East-Tec Logo
Think Before You Sync! Chrome, Firefox, Opera Sync Multiply Privacy Risks!

Think Before You Sync! Chrome, Firefox, Opera Sync Multiply Privacy Risks!

4 min read

Share on

Do you sync? Me too. I keep myself signed in to my Chrome account on all the PCs I use so when I finish working on my office PC and switch on my home laptop, I can access all my bookmarks, add-ons, history, autofill, open tabs and saved passwords on that device too. (The same goes for sync provided by Internet Explorer on Windows 8, Firefox, and Opera, although synced items may slightly differ in each). A very useful and handy feature, no doubt. But when it comes to privacy, you better watch out for issues browser sync poses, otherwise you run the risk of letting your history, saved passwords, saved credit card details, saved shipping and billing address, login credentials, etc, fall into the wrong hands.

Look at it this way: isn't it hard enough to protect the privacy of all the above mentioned sensitive details on one PC? But when you use browser sync, sensitive details you handle on any synced device become present on all devices you are signed into! In other words, after using browser sync, you need to protect them on every single device you sync.

But what protection do you rely on? I think the most common answer to that question is: an antivirus. OK, it's true that an antivirus can protect your privacy to some degree. But if hackers were able to attack some of the biggest companies they can surely compromise your privacy. There are just too many new ways a virus, malware, spyware, etc. can get into your PC. And if you sync, you have to fight on multiple fronts!

If you use Internet Explorer Sync (on Windows 8 only), Chrome Sync, Firefox Sync, or Opera Link, you simply multiply privacy risks by copying all your browsing history, open tabs, autofill, passwords, etc, to each and every PC you are signed into. Having a universal ID for all the PCs you sync can lead a hacker from one of your PCs to ALL of your PCs! Just imagine that by hacking your home PC they get instant access to content you handle via your work, or business PCs and vice versa! Say, you have registered different credit cards for your home and office PC in their respective browsers, but now with the sync turned on, they all become accessible to third parties once they hacked any of your PCs! Getting too risky, right?

And beside the direct threat hackers pose there are many other problematic scenarios when synced browsers can get you into trouble. What, for instance, if you have a shared home PC, but forget to sign out of your browser account before dashing to work in the morning? You leave the kids free access to all your saved browser settings, history, direct access to login details saved at online retailer sites, etc. If your laptop happens to get lost or stolen, the same trouble is there again: all the sensitive data your browser saved on one of your PCs is now available on the stolen or lost one, too...

Do you regularly delete your browsing data? Sorry, just not safe enough, thanks to Windows. It was built in such a way that when you delete files, for instance, your history entries, cookies, or cache, the files don't actually get removed from your hard drive! They only get marked as available to be overwritten but remain on the free space of your drive, recoverable for hackers. And stuff happens easily. Just forget to update your AV database once, click on a malicious link on a phishing site once, or receive a new malware that's just not in your antivirus database yet...

So how to work around the issue? Well, a partial solution is to go to your browser settings on your devices and disable the sync function for certain sensitive items. If you don't want, for instance, to have your history synced, then make sure to untick it on the sync list. But even then, there might be still too many other sensitive traces you leave behind.

I guess there isn't really a win-win option here; you need to sacrifice convenience for security. It's just better to be safe than sorry. The solution we recommend is to regularly run east-tec Eraser on ALL PCs you use. It doesn't only auto-detect all the sensitive traces of your online activities, but overwrites them with random characters. This way you can really make sure that you won't leave any revealing traces behind on any PCs IE, Chrome, Firefox, or Opera syncs.