describing the Ukrainian 'regime', which shows a clear bias (just as some descriptions of Putin or Russia do)

                The use of an image from Telegram rather than linking to either the draft or the enacted legislation on an official (eg rada.ua) website. Or just making it harder to copy & paste terms from the alleged draft into a search engine, or translated versions.

                The draft though does appear to be legit, but not necessarily meaningful given lots of draft legislation in lots of countries never makes it into law. Only curiosity was it was sponsored by Zelensky's party.

                But the changes MS & Alphagoo have made to search makes it a lot harder to 'fact check' this kind of thing, or cite potentially reliable sources. For whatever reason, the results seem to bias very much towards results from news, so favoring secondary rather than primary sources. Also from messing around with some less controversial search queries, El Reg featured prominently in some results.

  4. Ian Mason

    Lack of understanding

    > If you're worried about Edge leaking every page you visit to Bing, disabling the functionality by navigating...

    The author clearly doesn't understand how to use the primary function of edge, which is obviously to download Chrome, Firefox,...

    1. Rich 2 Silver badge

      Re: Lack of understanding

      …. Because Chrome isn’t spyware at all is it?

      No no no no no…..

      1. 43300 Silver badge

        Re: Lack of understanding

        Quite! Chrome is the only mainstream browser which I would trust even less than Edge!

        Firefox and Duckduckgo is my preference. Brave seems pretty good too, and privacy focussed, but given that it's one of the many Chromium browsers I've always been slightly concerned about what Googley stuff might still be lurking in the background.

  5. original_rwg

    Gone soft?

    Calling it a bug. The readers of these pages are unaccustomed to such generosity.

    1. Dan 55 Silver badge
      Devil

      Re: Gone soft?

      Is it also a bug that most of the settings in privacy opt themselves back in from time to time in Edge? I opted out of all the nonsense on the privacy tab in settings about a month ago and checked this morning to my descombobulation and consternation they're all opted in once again.

      The same thing happens in Teams, oddly enough. But once again, only to those toggles which could be considered to be opt-out settings.

      1. M.V. Lipvig Silver badge

        Re: Gone soft?

        Remember those weekly update M$ sends? You gotta check every time now.

  6. Mockup1974

    Monitoring my browser history? That's unacceptable! I'm switching back to Chrome!

    (/s)

  7. Slx

    They don't leak they suck up crumbs like a vacuum cleaner

    It seems to me that for the average consumer, unless you're going out of your way to protect your privacy online, all of these search providers will absorb as much data as possible.

    The one that does my head in is Google accounts remaining logged in when you least expect it.

    I've a work Gmail account and on a few occasions I've been browsing YouTube and next thing ... why is this thing logged into YouTube as my work account?

    It shouldn't log into anything except Gmail if that's all you're using. There's far too much 'oops we just captured all your data. Totally by accident..."

    1. xyz Silver badge

      Re: They don't leak they suck up crumbs like a vacuum cleaner

      Ah, the old "I was browsing naked when I slipped and Edge slurped me" excuse.

  8. Dave559
    Devil

    Office 365 connects to Bing as well

    If you have the misfortune to have to use Office 365, their web apps (which seem to try to connect to a rather terrifying number of MS domains and hosts anyway, although few actually seem to be genuinely necessary - I only allow the minimum of them in NoScript that seem to be just enough to make the web app work), now seem to have started including some Bing hosts in what they try to connect to.

    It is bad enough that supposedly private work documents are being splattered over goodness knows how many MS sites and DBs (yes, some of the hosts used will be for the web app interface code, etc, which is fair enough), but just what is it handing over about your private documents to their search engine, and without explicit consent? Targetted search ads (or worse) based on what you are writing in documents would be very very murky indeed.

  9. DJV Silver badge

    You might want to think twice before typing anything into Microsoft's Edge browser

    It's ok, I never ever type anything into Edge!

  10. Rich 2 Silver badge

    “…apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API”

    How they hell do you write a “big” like this by accident? Infinite monkeys?

    1. A. Coatsworth Silver badge

      This is, no doubt, a new chapter in the ongoing adventures of Rogue Engineer™

    2. David 132 Silver badge
      Happy

      Although monkeys might spell “bug” correctly :-P

  11. Manolo
    Mushroom

    Edge is disgusting

    I have to use it at work because of Office365.

    Every time I open a new tab I get presented with a page full of crap: the lowest common denominator of what people apparently (or according to MS) find interesting.

    Celebrities, influencers, football, Formula 1, cycling, royalty, fashion, questionable dietary advice. None of these hold any interest to me.

    One can click those tiles and choose "do not show content from" or "not interested in this", but go a holiday for a week, or work on another PC and the same crap shows up again next time you log in.

    Say about Chrome what you will, but at least it presents me with an empty tab when I open a new one.

    (On desktop. On mobile it shows suggestions, but they tend to be at least according to my interests)

    1. Joe W Silver badge

      Re: Edge is disgusting

      Interestingly the Edge browser here (company PC) doesn't do that. Maybe it is because we don't use the home version of Windows - or IT has it locked down as good as they can. I need to use Edge becuase of sharepoint (yeah... and we use it like a file system tree, and most of the nice features are disabled, and... I'll not start ranting and brew a cuppa, sorry)

    2. Dan 55 Silver badge

      Re: Edge is disgusting

      Try "Custom New Tab" (set to about:blank) or "Blank Tab" from the Microsoft Edge Addons Store.

    3. GruntyMcPugh

      Re: Edge is disgusting

      New Tab landing page can be set via Group Policy, so I guess simply, your organisation aren't bothering to do that, but we set ours, top open an Intranet and a search page when Edge opens, new tabs open Google Search. If yours isn't set via GPO, you can choose the action.

  12. Anonymous Coward
    Anonymous Coward

    Considering they used an update to re-enable syncing Edge with your Microsoft account, not sure how much I believe this is a bug.

  13. fpx
    Flame

    > Despite offering a wealth of privacy toggles

    See, that's the issue right here.

    Edge is going to spy on you unless you manually go in, find every one of them, and turn them off.

    Of course new privacy toggles are introduced with every update, and existing ones are modified, reverting to "yes of course I allow Microsoft to spy on every web page I visit."

    It's a game of whack-a-mole that those of us with finite time can not win.

  14. navarac Silver badge

    Edge/Chat

    Most searches thru Edge probably go straight to ChatGPT these days!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like