| ▲ | cosmotic 5 days ago |
| This popup should be criminal. Ive misclicked the signin button multiple times, causing PII to be sent to a third party I dont trust without my authorization. |
|
| ▲ | TheMiddleMan 5 days ago | parent | next [-] |
| Don't worry about misclicks, Google already tracked your visit when the webpage was loaded. Google One Tap works via a script tag from Google servers: https://developers.google.com/identity/gsi/web/guides/displa... |
| |
| ▲ | 5 days ago | parent | next [-] | | [deleted] | |
| ▲ | jibe 4 days ago | parent | prev [-] | | The bad thing is not sharing the info with Google (you are right, just by siing it, Google has your info), but the random third party website. |
|
|
| ▲ | qrobit 4 days ago | parent | prev | next [-] |
| FWIW, these uBlock Origin rules solve the ploblem: ||accounts.google.com/gsi/iframe
##iframe[src^="http://accounts.google.com/gsi/iframe"]
##iframe[src^="https://accounts.google.com/gsi/iframe"]
##iframe[src^="//accounts.google.com/gsi/iframe"]
###credential_picker_container
source: https://stackoverflow.com/a/78429389. Last rule is from me since popup was invisible but still blocked the content underneath. |
| |
| ▲ | avel 4 days ago | parent | next [-] | | Good information, but you can already turn this off via the (quite hidden, I admit) setting that is mentioned in the article. That's a better way to turn this off completely, rather than patch it via a visual rule. | | |
| ▲ | Quin-hacker 4 days ago | parent | next [-] | | Brave browser does not have an option to turn it off but uBlock Origin custom filter works. In the Brave community the only solution offered was an adblock filter:
brave://adblock (custom filter) ||accounts.google.com/gsi/client$script,third-party https://community.brave.com/t/annoying-login-with-google-pop... | |
| ▲ | cormorant 4 days ago | parent | prev | next [-] | | The article mentions a setting in Chrome only. Someone using uBlock Origin is not using Chrome. | |
| ▲ | metadat 4 days ago | parent | prev [-] | | Either way it's something you'd need to go out of your way to configure any time you interact with a new web browser. And both ways can be disabled randomly (Chrome settings changes during browser updates, or uBlock extension being deprecated). |
| |
| ▲ | smileybarry 3 days ago | parent | prev [-] | | The irony of getting that popup on Stack Overflow when I clicked that link |
|
|
| ▲ | rs186 5 days ago | parent | prev | next [-] |
| Blocked this using uBlock since years ago. |
|
| ▲ | montag 5 days ago | parent | prev | next [-] |
| I hope the PMs are reading this thread. They misjudged the tradeoffs |
| |
| ▲ | soraminazuki 4 days ago | parent [-] | | If teaching ethics to big tech worked, this would've ceased to be a problem more than a decade ago. |
|
|
| ▲ | sneak 5 days ago | parent | prev | next [-] |
| Delete your Google account and this won’t happen. |
| |
| ▲ | nuker 5 days ago | parent | next [-] | | It happens a lot regardless of browser and accounts and incognito. It just pops up everywhere. | |
| ▲ | legends2k 4 days ago | parent | prev [-] | | I haven't signed in to my Google account since browser install but I still see it in StackOveflow. |
|
|
| ▲ | ajross 5 days ago | parent | prev | next [-] |
| [flagged] |
| |
| ▲ | throwawayqqq11 4 days ago | parent | next [-] | | Just throw in only a date of birth and you have only all you need for identity theft. Besides, email is usually enough to cross reverence with other benign data troves. But there is no way any reseller could possibly profit from that. Really no reason to be overly paranoid about. | |
| ▲ | cosmotic 5 days ago | parent | prev | next [-] | | > Name and Email Yes, both are PII, which is highly regulated in EU and CA (among others I'm sure). If these knowingly "leaked" in a data breach, the company which leaked them would be legally obligated to notify me. Sounds pretty serious to me. | | |
| ▲ | ajross 5 days ago | parent [-] | | [flagged] | | |
| ▲ | MiddleEndian 5 days ago | parent | next [-] | | But it's a similar concept. If someone accidentally gives some website their name + email, they could be part of a leak for some service they don't even use. People probably care less about Tea in particular because they've never heard about it before the data leaks. | | |
| ▲ | ajross 5 days ago | parent [-] | | "So-and-so used Tea" is clearly not the focus of the coverage of the Tea app leak. Again, let's be explicit about impacts here. You can deploy hyperbole and hypothesis to make anyone a horrifying villain. But if you do that at least be honest about it. Edit to note: the Tea story has now fallen off the front page while this one is still going strong. | | |
| ▲ | dns_snek 5 days ago | parent | next [-] | | > You can deploy hyperbole and hypothesis to make anyone a horrifying villain. Alternatively you can deploy a dismissive attitude and subtle ridicule to make any concern sound silly, no matter how important the issue is to people for a variety of different reasons which you don't seem to be receptive to understanding. And that sort of infighting is certainly many orders of magnitude more fashionable, both on social media and in real life, than people being observant and critical of companies and governments when they find new ways of eroding our rights and freedoms a little bit more than they already have. I sympathize with ~everyone affected by any type of data leak, but I'm only human with limited time and attention. That means I can't actively engage with every single issue that plagues our world, both out of practical, as well as sanity-maintaining reasons. Implying that we're hypocrites if we don't engage with completely unrelated issues before we engage with issues that directly affect us is probably the clearest example of a bad faith argument I've read on this site in a very long time. | |
| ▲ | MiddleEndian 5 days ago | parent | prev [-] | | I guess it's more about the chats there, but swap Tea with Ashley Madison or something. Having your name+email on that leak could be quite bad. |
|
| |
| ▲ | debazel 5 days ago | parent | prev | next [-] | | The only one arguing in bad faith here is clearly you. First, you say that a full name or email is somehow not a big deal, even though these are some of the most critical pieces of PII, either one would obviously be enough to unmask exactly who the person is. And now, because there is some random HN post about a hack that affects a significantly smaller user base than Google's and Chrome's invasive practices and it doesn't have as many upvotes that somehow means this topic isn't serious and that everyone is arguing in bad faith. You either have absolutely no understanding of PII or privacy, and I seriously hope you never work on anything related to it. Or you're just arguing in bad faith, I’m not sure which is worse, to be honest. | |
| ▲ | ceejayoz 5 days ago | parent | prev [-] | | > inarguably much more impactful a privacy issue Except, you know, the volume of users impacted. Tea had a few tens of thousands of users. Google has billions. |
|
| |
| ▲ | WD-42 5 days ago | parent | prev | next [-] | | Yea, the use case is not wanting to be signed up for another stupid “newsletter” I never asked for that’s full of crap I don’t want. | |
| ▲ | jazzyjackson 5 days ago | parent | prev | next [-] | | > most of them are at least slightly criminal Huh ? Not wanting reddit to know my government name makes me a suspect ? | | |
| ▲ | alt227 4 days ago | parent [-] | | Having a 'government name' and calling it that makes you suspicious alone. |
| |
| ▲ | 5 days ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | bigthymer 5 days ago | parent | prev | next [-] |
| I agree that it is problematic. You can mostly block it with the uBlock extension. |
|
| ▲ | breadwinner 5 days ago | parent | prev [-] |
| You can create multiple profiles in Chrome. You shouldn't sign into Google in your main profile. That should be reserved for just one profile reserved for Gmail. |
| |
| ▲ | autoexec 5 days ago | parent | next [-] | | You can also just not use chrome. It's still a problem that shouldn't exist and the blame for that falls entirely on Google and the websites that push google's crap on users | | |
| ▲ | breadwinner 5 days ago | parent | next [-] | | Edge has its own shenanigans. Solution: When signing into Gmail use Edge. When signing int Outlook use Chrome. That way Google/Microsoft can't use your credentials to sign into the browser itself. | | | |
| ▲ | signal11 5 days ago | parent | prev [-] | | Safari seems to have this too, now — especially with the latest iOS 18. Any workarounds would be massively appreciated. | | |
| |
| ▲ | hundchenkatze 5 days ago | parent | prev [-] | | Yes blame the victim |
|
