Google Chrome silently installs a 4 GB AI model on your device without consent
thatprivacyguy.com1437 points by john-doe a day ago
1437 points by john-doe a day ago
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Microsoft Word installed an English language spellcheck dictionary without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of disk space or bandwidth to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
It's additional software that many users didn't ask for, don't want and will not be aware of. Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
Honestly, for most features you could justifiably say its fine. I mean honestly, how large is an English dictionary? 100 KiB? That is a far cry from 4 GiB. Just taking up 4 GiB of disk space without even asking is indeed a shit move no matter how you shake it. If Microsoft Word updated and suddenly took up 4 GiB more for something like a dictionary, it might not cause as much uproar as if it were something that many people are tired of hearing about and not interested in, but I'm not sure you would find a single soul who would find that acceptable, more just tolerated, probably partly because a lot of people simply wouldn't know better.
> It's additional software that many users didn't ask for, don't want and will not be aware of
You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
I don't have even a single use for Siri on my Mac. It's useless AND redundant with the Siri that I have to have on my phone, yet Apple downloaded and installed "Siri" on there. If I install GarageBand which is the only first-party way to do basic audio manipulation, Apple installs at least 4GB of audio samples on my Mac.
None of this is to say "I approve of this exact thing Google is doing" - just that I agree with GP that this is exactly the same as what every big company (and many small ones) do every day.
The only "consent" we ever get is basically the all-or-nothing EULA we have to click Agree to in order to log in for the first time - the relevant terms are "Want computer? Accept that we will be shipping you all kinds of code constantly, for 'reasons.'"
You just described 95% of the parts of all software, especially in this era.
Yes, that's the problem
Yep. The fact that it is being hand waved away in this manner as if it was a valid argument is beyond maddening. I am starting to wonder if the move behind land and 'extreme personalization' of software is a fad I thought it was ( I mean, yeah regular users won't, but there is no helping some people if they don't want to be helped ).
> It's additional software that many users didn't ask for, don't want and will not be aware of
> You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
So what are you saying? Don't be mad over this becoming the norm, just shut up and sit down and accept it?
The story is only trending because it’s an AI model and the internet is anti-ai right now. It’s a double standard.
It’s like how people are outraged that electricity is being used in data centers to power AI models. When you do the math, the power consumption is far, far less than all the other things you do all day without thinking twice. But again, anti-AI double standard
On the contrary, you're only defending it because it is AI. If it were some other feature that many didn't want or ask for, you would empathize.
if someone doesn’t want ai on their devices, you think it’s a double standard that they’re annoyed when it’s installed anyway?
i’m not anti-ai by any stretch, but to pretend like their personal choices don’t matter is a bit too dismissive. it’s their choice, we probably shouldn’t imply other people having their own personal taste is hysterical or whatever it is you’re dancing around.
> the internet is anti-ai right now
Just fyi, this is not a temporary phenomenon, not a phase. People dont like spam, robocalls, persistent advertising, even as we use the tools that enable them. They definitely wont like massive job losses, if that actually comes to fruition. Constant surveillance, "slop" news and entertainment, significantly reduced human contact - not popular. Like most technologies, AI benefits a small group - those who control the means of production - but everyone else loses out.
Not just the Internet either. People are actively talking about data centres using available electricity, and the constant push from employers of using AI for things it clearly isn't suited for. Not to mention the constant "Let me talk to a real person" requests -- people see AI's everywhere and often have no desire to interact with them.
There are many technologies that begin in the corporate world on the enterprise level, and/or in research and education fields, and then trickle down to consumers. And basically anytime a tech reaches consumers, it's a fait accompli; it's ingrained in the business world 100%; scientists and defense contractors have blessed it.
The Avalanche Has Already Started. It is Too Late for the Pebbles to Vote. -- Ambassador Kosh Naranek
The funny thing about "AI Data Centers!!1!" is that they're unsurprising to anyone who knows the progression of this. First there were gigantic computers. Then telecom closets and machine rooms. Those machine rooms and closets got big and hungry! But they were hidden inside drab office space and far inside security perimeters and nobody really paid them mind, because it was part of doing business for the businesses.
Then came the cloud mania and corporations began gutting their machine rooms and migrating to the clouds. So if the consumption and demand for resources ramped up, who knows, but it was transferred from a very distributed, scattered model to centralized in a few big datacenters.
And now those datacenters are becoming an end unto themselves and everyone's gotta get one. Yeah, the scale and consumption of computing increases, but this has been evolutionary and it's only alarming because now, you can drive around a big city and pass several obvious data centers (and a few non-obvious ones) on your way. Did people freak out over AT&T constructing central offices? Dunno, those meant a lot of jobs. We all needed to reach out and touch someone.
But kinda wary about that Death Star.
> just shut up and sit down and accept it?
I mean, that's absolutely your only option other than simply choosing another browser. This will be a non-issue for 99% of Chrome users.
It clearly isn't the only other option - otherwise you wouldn't have people like you and others in this thread being outraged about people taking one of the other options.
That we as a society are beholden to corporations is a myth those corporations want you to believe but its not how things actually work. If we come together to say no then those corporations either comply or will cease to exist.
I'm surprised so many people still use Chrome. there are perfectly serviceable browsers which block ads. do normies not know you can block ads if you use a different browser?
They don't. A large number of them don't even care. Some even click on all of the "allow this site to send you notifications" and then proceed to get spammed by hundreds of notifications on their phone/PC. And don't mind it.
It's not "becoming the norm." It's been the norm for decades. And yes, you should not be mad about the norm.
> And yes, you should not be mad about the norm.
Right and if slavery and virgin sacrifices happen for decades we should just join in
Deeply incongruous example tbh.
Is it? It's kind of the heart of the matter - just because something is common doesn't mean it's acceptable. The difference is that in our society we've all agreed the sacrificing is no longer acceptable.
I, personally, have found the adtech bloat (for both disk space and processor usage) to be a huge issue for quite some time. If this is the hill where the public decides to take a stand I'll happily stand beside them to try and reverse this gradual enshittification. I think several other hills were more worthy to defend but nobody noticed those ones so apparently this is the place to fight that fight.
I doubt anyone would appreciate software bloat purely because of how widespread it is[1] - it just hasn't risen to the level where it's so noticeable for such a contemporarily controversial topic yet.
1. As an aside - ubisoft game sizes are absolutely bonkers. I didn't realize that each Assassin's Creed had twelve different operating systems crammed into it but I can't see how else they're clocking in where they do.
Modern games include assets with very large file sizes that operating systems do not.
> That is a far cry from 4 GiB
Equating a 4GB file installed without explicit consent to the installation of a language dictionary is comical. That's like saying an unwanted political mailer left in your mailbox is the equivalent of a pallette of hammers left in your driveway.
It sounds like you have a specific number of GB in mind that an app can take up, below which it's totally their business, and above which they need to plead their case, disclose the purpose, and allow me to choose.
What's that number? How did you arrive at it and why?
My Chrome binaries are about 700MB on Mac and 500MB on Windows. Is this below or your line, or are they actually in trouble as soon as they're extracted?
My point is just that it seems there may be an arbitrary limit here that may not be the same for everyone (and 90% of users are nontechnical and thus couldn't give an answer whether 4GB is "worth it" for whatever the features are). Rather than add another whole ecosystem of "Cancel or Allow?" dialogs I'd rather operating systems did a better job of letting users put piggish applications on a strict space budget. Most of the apps on my phone are storing half a gig of "stuff" (called "Documents & Data" but not itemized, and even apps that have none of my 'data' such as browsers), which I can't force them to dump even in an extreme emergency. I can only delete the whole app.
I'm talking about Apple platforms as examples because I use those a lot and with their epic stinginess of SSD, anyone who doesn't pay $400 more than the base model will exhaust their storage within hours to months.
People don't typically have specific numbers already set aside whenever they discuss what is too much. The example given was people can handle a political flyer in the mailbox but not a pallet of hammers delivered in their driveway. Do you have specific amounts (probably will need to be a weight limit and a volume limit) already figured out when you think of how much junk someone can mail to you reasonably? Or how much HD space a browser is allowed to install before it gets to be not-their-buisness?
So as long as I'm allowed to bump into you I can also smash your face in, right? After all there isn't any clear point where I'm applying too much force.
> My Chrome binaries are about 700MB on Mac and 500MB on Windows
That's kind-of the point though right? An application that has been say <700 MB for decades, suddenly deciding it'll take a multiple of it's size without asking seems pretty unreasonable, I think it's pretty fair to say the expectations for Chrome were set already.
It'd be similarly unreasonable for a video game that once took 50 GB, to suddenly decide to take 400 GB.
agreed that not everyone has the same limit, but 4GB is big enough to be annoying to many. that still costs real money (in bandwidth) and storage (on low-end hardware) for a lot of folks.
My arbitrary limit is "not 5x from when I installed it". Like if my gallon milk jug was suddenly 36 inches tall.
What a completely asinine post. I'm sick of seemingly smart people in the technical world think they are being so clever by trying to literally rehash the continuum fallacy. You hear this literally everytime anyone even so much as suggests a standard, norm or god forbid a regulation. It seems especially common among libertarian types who think governance of any kind of simply impossible because of it.
Just because there is a gradual spectrum between two states doesn't mean we can't draw distinctions. For example, just because we cannot define the exact, precise color when blue turns into green, it does not mean that blue and green are the same color for any normal person discussing an issue publicly in good faith.
When someone says "X and Y are on a spectrum, X is good and Y is bad", the point is to highlight the differences. Pointing out that the spectrum or continuum might not have a precise boundary has literally zero weight towards the validity of the ultimate conclusion a person is making here and really is just a complete derail done by people who have no substantive points to make.
Is your objection just to the bloat, or also to what the bloat is for?
Personally I'm pissed at both. A large jump in requirements without warning is bad, if I want to avoid it I now need to take immediate less considered actions or get stuck with the consequences. Plenty of decent software actually lets you decide what plugins to install for added functionality, chrome actually has a extensions store that they could have put this crap in.
Yes it's also that it's AI and mostly that chrome is foisting off all the cost of that AI model to me and other users. Without warning and explaining what this model is, is my workplaces power cost going to be up 10% because of whatever they want to run it for? Who knows.
There'd be a lot less complaining if they'd actually warned and less still if they asked.
Except this mythical pallet of hammers takes up 0.1% of my hard drive instead of 0.0001%. And it isn't blocking me from moving my car. And...
yea your analogy doesn't even remotely make sense
The issue is the size of the 'update' and the impact it'z going to have on your computer performance.
If tomorrow Google was to include a Blockchain miner in Google chrome, you'd still say you consented to it by using their software ?
Because I'm pretty sure that this LLM is also going to be used by Google to gather data on the user and feeding it to Google, hence just like the Blockchain miner using our computer ressources (space & performance) to feed Google yearly benefits.
Hey, you got the point. Is there a chance that Google actually plans to use users' computers as their edge computing devices?
> Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
You know, I never thought about it like that, but it is true. The bloat and spyware is a core part of the OS now.
It's just more efficient that way!
Chrome installs additional software that 99% of users don't use. It can intercept and modify code running on your computer, and spies on all network requests. Hackers use it to analyze potential vulnerabilities. 90% of users aren't even aware that it exists!
You could say the same thing about shipping V8 with Chrome. Some users disable JS so shipping V8 with Chrome is additional software they didn't ask for.
The old unix administrator would expect a platform to ship choice of JS that would be in /usr/bin/JS. The local administrator would add their local choice of JS /usr/local/bin/V8.
The browser would then have a configuration option of which JS interpreter to use.
> The browser would then have a configuration option of which JS interpreter to use.
Browsers could not make sensible use of a JS _binary_. Browsers are _deeply intertwined_ with their JS engines, requiring integration with a _library_. There is no such thing as hot-swappable JS engine libraries from different vendors.
Edit: wow, down-voting demonstrable facts. How very mature.
Bad analogy. "Some users disable it" is very different from "it was introduced without any notification or information about what it does and the vast majority of laypeople have negative sentiment toward it".
> vast majority of laypeople have negative sentiment toward it
Citation very much needed. Technologists are not laypeople, and are almost certainly a vocal minority.
An AI is not additional software. Infact, a model is not software.
It's not processor op-codes, but sure it's part of the software. You wouldn't say that a set of precomputed weights in a numerical integrator aren't part of the software, would you? Or say that the graphics in a game aren't part of the software?
How does that change anything? It doesn't matter if you categorize it as software or not, unwanted is unwanted. And frankly I just flatly disagree, you could certainly make the case that model weights are a form of software.
If they downloaded a 4GiB media file of some Irish band that nobody asked for, people would be upset as well. It doesn't matter what the 4GiB contains. If it is not going to be used by the user and the user didn't ask for it, that's just idiotic to think people would not be upset about it.
If someone puts a camera and a microphone on devices that don't need them, then it's a) pushing up the price of goods for everyone with features that mainly serve corporate, b) there are bad actors out there even if you think corporate is a good one, c) no reason to think corporate is a good actor.
Shipping an AI model with a browser is starting to look like sticking cameras on ALL glasses, not just smart glasses, regardless of whether anyone wants that. Saying this is fine and not unusual is clearly motivated reasoning and just normalizes the surveillance state. It's very obvious the way this ends. Browser-based models will eventually be using your computer at the edge to save corporate money in the cloud while they do ever more expensive and invasive stuff to profile you.
Shipping the model with the browser is exactly the opposite of what you are claiming.
The alternative is sending the data to Google.
Back to the assumptions.
If the onboard LLM means no data sending and you get your own little service wholly subservient to you like a good little program. That's nice!
If the onboard LLM means better data filtering, possibly even exploration of the local system, to send information to Google while lessening their datacentre bills running LLM services. That seems a little underhanded to just bake into things without notification.
Pick your assumption, you get your outcome. What are your assumptions?
Why assume? it should be observable. You can check the code and data traffic to see how it is used.
No, what's misguided is equating the legal definition of consent ("It's in the ToS") with actual consent. When everyone (especially google) knows 99% of users don't read the ToS. Can they sue over it in a court of law? Maybe, maybe not. But they can write articles, spread the word and generate bad press for google. Then maybe consent will be actual rather than constructive.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
For me the most significant problem is the lack of consent. I assume it's just not how you want to frame the problem. Ignoring the problematic parts or behavior of some sort of behavior is a common problem in modern software, and it's actually what the article is complaining about.
I don't think this is a question of framing or ignoring problematic behavior at all. I'm quite certain that you wouldn't find it anywhere near comparably egregious if Google added a new developer option without your consent- the most significant problem is the 4GB and the LLM. And, of course, you did consent to their software terms. You are free to switch browsers. What does consent have to do with this?
yes, no one would have a problem with it if it were useful, so what, they're hypocrites if they don't like it because it's useless? actually, people generally only complain about consent when they didn't like what happened. the takeaway is that if it's an update that will be thrusted upon a user, deliver value for them. and it's your problem, not the user's, to persuade them that what you're thrusting upon them has value.
Exactly this. My issue with Microslop isn't that they're using AI, that is its own can of worms.
It's the fact that they were forcing it into MY computer, using MY bandwidth for THEIR profit goals. The lack of consent was the final nail in the coffin for me, no computer in my house uses Windows now, and it will at best be a long time before that changes.
I got rid of Chrome ages ago as well. Chrome's only redeeming feature is its user base. It's slower, uses more system resources, ugly as a browser, and now its an AI rapist too.
> It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
So where is the line we draw where bait-and-switch goes from being acceptable to unacceptable?
MA Chapter 93A for example clearly says that businesses are prohibited from "unfair or deceptive practices" including misrepresentation or concealing defects. Where do you think the line should be?
If you market a product as a Browser and it's codebase is 10% browser related and 90% some other program... Should Google have to correctly represent that product?
Related; If you didn't like when Apple forced you to use Siri on your phone, why did you purchase a Mac? Did you not expect them to continue disrespecting your sovereignty after you let them get away with it the first couple dozen times?
That's like saying users have no right to push against certain features. It's like saying Windows Recall was always ok and there was never any reason to demand it not be installed. The only difference is one can choose to use a different browser easier than they can choose a different OS.
You're right in the sense that practicality and consent are orthogonal issues. There are probably stronger arguments to complain about a feature than the disk use.
> The only difference is one can choose to use a different browser easier than they can choose a different OS.
I'm not even sure that is actually true for most people. If you mainly work in the browser, which many do, then you can change the OS under it without impacting the user too much but change the browser and there will need to be much more to adapt/relearn.
I think the disk space and bandwidth are what make consent needed, because it’s implied that the browser may download small pieces of data but the user would not expect such a large file be downloaded so it should check with them
In principle I agree, but chrome has an auto-update setup and using that mechanism to download several GBs of data that is not critical to the app itself is cause for question.
Chrome is not entitled to my disk space just because I installed it and Microsoft has been excoriated for the exact same behaviour with AI.
>Chrome is not entitled to my disk space just because I installed it
When you install any program it becomes entitled to your disk space, by the definition of installation. If you don’t like the program, you can just uninstall it and it’ll no longer take up your disk space.
This is a good point, given there is no shortage of alternative browsers, even if there is a relative paucity of alternative browser engines.
Couldn't the same argument be made for Chrome suddenly including a bitcoin miner? Seems like that would be a difference in degree rather than in kind.
The difference would be intent. A nearby comment worries that the endgame is the ODM being used to monitor you and report back. Certainly wouldn't put it past the world's biggest ad company to think of that! And if that is what purpose it's put to, I think I'll be mad too.
If Chrome shipped a crypto miner and used the resulting coins generated on my device to let me automatically bypass paywalls with micropayments that would be way better than if they shipped the same and just took the coins.
This kind of unwanted software installed with a product you want used to be clearly considered malware. But these days software companies all think they own your computer and can do whatever they want.
Chrome's model is based on copyright infringement and court cases are pending regarding legality. Even if spellcheck dictionary was 4 GB, installing bloated but legal software is different.
Under the EU AI act this REQUIRES disclosure. The user should be informed that the system is installing an LLM
Where does this line of thinking end? What couldn't be construed as part of the software?
It ends at the usual place, the shrink-wrap agreement. What did the license agreement say?
agreements don't always hold up to legal scrutiny. In cases where it is unreasonable, it won't be able to stand up in court. And in any case, this is not a legal matter but a user experience / public opinion one
You're right, it's not a legal matter. You and I will readily agree that bundling a 4 GB language model with a Web browser is unreasonable, but how do you envision making that case in court?
My guess is that maybe one in 1000 Chrome users will even notice it.
What is the line is a good question. I'm strongly pro-user agency, but I still think consent is more around what actually impacts the user. If there's some safeguards, for exceptional cirumstances that users can get into if they need it, I feel like the software has to be doing more, having more of an impact on you for there to be an offense or problem here.
That said, I do want to amplify agency. I don't immediately know what to expect for disarming this. If a website starts hitting the API heavily and my machine's fans are spinning up, where am I at, and what do I expect? It feels like the web is close already, with a pretty sophisticated permissions model, where we go to look for things. I'm interested in an evolved permissions model for the web, where even when permissions are on by default, it's the same flow to turn them off. I think that would remove a lot of the grounds for "I don't want this" that seems so persistently abundant these days.
Even it feels like the risk is so low/non-existent, if the user's demanding less agency from the their user agent, in principle I guess we ought give them the less that they asked for. Usually. But that always has some kind of practical limit too. CSS made some people mad! It's ok for this not to be the software for you, for you to go need to go somewhere else.
I believe that relatively inert capabilities like this, where mostly it's taking up some storage space and joules, is generally not really altering the contract, and is fine.
I agree to install it, but I don’t agree to automatic updates. The bigger problem is, I can hardly find where to disable Google’s automatic updates. In the end, I just locked the file permissions to stop that virus-like auto-update program from running.
Auto-updating browsers is one of the best advances in the web dev space in the past decade. I find it hard to believe that anyone who did web development before evergreen browsers became a thing would ever disagree.
Best advances for whom? Lazy web developers?
Considering that most websites are optimized to just barely run on what the developers are targeting, letting them target the "state of the art" instead of what came installed on grandmas machine is been a huge negative for website efficiency and thus average user experience, not to mention global resource waste.
> It's just part of the software.
What isn't part of the software? Can they just install as much garbage they want to, as long as they claim it is part of the "browser"?
Also, scale absolutely matters. If I pull up in front of your house and say "hey, mind if I park here?" and you say yes, then I park, walk away, and 10 minutes later park a fleet of 18 wheelers in front of your house, you're going to feel like I wasn't...entirely forthcoming about what I intended.
It is changing the product significantly. I wanted/consented to a browser. Nothing more. Agreeable, nothing new with the browser vendor pushing plugins down our throat which are not browser core features, nevertheless not right.
> nothing new with the browser vendor pushing plugins down our throat which are not browser core features
You need to find another browser, if your desire is only browser core features. You have that freedom!! You can do it!
On the other hand: I don't think anyone caters to that position, because it's a bad/nonsense position, that users don't want. There are some browsers that come closer to this, but this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
> this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
To counter this, the idea that the BROWSER should be doing other things than BROWSE is insane to me.
It is very clear that you and I came of age in a very different environment with a very different mindset.
The moment somebody starts forcing additional packages, some which may even be larger in scope and code than the primary software, throw them in the woodchipper. That's dirty, disgusting behavior that removes user agency and exploits the trust between those developers / company and the user.
Absolutely not.
We've been down this road before and people hated it. Most, if not all of those companies, died.
My biggest beef with the browser's unchecked scope creep is that its role as an application platform is fulfilled in a manner that's completely at odds with the original purpose of a browser as a user agent. They're running untrusted third party code by default, letting sites embed spyware, and constantly adding more anti-features. Treating this as normal is insane from an unindoctrinated viewpoint. Acting like people who question this status quo are being unreasonable is an insult to everyone who cares about privacy or security.
Yeah, I came up with BBS and being amazed at watching us connect & grow capabilities, in ways that anyone could easily use. That was and is incredible & amazing. I struggle to see what reached out & touched you, has you (from my perspective) so shook & anti- willing! I can't imagine not seeing the hope & awesomeness!! I agree: we do have very different backgrounds, it seems like!
There's libraries, still: big buildings with books on them, if you want to go browse static dead information that sits there! You can even check out books on your phone now; thanks Libby app! Your use case is already super well fulfilled! Has been for a long time! You can go do that!
It's absurd to me how conservative & constraining some people want the world to be. A reduction of possibility, that itself feels absurd, taken to even more absurd anti existence, anti possibility. There's been no platform on earth where it's so easy to make cool neat software and experiences for yourself & friends, where we can do so much. From a static website! That power is incredible. That power had been locked away forever and somehow it became very easy, yet still reasonably sandboxed, and is available to all, so easily: and that's nothing short of a miracle.
And as ever it's always the same! The same shit! "The story so far: after packaged software, the web was created. This has made a lot of people very angry and been widely regarded as a bad move."
Just go use a browser that works for you, and stop trying to ensnare the whole world in your very limited very constrained narrow view of expectations/desires. Don't expect the universe to reduce itself to your level! Especially because: the web will let you have the browser you want! There's other media-forms that are everywhere that are even more set, as per your desires! But man, to moralize & outrage against those who don't want the web to be but a book that's online? I don't sympathize at all, and I don't understand the basis where this comes from, and I so strongly feel there's been way way way too much of this frankly bad attitude; I think this is very broadly a popular anti-sentiment to whinge over, that is far too over-expressed. And it's so small, so limiting a world, that's so unclear & so unexplained. The world wide web doesn't need to fit in such a tiny box. This is human capability, that increasingly is the means open to all, for the Dream Machines to be made with, for intergalactic internets to connect people with. Sure! A lot of that hasn't gone great, we don't like what has been built!
But it's always seemed so clear and so obvious to me that this democratic access to platform, available on any device, that let's us do so much, is a fragile sacred thing. And that taking that away is to give up all hope of ever having systems that are good for us.
> I wanted/consented to a browser. Nothing more.
I agree. I want just a browser. No non-browser-related features, such as JavaScript, CSS, WebRTC, WebGPU, Wasm, etc. Nope, just browsing.
Edit: /s, obviously
That's a dumb argument to make as all of those things are used to render the browsing experience. You can disagree with them being necessary or not, but they are part of the experience.
You'd be much better off arguing you wanted/consented to a browser, but you got 3 toolbars installed as well and a couple of extensions that report back every keystroke to their respective mothership.
I think you missed my sarcasm. Sorry if I was being too subtle. My intent was to point out that "just a browser" is a meaningless phrase as the functionality of browsers changes.
Yup, I did. I read it as an HTML purist that thinks all of that stuff is ruining the web never leaving Reader mode pining for the days of Gopher
A better example of a non-browser feature that crept into browsers would be PDF viewing.
It’s actually really useful for web devs to have access to a local model. Whether or not browsers should bundle their own rather than using the system-provided model(s) is up for debate, however. For the time being, though, Google does have some of the better small ones.
Furthermore, users aren’t going to want to have to wait for an extra thing to download before their web apps can use AI.
That’s the thing… Without context of why, users probably wouldn’t want a 4 GB download. But they do want their web apps to work properly. When there’s a specific use case they’re interested in, they will want to have it, and they won’t want to wait.
You haven't even tried to provide a hypothetical example of what a web app should try to do using a local LLM, nor addressed the obvious questions about how that kind of thing should be standardized, what level of local LLM capability is reasonable for a web app to expect, or how permissions for that should be managed given that a local LLM is not just a tax on local storage capacity.
So why should anyone take it as a foregone conclusion that this is an instance where web devs should get what they want? In general, the browser should be acting in the best interests of the user and not automatically granting the wishes of every web site that wants to drain your battery.
One example I have that made me excited for this feature is the free recipe manager website I run.
Many of the paid-for competitors give users the ability to import unstructured recipe data these days from sites like instagram or at least text-only websites.
I can't afford to offer this as a feature since my website has no advertising and I just pay for it out of pocket, but it's an incredibly easy feature to add if you have the money to pay for tokens.
If I could use a local llm to do it though that runs in the person's own browser then I think it would definitely be valuable.
That said, I'm not sure the state of local llms provides a good enough experience yet (small models and slow) but that doesn't mean that in the future it might not be useful.
The propsosed apis do work for this purpose, albeit more slowly and lower quality
> not automatically granting the wishes of every web site that wants to drain your battery.
Pretty sure that ship sailed way back when Flash ruled the Internet, and it's still sailing more than ever today.
Browsers are just weird sandboxed VMs now. They have nothing to do with their original purpose. Don't be mad at me, I like shipping webapps that render documents server-side and use even JS incredibly sparingly. I'm just reporting what I see. The browser exists as a way to make developing completely proprietary apps with proprietary UIs for several platforms cheaper, and Chromium exists to help further that goal including, if necessary, being packaged up and shipped with those apps (Electron).
There is a link elsewhere in this comment tree addressing all of that:
Google's marketing for their latest new browser feature nobody asked for shouldn't be taken at face value. Somebody outside Google needs to provide a well-reasoned assessment of the feature proposal.
And having skimmed that page, it really doesn't answer most of the important questions. Are other browsers expected to ship Google's model, or put a different model behind the API that Google has documented as being specifically for Gemini Nano?
> Somebody outside Google needs to provide a well-reasoned assessment of the feature proposal.
I'm sure that exists already, I've personally been waiting for some version of this to make it into browsers since like GPT 3.5. Every day on HN there is conversation about the tradeoffs of local vs. hosted models; the uses this API is intended for are perfectly within the capabilities of local models.
> And having skimmed that page, it really doesn't answer most of the important questions. Are other browsers expected to ship Google's model, or put a different model behind the API that Google has documented as being specifically for Gemini Nano?
Most of this is answered under the tag "Intent to Experiment" and the associated link. It's not a mandate that they're forcing on the web today, it's a public experiment intended in part to solicit feedback for a potential spec: https://groups.google.com/a/chromium.org/g/blink-dev/c/6uBwi...
> Most of this is answered under the tag "Intent to Experiment" and the associated link. It's not a mandate that they're forcing on the web today, it's a public experiment intended in part to solicit feedback for a potential spec: https://groups.google.com/a/chromium.org/g/blink-dev/c/6uBwi...
That does pretty much settle the question: if it's still just an experiment, Google should be asking for consent and web developers should not be assuming that this is the future of browsers, and nobody should be acting like this is a foregone conclusion.
> really useful for web devs to have access to a local model
I’m not opposed to this. I don’t want Google, an advertising quasi monopoly, to be auto-installing its own AIs on everyone’s computers.
But then they should state that minimum size of Chrome is 5-6GB (lol, OS size). Sure this feature should be installed by informing the user what are the pros/cons; just installing without asking - means that you are using user's traffic (huge for mobile, for example) and disk (quite a large part) without notice, which is probably a bit shady.
Even Microsoft doesn't install a spellcheck dictionary unprompted; that happens when a user/admin goes into the app configuration and changes the language support options.
I think it falls more into the category of needing consent like a crypto miner would. If I use a piece of software to do X and it begins using more resources to do Y that can be a serious issue and is at the heart of this discussion.
A crypto miner needs consent because it burns your battery and CPU power with no benefit to you. This AI model would only be used when you invoke it so the only problem is disk space, which the comment you're replying to acknowledges as a point of issue.
Or some website decides for you that you now want to talk to your local AI chatbot using google chrome prompt api.
> This AI model would only be used when you invoke it
You sure about that? How explicit is the invocation? assuming it’s only run when the user does something (big assumption), does the user know clicking that summarize button is going to bog their system down and crank up their electricity use?
Indeed. Trusting that it will only be processing the user's queries - as opposed to, say, becoming part of a distributed grid of AI processing nodes - isn't a bet I'd be willing to place much money on.
You would be right if there's a popup box with two buttons appearing before installing the model and before every time it's used by some site.
Button 1: "Stop the AI now to save X GB of RAM".
Button 2: "Erase all browser AI to save X GB of RAM and Y GB of disk"
This isn't asking for consent, it's simply informing the user about what oversized resources are optional and providing an honest way to save them.
The only alternative to that is formal consent.
A crypto miner generates revenue needed to run the service, similar to ads.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Java installed an ask.com toolbar without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
wellackshually the bloatware explicitly asked for consent. There was a checkbox at the end of the EULA asking you "I also don't agree to not install the ask.com toolbar. You wouldn't do that, would you?". There is a state of that checkbox which would not install the toolbar, because, as you know, it's not part of the software I'm trying to install. That state, however, is left as an exercise for the decompiler. :)
Though I kinda agree that framing it as "consent" feels a bit off even if I myself would say no if only Chrome had the courtesy to ask. What icks me more is a 4GB[1] blob that has no relevance to the primary business of being a web browser; this is basically the IE anti-trust issue all over again. And it's an experimental feature! Under saner policies this thing would be a plugin from "Google Chrome Labs".
[1] I found weights.bin in Ubuntu 22.04 Chrome v147.0.7727.137 but it's "only" 2.7GB. Still, my ick stands.
I thought the issue with Java was that checkmark would check itself on update?
I was trying to draw that parallel but maybe I'm misremembering
i wonder how exactly it makes it harder to have a discussion. would it be okay to talk about spyware in terms of consent, or would that make it harder to discuss as well? can you think of a situation that it wouldn't be unhelpful to frame what software does in terms of consent?
If Rockstar games can be criticized for Hot Coffee then Chrome can absolutely be criticized for such bloat ware.
Invoking a different case with bad logic doesn't make this one any stronger. I never understand this impulse, is it just "nuh uh!"?
please don't defend this anymore.
People installed an html client, not a backdoor into their computer.
You’re probably right in a literal technical sense, but a very large number of people (maybe most?) would choose “no” if properly informed and asked for consent, and lots of people are morally opposed even in principle to downloading a large AI model onto their computer. I’m not one of them, but they’re out there. So in a cultural sense, it is different.
What % of Chrome users (this is the default browser that nearly every 'normal person' uses) do you think is confident (and knowledgeable) enough to answer this quiz:
For each, indicate whether it's closest to: 4MB, 4GB, or 400GB:
1. One MP3 song.
2. A 2-hour movie streamed from Netflix at 4K
3. The capacity of this computer's SSD.
4. The free space on the SSD.
5. The whole of English Wikipedia not including images
6. a AAA game from 2010 with all its supporting files and DLC
7. a AAA game from 2026 with all its supporting files and DLC
8. The total of all software updates you installed last month
Can't stand this kind of corporate apologism. It's one thing to disagree about whether this is a reasonable thing to do, but there's no need to additionally gaslight people about whether their category of grievance is even valid. Of course it's consent. They did it, without consent, that is a simple and factual statement. You consented to one thing (a browser) and not another (a giant AI file). And then the question with consent is whether the thing is something a person ought to seek consent for, which is entirely relative to how the person will feel about it. Installing a dictionary, probably not because it's small. Installing a 4GB file, probably yes. Obviously.
They are abusing our trust. That's the issue.
not just that, unfortunately
This is just today
"Tech giants Microsoft, Google and xAI say they will allow the United States federal government access to their new artificial intelligence models for national security testing." https://www.aljazeera.com/economy/2026/5/5/microsoft-google-...
Its not misleading, AI models (unlike English spelling check) has the potential to mine data on users and invade privacy all under the name of "training the model". I am very skeptical of AI models. Governments and big corp have the ability to exploit AI models and none of them a righteous for us to feel safe from a move like that.
Local models exist as part of the solution to privacy invasion. Not saying google has never been nefarious, but the whole point of local models is that your data doesn't leave your device.
So… every software package you’ve installed has the right to consume an unlimited amount of your system’s resources? It’s an absurd argument. By that logic it can fill your hard drive, RAM, and max out your network bandwidth and the user would have somehow agreed.
News from the year 2030: Google takes your credit card info, sells it on the black market for pennies and kicks you in the groin.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Google stole your credit card info without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of physical abuse to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
Except spellcheck is a reasonably foreseeable part of a word processor. An AI model isn't really a common component of a typical web browser.
Disagree
It is consent - and its a pattern ubiquitous in tech.
Idk a random model being part of the software is not a given as much as things are trying to be pushed.
i think if google can show that they know what it does and able to contain it then sure, it's a tool they have power over. if not then I don't see how it is being contained by the terms
A spellchecker is a standard function of a text program.
Since when is an AI part of the browser?
On top it’s another abuse of their market domination. What if users prefer other models?
By that reasoning, any novel/cutting-edge addition to a browser or other software is wrong? Every standard was new at some point.
The question of whether web browsers will one day be expected to normally include an LLM is not at all relevant to the situation at hand, where that absolutely is not the expected or typical behavior of a browser. Google should be asking for consent now even if they expect in several years time to be able to presume consent for this.
So the principle is that any as of yet non-standard addition to software needs explicit consent from the user?
Major feature updates require consent, yes. Automatic updates are for bug fixes and security patches. It is disrespectful to the user to automatically deploy any update that changes the UI without warning or consent. I like my toolbar buttons to stay where I left them.
> By that reasoning, any novel/cutting-edge addition to a browser or other software is wrong?
This is IME the default position on HN. Seemingly a complete showcase of the appropriate scope of web technology can be found at http://info.cern.ch.
I am against built-in VPN for the same reason I am against this. There is nothing novel or cutting edge about them. Any browser could have done it back in 2003, but they didn't do it for a reason.
Of course, it's not like any of this matters in the end.
Any addition that has nothing to do with the purpose of the program is wrong.
That why ERPs added CRM and DMS functionalities, CRM added DMS and ERP features and DMS got messenger parts.
Of course those new functions can’t compete with the programs made for these functions in the first place and at the end of the day even the main functionality got worse.
Here is the additional point that Google enforces their own model without asking.
Usually programs with additional features give you an option page to select/deselect unwanted features
At least Word lets me choose which dictionaries I want to install during its installation. With an estimate on how much disk space it will take.
There was a point in time when a spellchecker was not a standard function of a text program, and a spellcheck dictionary would have been considered a large file to include with that kind of software.
I'm not a fan of Google's actions here, but I do think it's possible that at some future time we'll say, "but a local AI model is a standard function of a web browser."
> at some future time we'll say, "but a local AI model is a standard function of a web browser.
And before that point ask the user for consent.
It’s not that hard.
If you make a sudden big change, ask for consent.
Hey if people could go for their pitchforks and torches over Apple giving them a free U2 album that ate up limited device storage space,
we have every right to be upset at Google's audacity to suddenly gobble up 4 fucking GB
Also from the same webiste, Claude installing spyware: https://www.thatprivacyguy.com/blog/anthropic-spyware/
but discussion about that seems to have been suppressed on HN: https://hn.algolia.com/?q=Anthropic+spyware
That was an even more ridiculous post. It wasn't spyware, it was a messaging bridge being installed for exactly the purpose it was intended. It was Claude Desktop installing a bridge that would allow Claude browser plugins to communicate with it. It was only used if the user had installed the browser plugin, and all it did was grant that plugin access to the app that had installed it!
So it's a backdoor to bypass the browser sandbox. Spyware is an apt label for that.
I disagree. Its a browser, damnit. Framing it as non-consentual AI is the right way. BTW, how much does Google pay you for this comment?
> You consented to installing the software and having it autoupdate.
You make a good case for much stronger laws and regulations on what such consent can legally allow.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
Spoken like a Google shareholder. It’s wild to see this level of gaslighting being presented as some sort of reasonable position.
Disagree. By your framing, might as well add a 4 Gb LLM to grep as an unasked for and downloaded option.
you are being very disingenuous. there are certain expectations from a software vendor. taking things into extreme, if something install malware as an update on your computer, is it not a silly claim that it is free for vendor to do so?
"You consented to installing the software and having it autoupdate. That covers it."
Were the terms something like
https://chromium.googlesource.com/chromium/chromium/+/refs/h...
"11.1 The Software which you use may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the Services."
https://www.gdpreu.org/the-regulation/key-concepts/consent/
"Where should the consent request go?
Consent information must be easily identifiable by the user. It should be presented separately from any terms and conditions."
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
"You cannot rely on silence, inactivity, pre-ticked boxes, opt-out boxes, default settings or a blanket acceptance of your terms and conditions."
https://www.edpb.europa.eu/sites/default/files/files/file1/e...
"The element free implies real choice and control for data subjects. As a general rule, the GDPR prescribes that if the data subject has no real choice, feels compelled to consent or will endure negative consequences if they do not consent, then consent will not be valid.13 If consent is bundled up as a non-negotiable part of terms and conditions it is presumed not to have been freely given."
https://www.dpo-consulting.com/blog/gdpr-data-consent
"GDPR Article 7 further tightens consent. It requires clear requests (separate from general terms), a right to withdraw at any time, and documentation to demonstrate that consent was validly obtained. In short, you must prove that a person knowingly opted in. Records of data consent (who, when, how) are mandatory so that you can show regulators you followed GDPR consent requirements."
"You wanted a banana but what you got was a gorilla holding a banana and the entire jungle." - Joe Armstrong
You installed a banana with autoupdates enabled by default. Therefore you consented to installing a gorilla and an entire jungle
Anyway, joking aside, what's missing from this blog post is discussion of potential remedies for the alleged violations
It may be acceptable to Google to violate GDPR, etc. if the remedies enforced are merely a "cost of doing business" and not a threat to business success
Yeah, no. I installed a browser, I expect it to install the required components for it to work _as a browser_. I do not need a local AI model for it to do that. If there are features that need that, fine, but I expect it to at the very least ask permission since those are absolutely not required functions. It’s like if Word installed a bunch CAD modeling software in the background. There’s just no way it needs that to function for it’s primary purpose.
You're missing that this is anti-AI activism
We should be actively anti-AI being part of a web browser just like that though.
Why? The AI assistance in Chrome dev tools is really useful. And I also use Google AI mode all the time.
Sure, but what's the point of obfuscating that?
This article is activism. The re-framing of software that you install intentionally being about breaking your 'consent' is ideological and incendiary. It implies that this is evil. It isn't.
Please stop assuming everyone thinks like you. If I can replace even something like translate with a local model that's just a single thing, off the top of my head, that could potentially benefit. I see no reason why these experiments should not be taking place.
And the reason they can't do something as simple and easy as ask for consent is...?
They probably didn't even think about that. Admittedly, 4GB is quite big, but if I were in their shoes, I would have expected that people are thrilled about using a local LLM instead of sending data to a cloud-based LLM.
I am still stunned that there are people who hate AI so much that they have a problem with the weights of an LLM being on their computer. To me, that sounds rather esoteric.
You provide consent by using the software.
Imagine Amazon deciding to take out $1000 from a credit card just because you use it to buy a phone case. Because you "consented" by using their marketplace.
It's not about AI. I'm pretty sure most people wouldn't be ok with eg a calculator app shipping a 4GB word processor.
Maybe it’s pro-browser activism.
A browser should render web pages not bring its own AI
Yeah, it's already egregious how resource intensive browsing the web can be, between the browser and the content its loading. Why should we just accept that Google will force another performance hit by loading up an AI model as well?
We don't have AI. We have language models trained by rapacious companies on copyrighted material with no concern for copyright violations and with a penchant for intentionally anthropomorhizing their models.
I'm an anti corporate malfeasance activist.
Hacker News and it's underemployed and underpaid user base gets these two confused all the time. I assure you, your tolerance for language models, or your willingness to use them, will have _zero_ impacts on your pay scale in the coming decade.
Finally you should be aware that Google markets this addition as an "anti fraud" and "anti spam" feature. They should have to justify that, I shouldn't have to justify my expectations as a consumer.
It's not a copyright violation if courts have ruled it's not
I have no pay scale to worry about, I own the software I build and don't rely on wages
> It's not a copyright violation if courts have ruled it's not
Courts can't rule aprioi on civil issues. I would not expect the current status quo to count for anything.
> I own the software I build and don't rely on wages
Cool. So now everyone with $200 is your competition. It seems like a fools paradise to me.
If Chrome has the #optimization-guide-on-device-model and #prompt-api-for-gemini-nano flags enabled, either because it's part of some Origin Trial / Early Stable Release or something, then web pages will have access to the new Prompt API which allows any webpage to initiate the (one-time) download of the ~2.7 GiB CPU or ~4.0 GiB GPU model using LanguageModel.create()
https://developer.chrome.com/docs/ai/prompt-api
When Chrome 148 releases tomorrow, this will be the default behaviour on desktop.
To download, it should check for 22 GiB free disk space on the volume where your Chrome data dir is, and at least double the model size of free space in your tmp dir.
First the tabs came for the RAM and i did not protest, for i had plenty. Then they came for the chip and i did not protest, for it was dark silcon anyway. Then they came for the HDD.
I am curious if it reuses the LLM across all tabs, hard to imagine most machines can boot up 1-2 of any 4gb model unless its a more powerful system.
I think it obviously will, what would be the benefit to spinning up more than one copy?
It should only need to load one copy of the weights, but each tab/site will need a separate context and KV cache.
The more severe problem is that Google installs model weight files on a per-user basis, meaning Chrome occupies 4 more GB of space for every OS user on your device.
The company I work at has several environments and hundreds of VDI users in each environment. Chrome is the default browser in all of them. By my rough napkin math, this one small change by Google will eat up at least 15 terabytes of new disk space in total. (I sure hope we are using deduplication at the physical storage layer...)
Shouldn't the filesystem be set to encrypt everything before it hits the physical storage layer?
I certainly hope you don't automatically update.
Does your place review every line of every update patch note? Do you think you would catch this implication?
Does each playwright (or similar automation system) count as a different user, and does it keep the model around ?
If yes, it's an interesting API to call when a AI crawler hit your website.
4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks (and in the future even PhD level intelligence) for free?
Oh, the horror!!!
Wait, let me pay my HVAC guy $500 he deserved because he came all the way from his home to replace a fuse
It doesn't make sense to apply wholesale prices for mass storage. People are running Chrome on specific devices that they already own. Storage is not fungible in this way.
If you’re pissed you had to pay your HVAC guy to drive to your house and do something you think is trivial, why didn’t you do it yourself?
> 4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks for free?
This is better than my current solution of an actual human with masters degreed intelligence performing all my cognitive tasks for free how? I mean, i'm the first to admit i'm extremely lazy and even i'm over here like "really??"
> Wait, let me pay my HVAC guy $500 he deserved because he came all the way from his home to replace a fuse
Right, because its totally something an LLM can do, right?
Tell that to Apple, I'm sure they will allow me to pay $0.025/GB for additional storage on my Macbook /s
It's annoyingly imposible to add more disk space to laptops. I think mine is soldered.
You can already trigger a 2 GB model download with the Summarizer API[0], which is already shipped in Chrome.
Summarizer.create()
I think this is a distinct model from the Prompt API, since the other shipped AI APIs use fine tuned models.
The problem is that some of us are still on connections that charge per GB in rural areas. Here in Montana it's very common to pay about $0.25 per GB regardless of how much you use, so this is a $1 additional cost per desktop device. Places like public school districts have hundreds of computers and this will be somewhat significant for them.
I was thinking a similar thing. Many of our customers have purpose use computers that rarely see physical infrastructure internet, but need a modern browser (many chose Chrome on their own, we never recommended it).
They're going to get blasted with cellular data charges when they fire up their computer in the field.
Google's updater service also currently ignores the windows 11 metered connection hint. It will gladly download that model over your cell connection even if you have a data cap.
This is infuriating behavior.
Silicon Valley must wake up and understand the entire world does not live like them.
It is a small model, so what utility can I / Google expect from it? What is the on-board model used for?
It's not a very good small model to be honest.
That said, you might be surprised to learn that some of the models from 3b-9b could probably replace 80% of the things nonvibe coders use chatgpt for.
Its a good idea to run small models locally if your computer can host them for privacy and cash saving reasons. But how can you trust Google to autoinstall one on your machine in 2026? I just couldn't do it.
Sure, local models good and yes, there's no way we can trust Google.
We can be positive the entire motivation of Chrome is user behavior surveillance. There's not a nano-chance in all the multiverses that Chrome model is doing anything privately. They've gone to extraordinary length to accomplish this. It's not for free.
It is entirely about user surveillance as well as pushing their product on to their users because they have the install base. Google Chrome has become Microsoft IE6 in hostile user behavior.
If Google were focused on surveillance, why haven't they been collecting keystroke data (like grammarly) for years?
You either die a hero or live long enough to see yourself become a villain.
What did we expect when they dropped "don't be evil" from their company values?
A claim about as useful then as it is now. They never wanted to be anything but, once Sergei left. The Schmidt era had them publicly declare one thing while doing something else entirely behind the curtain.
They were corporate evil from day 1. The rest was just PR slogans, and playing the good guy as long as you don't need to squeeze profits.
I don't trust them either, but the same Google makes Gemma 4 available to run as locally and privately as you want, and those models are pretty amazing for their size.
Both can be true: they give a nice local model so you find it useful AND the chrome harness captures every token in and out for exfiltration.
LLMs are costing Google a ton of money in compute and storage right now. If they can farm any of that off to the users, it makes economical sense.
But yes, there is a 100% chance that logs will get sent back to Google too.
> But how can you trust Google to autoinstall one on your machine
Why are AI models something I'd be uniquely unable to trust Google to install, compared all the other code included in Chrome updates? Is your point just that you shouldn't trust Chrome in general?
Yes I would not trust Google or chrome. They have a history of class action lawsuits for doing shady things to users. Enabling them to condense data on your machine and transmit it however they want, should they choose too is suspect to me.
Google is probably still sucking up the contents of your LLM requests even with the model running locally.
Yeah, so unclear why yer again everyone is so quickly running for the pitchforks & torches. The model doesn't do anything, it's just a sandbox.
I'm really tired of such overinflated ridiculousness shrillness against Google. Yes there are very real tensions to this company and their as business is scary as heck.
But folks don't seem capable of processing duality, don't seem to be able to do much but ad-hominem until they pass out. Its really so exhausting having such empty energy charging in every single time, and it keeps obstructing any ability to think straight or assess.
I was waiting for Google to pull a local LLM onto Chrome/Android devices. It opens up some revenue streams that weren't easily possible before: for example the often memed "I was talking about cigars with my wife one single time and now all I see are adsense ads for cigars" gets much easier with a local model doing speech to text and topic classification.
> Yeah, so unclear why yer again everyone is so quickly running for the pitchforks & torches.
Cause everyone loves a good bonfire and a fresh hot roast.
> The model doesn't do anything, it's just a sandbox.
Doesn't that make it worse? They forced everyone to download 4GB of crap for nothing. They could have done one of two things:
(1) bundle the model with the application so you can tell ahead of time you're signing up for 4GB of bandwidth usage or
(2) make downloading the model some kind of opt-in thing.
Either of those would have worked. Just because you can easily tolerate 4GB of unplanned bandwidth usage doesn't mean everyone who can't is wrong.
The point is that what you're "sick of" isn't actually authentic human thought, but in reality you're responding to a recent european-driven propaganda campaign with the goal of deriding anything and everything related to US tech.
All that matters is some MBA product manager at Google was celebrated for shipping this. Hooray!
Everyone who implemented or approved this should be prosecuted under the Computer Fraud and Abuse Act (18 U.S.C. § 1030). If I was on a jury, I wouldn't hesitate to send them to prison where they belong.
A fair and impartial jury is a fundamental part of freedom. I genuinely cannot believe that we have been reduced to wanting to destroy the jury system to punish companies we don’t agree with. At this point, this is less activism and more weaponized disrespect for fundamental freedoms.
> That said, you might be surprised to learn that some of the models from 3b-9b could probably replace 80% of the things nonvibe coders use chatgpt for.
Really? I'm a total amateur when it comes to doing anything with local models but I tried a few in this range using ollama at this point, and they didn't seem to know much about anything, and I couldn't figure out how to get them to search the web or run other tools, so that was where the experiment ended.
A small local model that can use bash would be a bit of a game-changer for me.
The latest small models are now reliable enough at simple tools like web search I think. It's just afaik none of the user friendly harnesses like ollama or LMStudio have a real one-click setup flow for this. You'll need to download models and do a fair bit of tool configuration.
Local models are improving quickly so if you keep an eye open you’ll find something soon enough. But from experience, I’ll warn you that local models can lose the plot very quickly. Their little self arguments when they get stuck usually come down to:
- It failed? This must be a mistake, I’ll try it again. It failed? This must be a mistake, I’ll try it again because then I will complete the task (repeat about every six seconds until you rescue it).
- You know, the best way to deal with a permissions problem is to erase the entire system. That’ll definitely solve those pesky permissions and I’ll complete the task.
Which is why I uninstalled Chrome a (short...) while ago and my life went on unbothered.
I am amused when people fret about not using Chrome. I get it but… I have literally NEVER used Chrome. Perhaps I just don’t know what I am missing but the web seems to work just fine for me without it?
Half of the reason to use local AI is to circumvent the censorship that Google, OpenAI and so on have. I don't want this Google crap on my computer.
It's based on Gemma 3n, and it's not the best.
I find it works fine for simple classification, translation, interpretation of images & audio. It can write longer prose, but it's pretty bad.
It can also write text in the format of a JSON schema or regexp for anything you might want to do with structured data.
I wonder why they’re using Gemma 3 and not Gemma 4?
Google has been trialling the Prompt API in chrome for the over a year, so before Gemma 4 existed. But they are indicating they'll move to Gemma 4: https://groups.google.com/a/chromium.org/g/blink-dev/c/iR6R7...
So that the big news in non-tech news sites will be the update. Thus ensuring that this is received in a positive light.
I find models of this size (not tested this one specifically) at being very good at simple data extraction from user input. Think about things like parsing date and time of an event from a description or parsing a human-typed description of a repeating event rule.
this is considered a large model. i think you might be surprised how many "small" models chrome has already pulled down on your disk.
but to answer your question: one of the services that uses a small model: PermissionsAIv4
""" Use the Permission Predictions Service and the AIv4 model to surface permission notification requests using a quieter UI when the likelihood of the user granting the permission is predicted to be low. Requires `Make Searches and Browsing Better` to be enabled. – Mac, Windows, Linux, ChromeOS, Android """
I ran a fairly large production test of this and on _every_ measure except for privacy it was worse than a free tier server hosted LLM.
Not happy about that as I would like to see more local models but that's the current state of things.
https://sendcheckit.com/blog/ai-powered-subject-line-alterna...
> on _every_ measure except for privacy it was worse than a free tier server hosted LLM
Would you be able to compare this to other local models in it's class and a above that would fit consumer-grade hardware?
Something to do with serving more ads. My guess is they will use this to “better target” or to drain more information from you for their ads.
> It is a small model, so what utility can I / Google expect from it?
Precedence for shipping models alongside consumer software.
Potentially without consent if it truly is a silent install.
Those two (and more) exist in chrome://flags in Chrome 147. I'm disabling them now, with the expectation that will prevent the new default.
One option I'm leaving as default is "Use LiteRT-LM runtime for on-device model service inference." Any comment on that?
I'm on Chrome 147 too and disabled:
"optimization-guide-on-device-model"
- Enables optimization guide on device
"prompt-api-for-gemini-nano"
- Prompt API for Gemini Nano
- Prompt API for Gemini Nano with Multimodal Input
and deleted weights.bin and the 2025.x folder in "OptGuideOnDeviceModel"
Will report if Chrome 148 downloads the model again.
If you touch those files into existence and chown to root and chmod to 0, it shouldn’t be able to ever overwrite them right?
I'm on my phone now so I can't check if something has changed, but what you want to protect from change is the directory, not the files. A file can be deleted and created again if the process can write the directory.
yeah, should work. Will try readonly on windows too.
Now I can't see it anymore, but shouldn't the model be under chrome://on-device-internals/ -> model-status?
Maybe you can uninstall there too.
maybe I was on the wrong side of the early release but I’ve deleted this model many times in the last year. I’ve had it for at least 12 months.
thanks, went to flags in Vivaldi and just in case disabled all flags containing "gemini" and first five results for "model"
Those flags will exist already, but will default to enabled in 148.
That other flag is for using a different open-source inference engine to the (from what I can tell) closed-source one that's used by default.
Searching about:flags for model comes up with a whole bunch:
#omnibox-ml-url-scoring-model
#omnibox-on-device-tail-suggestions
#optimization-guide-on-device-model
#text-safety-classifier
#prompt-api-for-gemini-nano
#writer-api-for-gemini-nano
#rewriter-api-for-gemini-nano
#proofreader-api-for-gemini-nano
#summarizer-api-for-gemini-nano
#on-device-model-litert-lm-backend
Then around gemini but not caught by the search for models: #skills (maybe? I think this is implied by "gemini in chrome"?)
edit: I don't see a carte blanch AI disabling option. As much as I dislike Mozilla's growing obsession with AI, at least they give me a top level option to disable all AI stuff. I only keep Chrome around for occasional testing reasons.
Do you know if also Chromium has thesenfkags enabled?
Depends on where you get it. By default the flags will be enabled, but some packagers may choose to disable them. I haven't seen a major distro release chromium 148 yet.
Weirdly though, chromium won't be able to actually use the model even though it can download it, because the inference engine is a closed-source blob.
https://adsm.dev/posts/prompt-api/#which-browsers-support-th...
So my understanding of that is that the download happens only when sites call the Prompt API right?
Because my Chrome stable has been updated to v148 now, and I don't see any AI models in my user profile folder. My profile size is only 328 MB, with the Code Cache subfolder occupying the most space (135 MB).
In my understanding, yes. I wrote a blog post about some of the internals here: https://news.ycombinator.com/item?id=48028662
Next step: Invoke the prompt API from within online ads and run a "p2p" AI inference provider which forwards incoming LLM queries to website visitors. :-)
I believe webpages that use the API must request from the user via a system permissions dialogue to aces the prompt API, according the docs a few months ago.
It can only be called after the user has interacted with the page, but there's no dialogue from the browser
https://developer.chrome.com/docs/ai/get-started#user-activa...
An extra 4GB per user on our NFS home file server is going to be a huge pain (several thousand students). And for our Windows lab machines, they end up in AppData\Local (which isn’t redirected for operational reasons) so we either leave the profiles in place and let them accumulate (suboptimal) or clear out the profiles as we normally do and let it redownload, over and over again.
As much as I’m against unexpected 4GB bloat for an AI model, I’d much prefer it to install one copy, system-wide. 4GB per Windows or Linux lab machine, rather than a 4TB minimum load on our NFS server and 4GB downloads per user, per machine on our Windows labs.
Fellow sysadmin here. I'm glad to see somebody else thinking about the practical side of this.
Google should know better. Chrome has local administrator permissions anyway (w/ its updater) so they should have installed a single copy for the entire machine.
It's not cool to give a damn about the people who keep mundane stuff like desktop infrastructure, file servers, etc, working, I guess. The wanton disregard to even talk to a single in-the-trenches corporate sysadmin seems like malice.
Google has not ever cared about the real world implications of their browser decisions in the past. I can't say I'm surprised that they didn't start caring for this occasion.
Conspiracy theory: making the browser bigger makes it harder to run large quantities of headless versions, for all the useful (but anti-Google) things that enables. I suspect this is directly tied to the ongoing ascent of verification laws and other pieces of the drive towards authoritarian dystopia. They're basically DDoS'ing providers of browser-VM services with this.
Why not force a light-weight browser and prohibit Chrome?
That would create vastly more support issues. You don't get to choose the software your users need.
Indeed. We look after a huge, very diverse set of users (university science faculty - many thousands in our faculty, but tens of thousands across all faculties and professional services teams). According to https://gs.statcounter.com/browser-market-share Chrome has over 65% market share for desktops - not supporting Chrome would be overly restrictive.
Our users interact with a huge array of internal and external sites and web apps, virtually all of which will be tested on Chrome. Our LMS, collaboration tools, internal apps, SIEM tooling, HR systems, ERP, knowledge exchange partner portals - it's all been tested on, and works with, Chrome. And we're not in a position to force thousands of vendors to make sure their applications are standards compliant and work in less popular browsers (as much as we might like to). Not to mention the deluge of tickets we'd be dealing with when incompatibilities arise; banning Chrome would cripple us.
Google have backed us into a corner with this one by making a careless default choice that takes advantage of their market dominance and forces us to work around their decision.
Because due to Google having a near-monopoly on the entire goddamn Internet, a shocking number of websites and services will refuse to work with non-chrome browsers.
And even when they work with non-chrome browsers if you run into an issue, you won't be able to get it escalated without trying with chrome (or lying and saying you did, I suppose).
I stopped using chrome 15 years ago and de-googled my life 5 years ago. The hardest thing to let go in fact was Gmaps (most alternatives, until recently, were not great) and I'm still captured by android, but rome was not built in a day.
Quitting chrome these days is the easiest thing to do. The writing is on the way. You don't control the browser on your network, google does. ANd for better or worse, google's priority is AI at this time.
Sysadmins should take notice.
If the network is ~65% chrome and thus deemed painful, take the gradual approach. Do not push chrome on new devices or users. Watch that problem slowly go away.
> most alternatives, until recently, were not great
Curious to know, what viable alternatives did you discover?
> Energy intensity of network data transfer: 0.06 kWh per GB, the mid-band of Pärssinen et al. (2018) "Environmental impact assessment of online advertising", Science of The Total Environment [14]. The paper reports a 0.04-0.10 kWh/GB range depending on the share of fixed-line vs mobile transfer and inclusion of end-user device energy. 0.06 is a defensible mid-point.
2018? An estimate from 8 years ago is going to be off by a factor of 10 or so.
Not sure you'd get far with the legal arguments unless you're actually a lawyer. Too easy to misunderstand the jargon (i.e. the same reason why it's dangerous to use an LLM as your lawyer).
(As an aside, the whole thing reads to me like the style LLMs use; not saying for sure it was, just giving me those vibes).
This is the same guy who said that Claude Code was spyware because it makes a few Windows Registry keys [0]. I find it really hard to take him seriously.
Oh, one of those people. Gotcha. Back in the early days of my career (can't remember exactly, possibly 2010?) I tried making screensavers and gave them away on my website, someone followed me directly on twitter then tweeted to everyone that my screensavers were some kind of malware because… I'd named the main class as per the tutorial and somehow this looked scary.
Main class? Tutorial? I feel like you're leaving out important details.
Not really important, but if you're interested, I followed some tutorial on how to make a MacOS screensaver back in the Objective-C days.
MyMainWindow
0.04 to 0.1 kWh/GB is insane even for 2018 lol.
I have gigabit internet (125 MB/s). This would imply when I'm downloading something I'm using 18 to 45 kW of electricity. Completely bonkers.
It would also imply that it costs Google ~7¢ in only energy cost to deliver that file to you (using average EU energy costs), which is clearly non-sensical given the rates hyperscalers charge for network egress.
Additionally, the cited number also conflates wired internet (low power consumption) with mobile internet (higher), even though this model is only being downloaded to Chrome Desktop AFAICT.
I'd guess there is some offset power needed for keeping a "line" open. Like, 200 kB/s is not twice the power of 100?
When looking at the power consumption across the whole network path and not just a single link, most of the power draw is probably baseline static power costs of keeping all the routers and switches running. Which means that judging the impact of a download in terms of Watts per MB/s is a pretty bad way of analyzing this.
Clearly you're charging an EV to drive a jar of microsd cards with your data back and forth
1.8 to 4.5 kW.
This was my math:
0.1 kWh * 3600s/hr = 360 kJ
360 kJ / 8s (time for 1 GB) = 45 kW
Or, slightly more direct: .1kW*h/GB * .125GB/s * 3600s/h = 45kW
Those are some goofy numbers. Obviously incorrect.
You think the energy cost to transfer has dropped by 10 X in eight years? Why?
Long term historical trend, lots of small tech improvements that add up, like all other tech. Some of it's how antennas are higher gain, which puts more of the energy in the path from one end of a line to the other and wasting less (affecting both cellular and WiFi standards over this period), some is improved compute reducing the cost of routing, but as with the improvements to chips and batteries and PV, the list of things is long and each one only contributes part of it.
EDIT: got the maths very wrong with some other estimates, deleted them.
Seems reasonable to believe to me. The cost of a transfer is presumably calculated based on the base power cost of the transfer machinery, since I really doubt that a router or switch's power usage is linear with the amount of data it's transferring. The amount that an industrial router or switch (which is what 80-90% of the hops between you and Google are) has to have increased its bandwidth by around 10x over that time, and I doubt they have 10x'd their energy usage.
Eight years ago my internet was using a current over a copper wire. Now it's light through glass. The latter is much more efficient especially over longer distances.
Eight years ago, your ISP was already on light over glass, they just didn't serve it that way to your house.
Agreed. Also, complaining about the climate impact of an AI model download while opening your post with an ai generated image is peak hypocrisy. Did not bother to read the rest.
"Silently installs" is misleading. They are including a file in the package which is presumably related to the functionality of the software. I don't use chrome for a long list of reasons but it is not standard or expected to get consent for that.
There is, however, precedent for software alerting/asking the user to install “extras” or utility packs and showing the disk size that content will take up and even allowing the user to choose a location to store such things. Creative software does this all the time.
There’s nothing stopping Google Chrome from doing something similar except, I suspect, Google knows or feels it will result in many fewer installs of its bloatware.
That's a good point. "Downloads a 4GB LLM model without notice" would get a good amount of attention and be an accurate representation of the situation. The article undermines itself by misrepresenting the problem.
[flagged]
Rage bait? It's a fact about how some software handles downloading extra content. This issue and how ads on the web are served are two separate issues.
“Silent” seems appropriate given it historically never required such a large storage requirement and the nature of the new feature seems entirely optional; and it’s happening silently as part of a normal upgrade.
> it's happening silently as part of a normal upgrade.
No, this is not true. The large requirement comes after a user wants to use the feature, not as a part of the normal upgrade. If the user never engages with the feature, it's not downloaded.
According to above, it is triggered by the website calling the feature. The user might have no idea. That's not what consent looks like
> No, this is not true. The large requirement comes after a user wants to use the feature,
The feature that didn't say it would cost you 4Gb, right?
Are you okay with a 1 GB chrome install suddenly becoming a 5 GB chrome install on all your machines, without your permission or knowledge, for functionality you may or may not want?
Yes because in their mind corporate power is the only thing that matters in our lives. Not what people want, but what Google wants is clearly the only thing that matters for them.
It's a bizarre way of living your life.
They aren’t wrong, though. There is no incentive for Google to do anything else if 75 % of web users keep using Chrome no matter what happens to it.
100%. "Researchers Discover Chrome Uses Your Hard Drive to Silently Make a Copy of Everything you Look At Online" is ominous and scary and also an accurate description of how caches work. There's enough scary and bad AI stuff to discuss without needing to use scare tactics.
What part of rendering a web page needs Gemini?
What part of rendering a web page needs a local disk cache?
The part where you revisit or reload a site
Okay, then the part where I translate or extract text from an image or summarize a site is the part where I need Gemini.
> the part where I need Gemini.
This is like saying that the part of driving where you wash dishes is why you, personally, need a dishwasher in your car. There is no feature that would fail the challenge if you can always claim that you need it to render a web page.
Local disk cache is a standard and reasonable feature expected by the vast majority of browser users. You are being obtuse.
Look at how many headlines indicated that something is silently happening. It's a weird trend at the moment.
We live in a tech world where it has become normalized that perfectly functioning software that you used to buy once and then got to use indefinitely suddenly receives an "update" to put previously existing functionality behind a pain subscription. The reasonable expectation people have is that an update fixes security bugs and maybe includes a few optimizations.
So no, I don't think it's a weird trend at all that people start describing software as "silently" doing things when trust in automatic updates of software (a thing that software silently does) has deservedly gone down the drain in the last few years.
Its a salesman's foot in the door, except its near-invisible and gets to walk round your house.
No weird: accurate. It IS a silent install.
I wanted a browser, not an LLM.
Completely missing the point.
What is this link supposed to be doing? Does it need desktop Chrome to run, maybe?
They are installing a software package nobody expects and which isn’t need to run a browser.
Then what is your definition of "installing" exactly? Are you going to split hairs about it not being a separate program being installed and running in the background, but weights being used by code that is run inside the browser? Because honestly, I don't think there's any significant difference from the user's perspective here. Other than the fact that doing the latter bypasses the need to get permission to install a new program. Which makes it an even worse violation, in a way, since it undermines the trust that the browser as a platform is just a browser.
A 4 GiB model has nothing to do with the functionality of a web browser. It is something forced on users without their consent.
Of course that's what we get for giving the benefit of doubt to the company that insisted on learning the wrong things from the Google Buzz fiasco.
Install does convey something more involved than including a file, that's not splitting hairs. It is not uncommon for software to include malware that runs independently of the software you expected, and the headline is clickbait that taps into those concerns. I'm here for the concerns about bloat. "Downloads" would have been the right term to use but it doesn't sound as scary.
> A 4 GiB model has nothing to do with the functionality of a web browser.
Problem is, nor do half its T&Cs. What we thought was a web browser turns out to be a Google content delivery vehicle - and controlled by Google, not the target users.
> A 4 GiB model has nothing to do with the functionality of a web browser. It is something forced on users without their consent.
This does not happen. The model is not downloaded unless the user intentionally uses the feature that requires it. Then it's downloaded at that point.
Unless the user uses a feature.
That that feature (a) requires a local LLM, (b) will install a multi-GB download without telling the user, all happen without any explicit user consent.
untrue, I’ve deleted it many times in the last year. I don’t think this is new.
> "Silently installs" is misleading. They are including a file in the package which is presumably related to the functionality of the software.
Related... to the functionality of feeding the same profit and loss account, right?
This might be worth it if Gemma4 E2B were a good model, but honestly it's absolutely useless in all our testing without further training and finetuning, and those aren't usecases that are fit for normal web browser use such that one would care to support it by adding such overly broad and expensive infrastructure to make it happen.
Gemma 4 E4B is a much better model, but it's too large to simply download and run everywhere.
IMHO, this is jumping the gun. Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards. It would be better to wait until a smaller, better model ships before doing this.
Most users aren't even going to know that this is here. Web developers will expose this capability to the user. The devs will have to determine if the model is delivering what they need.
It's good to have something to work with if these Web APIs are going to be part of a standard. I suppose this means that ALL the browser vendors are likely to implement something
> I suppose this means that ALL the browser vendors are likely to implement something
Mozilla has taken a strong stand against the prompt api.
I had to dig around to see where they took the stand.
https://github.com/mozilla/standards-positions/issues/1213#i...
Mozilla makes great points. Even if the API is model agnostic, which it ought to be designed as from the very beginning to even be considered a spec, models can act vastly different.
Mozilla didn't say this but the user should at least be presented an option to choose which model (at least once) starting from day one, even if your browser only has one option available. That's assuming a universe where Google plans on actually being concerned about standards adoption.
Mozilla classically has taken a very strong stand against ever holding true to their values so we'll probably get one from them in a few months.
> Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards.
I wonder what that will do for the competition between hosted genai and local models...
This is what I've done after spending some time to look into it, this is for Linux Desktop:
Delete Chrome's silent 4 GB AI model file and AI
In Chrome, go to: chrome://flags
Search for and Disable these:
Enables optimization guide on device
Prompt API for Gemini Nano
AI Mode
Click the Settings (gear icon).
Go to AI Innovations and uncheck Enable AI assistance.
sudo rm -rf ~/.config/google-chrome/OptGuideOnDeviceModel
sudo rm -rf ~/.config/googlechrome/Default/OptGuideOnDeviceModel
sudo touch ~/.config/google-chrome/OptGuideOnDeviceModel
sudo chmod 400 ~/.config/google-chrome/OptGuideOnDeviceModel
sudo touch ~/.config/google-chrome/Default/OptGuideOnDeviceModel
sudo chmod 400 ~/.config/google-chrome/Default/OptGuideOnDeviceModel
sudo chown root:root ~/.config/google-chrome/OptGuideOnDeviceModel
sudo chown root:root ~/.config/google-chrome/Default/OptGuideOnDeviceModel
ls -l ~/.config/google-chrome/OptGuideOnDeviceModel
ls -l ~/.config/google-chrome/Default/OptGuideOnDeviceModelDevTools uses a server side model, and only after you opt in with explicit consent.
Or accidentally trigger it because you're using a key binding you've used for 15 years that, upon hitting an unexpected consent screen, triggers the consent button.
The following seems to keep Chrome from re-downloading this beast:
# From one's $HOME dir:
rm -fr ./.config/google-chrome/OptGuideOnDeviceModel
mkdir -p ./.config/google-chrome/OptGuideOnDeviceModel
touch ./.config/google-chrome/OptGuideOnDeviceModel/weights.bin
chmod 0400 ./.config/google-chrome/OptGuideOnDeviceModel/weights.bin
chmod 0500 ./.config/google-chrome/OptGuideOnDeviceModel
This has, so far, kept Chrome from (re)installing that file on my system.
Hypothetically the parts involving weights.bin aren't needed so long as the containing directory is not writable.
How hard would have been to add a simple message, warning people about it and offering to opt out? Most would have clicked OK without reading anyway, and Google could pretend they give a shit about users. Unless they expected blowback, and that kind of message is the "compromise" they want to eventually land on.
They don't want you to opt out. Then they can't brag to the shareholders about Chrome being "AI Powered"
You're not even the customer when it comes to Google.
Don't forget the metric saying "99.97% of user have installed this" even though less than 1% of users know it exists, much less use it
Or "25% of users have used this in the last month" when it's made so easy to accidentally trigger it that the real usage is a few % at most.
it could easily be "after we replaced an existing UI element with a button to launch this instead, adoption increased 9001% month over month"
at this point you're barely the product either. You're more a passive platform for them to execute their strategy on.
Totally agreed. I was thinking about how to word it but I was giving up.
But I would consider us users to be more like an asset on their balance sheet. Not something they would care about the opinion of.
More like livestock tbh. Only instead of wool or meat or eggs being harvested, it’s mindshare and attention that they depend on
Makes me think of that scene of Neo waking up from the Matrix the first time and seeing the "battery pods"... yeah...
> Then they can't brag to the shareholders about Chrome being "AI Powered"
Or at least justify the hundreds of billions they are burning
I was not happy when they added Gemini to the top bar, in its own place that nothing else gets to use.
They want to force the prompt API into being a defacto standard without getting buy in by the rest of the web standards body. Having it on by default serves this goal.
I think a local AI model is appreciated, but it being bundled and executed through Chrome, I expect that more or less all data get exfiltrated by Google.
They simply read your mails, how would you expect there to be anything resembling decency in a company like that? It is the ad business.
Bad thing is that people still use gmail.
Doesn't google already extract every single letter you put into the address bar as you type?
The idea that the model is local is just Privacy Washing. What's the chance they aren't capturing your prompts somehow? For "Telemetry" so they can triage bugs of course!
Is it really privacy washing? This author assumed people would think AI was local but I don't know anyone like that. Everyone I know who's not deep in tech only uses big hosted models and isn't aware that anything else exists.
I'm more inclined to think it's cost unloading. Move their cloud GPU costs to your desktop.
Presumably they think the fraction of their userbase who cares about this would be too small to justify the expense of adding a warning message. The mere existence of a warning message implies that there is something to be worried or concerned, about, a position they probably do not endorse or accept.
Framing 4GB of data moving in a world of petabytes of traffic as a specific environmental disaster is kind of a stretch, regardless of whether we want the model.
Your word might be of petabytes of traffic. Some people have slow lines. Some people have metered Internet subscriptions.
Not everyone has access to the same infrastructure you have.
Or just tethering abroad with an esim data plan... Just opening chrome would deplete your quota and leave you stranded. Google you are sick!
Surely it will wait when the connection is marked as metered.
I definitely trust Google's team (and large trillion dollar companies with sufficient resources to do this) to make reasonable choices for their users... said, perhaps, someone ever? Certainly not me.
(I wanted to write something far snarkier and sarcastic but getting annoyed at google is like getting annoyed at a lawnmower/Oracle. That plus HN guidelines.)
Yeah I have to run ski race software with slow and intermittent internet. It is things like this that can wreck the race and bankrupt the small club if we have to refund entry fees to an entire field. It really is brutal and real. Looking at you windows update and now Google and Chrome.
yeah 3 bucks a gig here for quite a while, finally got a kinda sorta unlimited connection recently. I scripted up a meter of sorts to watch my traffic and its amazing how much is just trash. video advertising of any sort is awful. there were many sites that if I just forgot about them in the browser window they would happily reload periodically and trash my days budget lol, then using "links" for just reading really shows off how many websites just reject you for not having javascript.
now I'm working on upgrading my computer lol
It's somewhat known that Chrome isn't catering to those users. They aim to deliver feature-rich experiences rather than be the de-facto browser for resource-constrained devices.
I'm not sure if this is satire, but chrome literally powers the web. It IS the web browser market. Chrome caters to everyone.
I do not agree: I live by the sea and this is exactly the answer I get when I talk about trash in the sea. I personally appreciate even more that kind of "stretch" then the privacy one (which could be another "stretch" on getting closer to 1984 scenario)
I guess you can write an article about every new gigabyte released, and we can use more gigabytes talking about it, but other than that I don't see that any one gigabyte of software I don't want is especially more noteworthy than any other gigabyte of software I don't want.
An xBox game can be 50+ gigs. Millions of gamers. Fire up the presses!
I'm not at all saying nothing matters so we shouldn't care. I just disagree about the utility of calling out specific things out of proportion to their place in the climate crisis. Tackle AI, yes, and fast fashion and cars, and ... that one change to Chrome? I guess if that's where you want to put your energy, Sisyphus.
I don't see that any one gigabyte of software I don't want is especially more
noteworthy than any other gigabyte of software I don't want.
> An xBox game can be 50+ gigs.
In my experience a game worth playing never exceeded 1 (one) gig in size.
It is only incompetent creators that feel the need to bury their incompetence under gigabytes of irrelevance.
The last 5 years of Game of The Year (Astro Bot (2024), Baldur's Gate 3 (2023), Elden Ring (2022), It Takes Two (2021), and The Last of Us Part II (2020)) are all nearly 45 GB+. All of them are incredible games spanning a vast series of game style (coop puzzle, solo platformer, stealth, ARPG, RPG) and animation.
Stardew Valley, universally acclaimed and not graphically intensive at all, still takes up nearly 2 GB of space.
Your view on games is not grounded in the reality of modern gaming.
Chrome is used by about 3.8 billion people [1]. So, if this is rolled out to every chrome user over the next year or two, this would generate about 15 Exabytes of traffic. It's difficult to find accurate, useful numbers on this, but lets assume 29 grams of CO2e per GB, this would be about 450k tons of CO2e. This in turn, equates to average household CO2 expenditure of almost 300k households.
So make your own judgement, but this seem pretty significant to me.
[1]: https://www.aboutchromebooks.com/global-chrome-user-base/ [2]: https://www.iea.org/commentaries/the-carbon-footprint-of-str... [3]: https://www.anthesisgroup.com/insights/what-exactly-is-1-ton...
This is about the same as each of those people streaming a movie to their TV. There's no there there.
They do that anyway, so it's in addition to that which is the parent's point.
> but lets assume 29 grams of CO2e per GB
29 grams for something that takes most folks less than 20 seconds to download? How many watts (neglecting the machinery was going to be running regardless of whether you are transferring something!) do you think it takes to transfer data?
https://www.eia.gov/tools/faqs/faq.php?id=74&t=11
Coal, the absolute worst of all, represents 18 grams over 60 full seconds to produce 1000 watts of power.
Most folks have >400Mbps connections now (ignoring frame overhead, unsaturated pipes, TCP window size scaling time, etc.)? That’s amazing news.
Traffic is not homogeneous in total transfer cost. CDN-hosted data at the edge, close to the user is much cheaper than data that has to transit many hops. At the asymptote, transferring data between machines on the LAN is essentially free.
Yes and this is just the first version of this model. As if there won't be an update (complete replacement) of the model every few months.
Other comparisons:
About equal to a major iOS update at 8 GB x 1.5B.
Netflix and YouTube together are perhaps around 200EB/month.
What is a lot of traffic to you?
2.5 million downloads of 4 GB are 10 PB of traffic.
I think there are be a lot more than 2.5 million Chrome users in the world.
More data moves in your average playstation system update than that. Steam probably transmits more in a morning than that
There are far more Google Chrome users than probably PlayStation & Steam users combined.
Also, someone installing Steam is going to expect large downloads, hell, the platform tells you the size as you're about to start the download.
I don't think anyone expects a browser to suddenly download 4GB, let alone behind their backs!
Have you ever watched a 2 hour lecture on Youtube? Next time check the memory consumption of the open tab.
A 720x400 two-soundtrack rip of first season of 'On becoming god in central Florida' is only 5.5G. That's 10 episodes. Now what you were saying about 2-hour lectures?
Valve published some numbers of this.
11.42 petabytes per hour, and roughly 190,000 GB per minute and 100 exabytes delivered in 2025.
You only download it when some JS requests it for the first time, most people will never have it.
I never intentionally used any AI features in Chrome but first was made aware of the models when my disk was running out of space. I investigated with a disk usage tool and found I had multiple versions of the model in my Chrome directory taking up ~12gb. This was about half a year ago and maybe I was in a bad experiment or something but it's definitely not opt in or user visible. Less tech savvy people will have a really hard time understanding why their disk space is running low.
> You only download it when some JS requests it for the first time, most people will never have it.
i certainly never activated it willfully. i use Chrome only as a fallback testing platform for web dev - a handful of times per month - yet both Chrome Stable and Chrome Unstable had installed this 4GB monstrosity in my home dir. 8GB of junk i'd never used. Both have since been uninstalled and replaced with Chromium.
You estimate more or less than 2.5 million?
If you google OptGuideOnDeviceModel, there’s already a lot of results of people asking what it is an how they can delete them. It’s not some kind of obscure niche feature.
I wonder when the first crypto miner-like malware appears that offloads model usage to the client computers.
Amazing how many people missed the "environmental disaster" part of this post and are talking about personal inconvenience.
Sorry folks, your low bandwidth situation is not, in fact, a climate change emergency.
And adding climate hysteria here diminishes the climate change argument generally. It's like "the boy who cried wolf".
The same old individualistic fallacy [1] of highlighting individual effects to hide global effects, all while compromising user privacy. In reality this will be continuous million of devices downloading these useless weight files.
[1] Used since forever by the Tobacco & Pharmaceutical, Fossil Fuels & Climate, Food & Diet Industries.
60.000.000 kg ÷ 1.000.000.000 user
is about 60 gramms of co2 per user?
Which ullustrates that humanity has reached such numbers that the smallest collective change has an enormous impact.
How do you propose maintaining the living conditions you've become accustomed to without the system we have currently, as shit as it is?
There’s the problem: we want change without giving up the things we’re accustomed to. We’re locked in.
By "the things we're accustomed to" you mean food, jobs, healthcare, education?
You had food as a barbarian. Job wasn't needed because you weren't enslaved by your feudal lord, healthcare and education being the only benefits of civilization... largely benefits for the rich and not the peasantry I might add
The basis of so much of Microsoft's complacency (and why the MB Neo was such a nuke to the entry-level laptop market).
It's pretty terrible how much this kind of dynamic rules over tech. I'm not a 'capitalist', but god damn if competition isn't the most important thing to prevent total enshittification.
There are multiple problems here.
For one, not everyone in this world lives on high bandwidth unmetered connections. In Germany, you got a lot of people still running on 16 MBit/s ADSL, that's half an hour worth of full load just for AI garbage. With the average 50 MBit/s, it's still 10 minutes. For those running on hotspots - be it their phone with often enough 10 GB or less on your average data plan or train hotspots that cut you off after 200MB - the situation is similarly dire.
The other thing is storage. I got a nominally 256GB MacBook Air. Of these 256 GB, easily 50GB are already gone for macOS itself, swap, Recovery and everything that macOS doesn't store as part of the immutable partition (such as, you guessed it, its own AI models). Taking up 2% of the disk space without consent is definitely Not Cool.
Another angle is the processing cost, I assume Google is seeking to offload the computation for whatever features this covers from their own data centers to end users. On the scale of billions that's probably measurable and from google's side worth doing whether the users is paying for the service or not, and each of them will have more power usage with some reduced battery life on portable devices. At that scale I'd also wonder about efficiency based on what proportion of end users are using AI or running it on CPU/GPU/NPU.
The climate concern pearl clutching is pure muckraking. The author doesn't care, they're just looking for some sort of controversy. Do they (or the other seemingly horrified commenters) know how much data is transferred during a single evening of watching HD streaming video?
In 2026 4GB of data is not going to have any measurable effect on the climate.
There's a level of hypocrisy involved which is truly absurd. Literally no one reading this is going to curb their data usage. They'll just try to justify their outrage with farcical strawman arguments to be pedantic and then go binge watch some Netflix series without another thought.
The next Netflix breakout show will burn this planet to the grounds :)
Netflix does not store 4gb on your drive...
and people on very limited bandwidth and/or speed don't watch Netflix (or do so at most at 1080p) and if they watch netflix they are fine with clogging up their internet as it isn't some random backround download hindering what they want to do but what they are actively doing
I would more worry about storage space on some laptops with pretty small SSDs like 192-256GB of official capacity prior installing Windows, 4GB of that is already pretty significant part of storage space for something which should be opt-in.
Its unsollicited. Not everyone has fiber either
not just fiber, e.g. Netflix requires "only" (reliable) ~15Mb/s for a 4k stream, that means most people in most countries feel little difference between ~25 Mb/s and 1Gb/s in their "every day" usage. Sure it's a huge difference if you download a 80GiB AAA game, or preload a 4k movie. But in my experience (which definitely doesn't apply to all countries) a lot of non tech affine people don't do that that often an if they do it (e.g. movies before travel) they tend to do it over the night so it still works out just fine with not so fast internet.
So for a lot of people paying for more then 25-50Mb/s (pro person) makes only sense if it isn't too costly. Hence I rarely see people going for more then 250-500 Mb/s even iff 1Gb/s is available and they have money. And for non-gamers with little money, I mostly see them with ~50Mb/s (or paying for 50Mb/s but getting much less due to old wires :( ).
(Also IMHO The more important things compared to 1Gb/s is how much of the bought bandwidth is reliably available at all times _with good latency_...)
Agreed, my eyes rolled hard at that. Definitely more of an F-U to users with bad connections than anything else.
I mean, with the price of SSDs lately, 4GB is not a completely negligible addition.
It is sad that this terrible comment inspired so many responses. It is 4GB of traffic for one person, and I am not aware of any single person who is moving petabytes of traffic.
Comparing a single person to the entire world to make the inconvenience to or violation of a single person seem small is deliberately and thoughtfully deceptive.
Why not 4TB in traffic and storage for chrome, then? In a world of petabytes of traffic, it's a feather. What's wrong with jailing somebody wrongly for 20 years in a world where millions are jailed, many wrongly, often for lifetimes? What's a lost finger on the job when there's a genocide going on?
Not on my devices. Auto update has been abused so often now that it is an embarrassment to the industry. Auto update should be for bug fixes and security issues only.
Auto update is basically a root backdoor, it's especially troublesome when you are not the customer, you are the product!
Yes, which is why I use paid-for OSes and browsers, instead of free ones like Linux or Firefox. I don't want to be the product.
I think with Windows you probably are the customer and the product
Cory Doctorow had an essay about that years ago, except he didn't artificially limit it to Windows:
"Even if you're paying for the product, you're still the product: Incentives matter, but impunity matters more."
https://pluralistic.net/2022/11/14/luxury-surveillance/#liar...
Why is nobody building a paid for browser with built in search engine and LLM assistant? Should probably make it open source for transparency. And before anyone says you would build/compile it yourself if it was open source, those ppl are already running their self compiled tools and are not the target market.
Isn't that essentially Dia? (Pro is 20USD/month.) https://www.diabrowser.com/
(I miss Arc, such a shame it only gets security/chromium updates now ...)
And I think Codex's desktop client has a built-in browser now? At least I've seen someone using something like that. Nevermind Atlas is a thing now too. https://openai.com/index/introducing-chatgpt-atlas/
(Tell me if I'm misunderstanding you?)
Who would pay for it when literally every other option has been free for a lifetime?
With Linux you can control up to the detail any auto-update, and any update in general, all the way to being able to inspect the code.
With GNU/Linux, yes. With Android/Linux, not so much. [1]
(I used to dislike this "GNU/Linux" term, it seemed unimportant - Android showed me why the GNU part of it is)
I don't think anybody implied or thought of Android in this subthread, just because it nominally runs the Linux kernel. I for sure understood it as just "Linux = whole OS-level distros of the laptop/PC bound type" not "anything with a Linux kernel even if it's a proprietary mobile phone OS".
Only if you have the closed-source Google Play Services... Just like desktop, there are plenty of Android distros like LineageOS
You are still the product with commercial OSes. Paying doesn't stop them from shoving ads and telemetry wherever they can.
Man, this is a dumb take even by HN standards.
No, the dumb take is believing that if you pay for something you are not the product anyway.
I definitely feel less a product on macOS than anything Google-orientated. I don't know where Windows fits into that exactly, given "paying for Windows" is not really how it's even seen, given major updates were 'free' (with extra ads).
He meant the face-value of your comment is dumb.
But I think it as sarcasm is also wrong.
I'm on an Arch flavor, so its whenever I feel like updating. I try to update frequently enough, but if i wait weeks or months, nothing breaks, it always just works, and I get the latest of everything.
This is exactly how it works on Debian. Can recommend.
Guess what runs my PC. Tech companies just don't understand consent.
It is almost the standard:
Q: Does <company> understand consent?
A: No / Maybe Later
Q: Does <company> understand consent?
A: No / Maybe Later / we did it anyway, you'll need to search to find out how to turn it off, maybe ask the new AI model we've just back-door installed?I think they do. They just don’t care. We’re the fleetingly small percentage of nerds in the corner who will notice and complain. Were useful to them for other reasons but we’re not really the concern here.
It’s probably a business misplay to tell the other 99% of users about something they weren’t going to think about. But if by chance it goes awry and there’s outcry, just apologize and commit to do better.
> ... don't understand consent.
The word you're looking for is "respect". They understand consent, the same as JBS* understands animal rights.
For anyone else wondering why that link doesn't work, the hacker news formatting is dropping the final period. Add it back in and the link works.
There is a difference between
- software company decides to release a new version and auto installs it for everyone who has the old version (like Google Chrome)
- software company decides to release a new version. The Debian packaage maintainer checks if the update is fine, is compatible with Debian policies, then includes it in the packages repositories.
In the first, there are no checks. In the second, there are.
Yes, and it is precisely that kind of curation that makes Debian as valuable as it is.
Why use a browser from Google or Microsoft in 2026? Why in the world?
I have no idea but when I mention Firefox my colleagues under 35 or so literally think I'm joking.
When Google stuffs AI into everything, people shrug. Can't expect anything else from big tech.
When Firefox does it, it sparks outrage across the internet, with entire forums filled with people vowing to leave Firefox forever and switching to something like Waterfor or Ilp/Zorp/Floop instead.
As a result, searching for experiences other people had with Firefox makes it sound like hell on earth, while people have little more to say about Chrome other than "Google gonna Google, but it's fast at least".
> When Firefox does it, it sparks outrage across the internet
i.e. when firefox does it, people wonder why they aren't using chrome. That's the entire point. The only thing that makes firefox attractive is if they don't do what google does, and they do almost everything google does.
Even if it results in extended campaigns of complaints and hostility from their most devoted users, and the loss of 95% of their installs. As far as I can tell the only thing they backed down on was destroying ublock, and that's because they recognized that it was an existential threat to firefox. The 3% market share that they have now would have become 0.3%, no matter what google did to prop them up.
I certainly don't recommend firefox any more. The amount of effort I have to go through to get the standard 2010 experience quality is absurd and I can't expect anyone else to think it's worth it. It's not worth it to dodge any of this bad behavior anymore, it's industry standard. Going through the effort of dodging it makes you stand out more, and makes you more trackable and targetable. For me it's just compulsive, and my values don't change when the values of the crowd changes. But I can't expect anyone else to download and maintain a git repo that allows you to have basic control over your UI, or to fill out captchas after every pageload.
If you're going to use plain firefox, you might as well use plain chrome. Both of them have the same degree of respect for you, and both of them are owned by the same company. Using plain firefox for freedom is like using an Android phone for freedom. It's amusing that google gets to play the "bad guy" in one of those stories (browser wars) and gets to play the "good guy" in the other (mobile wars.) It's all keyfabe. None of these companies are competing with each other.
> while people have little more to say about Chrome other than "Google gonna Google, but it's fast at least".
Wise words.
Mozilla is nice enough to let you opt out.
I'm in my 40s I have no desire for this new technology unless we get the kind of AI from Japanese anime.
I, being a Firefox user with practically zero Chromium use, would air my grievances when the Mozilla does something I disagree with more than I would when Google does. And I would expect that most Firefox users are of the kind who have strong opinions about how their computers work.
You wouldn’t throw the same fit if [insert dictator you don’t have high expectations of here] shot a hundred random civilians compared to if your government did, no?
> would air my grievances when the Mozilla does something I disagree with more than I would when Google does.
Mozilla doesn't care about your grievances. It collects lots of telemetry about you by default, and has recently officially removed the obligation not to sell your personal data to third parties etc. It also plans to "introduce AI" into its browser.
> And I would expect that most Firefox users are of the kind who have strong opinions about how their computers work.
On the contrary. Those people have moved on, or are in the process of moving on, from Firefox itself to more privacy-minded forks. Like Palemoon, LibreWolf and maybe Mullvard.
> When Google stuffs AI into everything, people shrug. Can't expect anything else from big tech.
Because this is something expected from Google. Google has never committed to security, but Mozilla did.
EDIT: I meant privacy, not security.
Google has invested significantly in security. I believe you are referring to privacy?
This is a significant point. To many people security includes privacy, which is a fair assumption: in a non-evil timeline user privacy will be one of the first-class components high on the priority list for being secured. Unfortunately companies and the people high up running them only care about their own privacy¹, everyone else is expected to be grateful that we are being stalked so we can be targetted for sales purposes.
--------
[1] Follow one of them around the way they track us online, or let out a bit of information about, for example, their tax affairs, and see how fast lawyers or law enforcement arrive on your doorstep…
Google has invested massively into security. On various platforms (non-Chromium Linux excluded), Google Chrome uses advanced defence-in-depth that make Chrome much more secure than Firefox on the same machine. Their origin-based process separation make Chrome a memory hog but protect tab processes from each other in a way Firefox doesn't bother with just yet.
Chrome may be a privacy nightmare, but in terms of security it beats Mozilla.
Same could be said about Windows vs Linux back in the day, but as another person already pointed out it doesn't make sense when the owner is one of the ones you are trying to protect yourself against.
Also, as it turned out, Windows wasn't much more secure than Linux, and I guess we'll find this with Chrome as well. In fact I wonder if this isn't obvious already now that uBlock Origin doesn't work on Chrome any longer?
Besides, isn't Chrome approaching 20 years now and I still cannot have tree style tabs on it so it is still a toy browser meant for causual browsing, not work ;-)
Defense is not very meaningful if your browser is provided by one of the parties you need to defend yourself yourself _against_.
They've been consuming 15+ years of anti-Mozilla rants anytime it or Firefox are mentioned online.
It's how you get things like "Browser monocultures are an issue, so don't use Chrome (Blink), use Brave (Chromium (Blink)) instead!" said in earnest.
Or simply they haven't heard much about it at all, don't care, and chalk it up to OP being some sort of an odd hipster.
Man, so many things could be better if people cared.
The more time goes on the more I feel like I live on a different planet. Even things like "shouldn't you be able to decide what software you run on the stuff you own?" gets blank stares.
Hello fellow extraterrestrial
Old heads checking in... Back in my day, we had an exposed file hierarchy and we liked it!
Is anyone disagreeing with that statement?
Yeah, among other things when I'm supportive of sideloading and disappointed that it's being greatly restricted on Android.
I’ve been using Firefox for 20+ years and continue to do so, but let’s not pretend that Firefox hasn’t been an embarrassing shit show for most of the past 15.
10x better than safari and it won’t consume all my RAM like google, so not sure it you’re just repeating what you heard or if you mean what you said
I’ve been a Safari user for over 20 years. Every year or so I go on a journey to switch to something else. I’ve use Firefox (LibreWolf, IceWeasle, etc), Chrome (Edge, Arc, etc), Camino, OmniWeb, Orion, Opera (I was primarily an Opera user before Safari), and more. At work I use Edge for weird corporate reasons that I’m not thrilled about.
I always end up coming back to Safari for personal use. It seems to do the best job getting out of my way. I am annoyed by how Safari now handles browser extensions. I’d like them to take a page out of Orion’s book and support both Firefox and Chrome extensions. However, I generally have very few extensions, as they tend to slow things down, so this has been a relatively minor issue. The main things I’ve wanted extensions for in other browsers (like word lookup) have come out of the box in Safari (or Apple platforms as a whole) for quite a long time.
You can likely run Firefox Portable from PortableApps.com on your corporate Windows machine. Just make sure you're not running afoul of IT policies. Disclosure: I make it
I’m on a Mac these days at work. I used to use and recommend PortableApps a lot back when I was on Windows, thanks for making it.
Safari is better than Chrome and FF in enough ways I'd argue it can be considered the best of the three, even to people in tech. The dev tools are just way behind.
> 10x better than safari and it won’t consume all my RAM like google
Using the 3 regularly, no, Firefox is not "10 times better than Safari". Though, yes, Chrome(ium) is a ressource hog.
I'd recommend checking out WaterFox. It's what I switched to when I finally got sick & tired of Mozilla's shit.
i really feel like trying this out as a quasi-firefox user, but i've really started to love and appreciate Zen for its UI :( wonder if there's a Waterfox X Zen alternative.
EDIT: whoops, should've scrolled down a bit on the website, looks like Waterfox has vertical tabs as well. damn, probably going to try to migrate to it sometime soon...
EDIT2: of course supports firefox extensions as well, perfect.
Firefox has vertical tabs as well, and it is a lot less bloated that the extension one I was using.
People keep saying this like it's just conventional wisdom we all supposedly agree with. I think it's a string of tech articles and spiraling comment sections searching for drama that's kind of been a self-perpetuating phenomenon over the past 3 or 4 years the majority of which I think has been extremely unfair and mostly just based on vibes. If you actually scroll through HN and read the criticisms, they tend to trail off into vague phrases like "all the stuff they've been doing".
If people read the release notes instead of the comment sections, not only would they have a lot more specific knowledge of the work going into the browser but they wouldn't be locked in this cycle of outrage and escalation that normally you only see in YouTube comment sections.
If Mozilla fired its CEO for a private political donation from 10 years earlier, it will not hesitate to do much worse to its users. Mozilla isn’t on the good side here.
He’s the founder of Brave, by the way.
He’s the founder of Brave, by the way.
a private political donation from 10 years earlier
Brave also got caught hijacking links and swapping in their own affiliate codes
https://davidgerard.co.uk/blockchain/2020/06/06/the-brave-we...
16-18 years ago. Is bigotry always a permanent condition?
At that time, it was 10 years ago, which is what I was responding to.
Is bigotry always a permanent condition?
Has he apologized?
You know, you're condemning most of California. The measure he supported won the vote. Would you like to drive all of them out of their jobs?
I wouldn't want to use anything that earn them money, if I could avoid it. That it was half the population doesn't change my view.
I understand that it is difficult for me to shun (which is basically what I'm talking about) so many people, or to even know if they should be shunned, but it would definitely be my preference.
its almost like Google, a marketing company with a serious requirement for data mining, could be talking shit about Mozilla...
I mean ... frankly, and I say this as a guy who's used solely Firefox since before it was Firefox all the way until 2025 when I finally got sick & tired of their shit... (now on WaterFox because I refuse to submit to the Google browser monopoly)
... Mozilla absolutely did this to themselves. Come think of it, they really remind me of what Microsift's been doing with Windows.
I still don't understand what problem you guys have with Firefox. I really don't, and comments like yours are always very vague and seem to assume that it's obvious.
For me Firefox is (slightly) better than is used to be, not by a wide margin but it's not gotten worse either.
I've been running it since it was Phoenix so I think my experience is at least somewhat valid, which is why I'm so confused by these comments.
Are you referring to technical implementation or the poor anti-privacy decisions they keep making when you say 'slightly better'? I have not given up, but I am profoundly disappointed and for somebody who says they have used FF for so long, it feels like I am being gaslit when you say they are peachy.
People have problems with what they choose to program, not the quality of their code. I too have used FF since the beginning, but switched to Waterfox last year (it took me about two years to make that decision - I didn't make it lightly). I chose WF in large part because its profile remains compatible with FF so I can switch back if they calm the F down and start acting normal again for long enough to rebuild some trust.
https://en.wikipedia.org/wiki/Criticism_of_Mozilla_Corporati... - start at the end for most recent.
Also go to the website of any one of the FF forks and read their reasons for existing. For example:
> Are you referring to technical implementation or the poor anti-privacy decisions they keep making when you say 'slightly better'?
Which ones are you talking about? I'm talking about Firefox, not the Mozilla Corp to be clear.
You’re not alone. Been a user for years and I still don’t get the hate.
Having said that, I keep a copy of Ungoogled Chromium for those websites that refuse to test against FF.
Could you list some of the major grievances you have with Firefox? I haven't been following the news very closely
Is Vivaldi any good?
I've switched to it some months ago and I like it. It's based on Chromium, so switching from Chrome is almost seamless
Even if it is, you can look at it like Chrome on launch. It was good then, but has become belligerent because they can.
What browsers would you recommend? I use Brave but it's still Chromium under the hood. It's the only one that I never had trouble with adblock though. Also lets me play youtube on mobile when my screen is locked.
Brave origin on linux looks pretty solid now. Now I'm using that and Librewolf.
I will never use Brave after the debacle where they injected content into sites downloaded over HTTPS to pretend people were promoting their crypto token and adding a "donate" button on the page.
That made me avoid it for a long time but there hasn't been more concerning behavior since, so some point, we can move on.
I just checked it out, but it removes Tor access? It would pretty much downgrade the regular browser
I think using tor in brave just makes you stand out more - stock tor browser is probably a better setup. Whonix even better.
It helps if you're doing mundane things and want to help people who need to mix their sensitive traffic with it.
More people "legitimately" using Tor makes it less likely to have its exit nodes outright blocked, as well, and assuming all traffic from them is malicious.
That's charitable, but even then you probably want to avoid fingerprinting...
Firefox.
is it as greedy as chrome for the ram?
In my recent experience: definitely yes, though not significantly worse. Unless you have [many] hundreds of tabs open (which I do as I have neither executive function nor organisational skills), or have a machine with very limited RAM, I don't think you'll notice a difference.
This is anecdata, of course, take with a pinch of your preferred flavouring powder.
Chrome on Windows is running with thousands of tabs "open" over dozens of windows, but it does practically max out on a certain number of tabs per window (not just the GUI, but something in the memory architecture), and it does stack fat cache which will crash the whole thing if it digs deeper than your available space.
Windows even runs (semi-playably) 2020's shooters in this condition, though you need to kill any windows close to the tab limit that are full of recently opened tabs.
[Yes, I know, the horror]
Yes: https://www.phoronix.com/review/firefox-chrome-2026/4
> Chrome also came in at slightly lower memory consumption across all the benchmarks with total memory usage on average at 4.67GB to Firefox at 4.83GB.
[flagged]
Yes, actually!
Well, it does require you to install an extension[0], but it can be done.
Thats good to know, but I am a "out of the box" person. I never want to have to manually install extensions as thats just more stuff to remember when setting up a new machine. Yea thats a me problem, but still.
It used to support it out-of-the-box as well, but it's technically against YouTube's ToS to allow this without paying for a premium, so now you need this as an extra hoop.
Why should a browser be policing YouTube’s ToS for them?
Agreed, this sounds strange indeed. Much more likely is that Google found a reliable way to detect the screen status using a standard feature and Mozilla just implements the standard neutrally
You don't install software on your machines that didn't come pre-installed/configured?
They're literally asking for a paid YouTube feature to be free "out of the box". Lol wild.
Nah I want general media playback in the background. Doesn't matter if its Youtube or any other platform. I dont want giga corpos to monetize my attention. Youtube does well enough from ads anyway ;)
Even youtube's app itself doesn't allow that unless you pay. I suspect they've nobbled most browsers into not allowing it, either by technical measures or (more likely) the strong-arm tactic of saying “if you don't block this we'll find a way to make the entire of youtube practically unusable on your browser”.
I've been using Grayjay recently which does allow that, amongst a number of other useful features (integrating other media sources, lack of adverts every few minutes in some content). Might be worth considering as an option.
It allows you to play youtube without ads with ublock origin.
I used ublock origin for a while, but I kept having issues with it on Youtube due to Youtubes anti adblock measurements. Brave for some reason always had a fix for it pretty quickly, so I never experienced these issues with it. Maybe I could try a different browser again on my next machine.
In iOS kinda yes; you have to request desktop version, and once you activate the lock screen for the first time you have to press “play”. Then it just plays and auto plays in the background.
Don’t know about android, but there is also an extension there that blocks the visibility page api for YouTube.
Why not simply use NewPipe [0]?
You also get ad filtering and you can download Audio/Video streams from within the app.
You can play yt video in firefox with locked screen but you need to use desktop mode
Arc is still great on macOS (not so much the Windows build, essentially an abandoned beta) even if it's not getting active development anymore.
I'm defaulting to Firefox ever since I moved my desktop to CachyOS, but I need to either reacquaint myself with its add-on situation after a long arc of using "chrome alternatives", or migrate to something else niche. Vivaldi was what I was sold on before Arc caught my attention through its wonderful UX/UI.
I heard Arc was abandoned and not getting any more work because they were moving to their new AI browser. So, Zen has replaced it for me, and it is based on Firefox which is nice to avoid the chromium
> Why use a browser from Google or Microsoft in 2026? Why in the world?
There are only three major browser rendering engines. One is Gecko, by Mozilla. One is Webkit, currently tended to by Apple. And one is Blink, which is Google/Microsoft. Of those, Blink is the most featureful. That's why.
> Blink is the most featureful
It’s not a waste of bandwidth and disk space, it’s a feature!
I agree. This is Google doing underhanded Google-things. Why the hell would anyone trust them in the first place?
Google's "don't be evil" motto already felt ironic over a decade ago, long before they even replaced it with "do the right thing [for shareholder value?]".
Exactly my thoughts. There are so many good alternatives already, it's insane to me that people still use this garbage. LibreWolf is a godsend
Easy. You work for a company that has only whitelisted chrome or edge.
Nothing says you have to use the same browser at work and outside of work? I use Edge for work, Firefox everywhere else.
I use Chrome because at Google Meet it renders a nice separate window with mute/unmute controls as you switch to another tab and screen share.
Curious if Google plans to allow other browsers doing that too.
You could use Chromium just for Google Meet. That's what I do. I have Chromium relatively up to date that I basically solely use when I need to. It can be Google Meet, or Teams, or whatever was purposely botched in order NOT to work with Firefox, basically sabotage, but it can also be very rare cases like Lego Spike or GrapheneOS Web installer which require WebUSB.
99.99% I do not need Chromium but when I do, it's worth the ~200MB of used space.
That's exactly what I do with Chrome, use it for Google Meet and some websites that work best in Chrome (heavy apps like Figma or whatever). 99% it's Firefox.
i use chrome enterprise for my personal use, which is managed via the google workspace admin.
you would think google is not stupid enough to mess with gcp account holders
Because ladybird isn’t alpha yet, and Firefox is a mess.
What mess? I only ever used Chrome as my main browser for a short while when Firefox had become rather bloaty and had slow JS, and Chrome was small and nimble. But that was something like fifteen years ago. Firefox works, is plenty fast these days, and only eats most of my RAM compared to Chrome which takes all of it, and serves me a web devoid of almost all ads and most trackers.
From a funding standpoint there’s no future to Firefox. They will get brought Mozilla foundation is an investment fund now. Firefox it dead weight.
They push millions of lines of code every quarter including thousands of patches, constant security updates and performance improvements and deepened support for web platform standards. As open source projects go, it's probably one of the most active and thriving ones there is. As eager as some people are to dance on Mozilla's grave, that day isn't coming anytime soon.
If you wanted to point to the year where they've been the best financed they've ever been and where they've had the most resources invested into browser development they ever have, that year would be 2026. Only to be exceeded by 2027 and then 2028, 2029 and beyond.
At a bare minimum, their endowment gives them probably a two to three year firewall in the event that their funding is cut off, which it hasn't been. I also thought the accusation was supposed to be the other way around, namely that we all knew they were going to get funded into perpetuity as controlled opposition.
Firefox has a complete UBo unlike the Chrom* corporateware turd which is just Microsoft 2.0 from Google. Chrome instead of IE, and propietary JS code for Google services such as Youtube -deliberately made slower in Firefox- as the new Active X shoved down your throat in order to keep a monopoly.
With Librewolf I can get proper WebGL, full UBo -with the AI blocklist too to avoid all the slop- and Bypass Paywall Clean from Giflic or whatever was called. Yeah, eh, y local newspaper won't mainly get adverts' money but the rest of local company ads show up well even with UBo/BPC, so they get some money after all.
On RAM usage, Librewolf it's far lighter on the long term and it doesn't ping back as Firefox, and many times less than Chrom* based browsers where, I repeat, Chrome based browsers don't allow UBo any more even if installed from their Github repo enforcing some about:flags variables related to legacy extension support.
The web today without UBo it's unmanageable. Popus, more than the ones from 2003, malware disguised as ads even on mainstream, safe sites, and all of these running zillions of cookies and trackers converting your -otherwise perfectly usable- old amd64 Celeron machine with 2GB of RAM into some crawling Pentium III with 256MB of RAM. With LibreWolf and UBo I could even test Yandex Maps with Prypiat and the like and InstantStreetView too. No slowdowns, no OpenGL >= 3.3/Vulkan video card required, and no need to own a 8GB machine.
HN developers there without UBo if they depend on the web for documentation they are bit screwed if they use Chrom* based browsers, sorry. Half of the resources for their machines coudn't be used, you know for IDE's, compilers, virtual machines/containers and whatnot. And, yes, I know about ZRAM under GNU/Linux, and just imagine how many tasks would anyone accomplish with a ZRAM compressed chunk (~1/3 of the physical RAM), a light desktop environment as Lumina/LXQT and a non-Chrom* browser blocking all pests. Up to 3X more tasks in the same machine. No need to waste money on upgrades, and compilng cycles are cut down for the good.
It's the browser that annoys me the least. Almost everything just works.
Yeah that's mostly why I use it. When I try Firefox I get out of memory messages for some reason. Also the Google Lens tool is very handy and gets used often.
What are the alternatives? Only a massively moneyed corp has the resources to fight vulns at acceptable rates. Firefox doesn’t count because they’re being funded by Google.
I don't understand this perspective. How can one accept the objectively more user hostile option because the less hostile one gets money from the other. If one objects to using products funded by google, why is there not also an objection to using products from google?
For as long as the funding for Firefox continues, it remains a viable option. And despite all their bad decisions of late, they still give users the ability to configure or disable user hostile components.
Their funding model is a risk, but I've been using Firefox and librewolf forever and I'd argue it's a much better option than chrome or edge, especially with a handful of plugins. A risk is still better than the actual realization of the risk.
> Firefox doesn’t count because they’re being funded by Google.
Even if that were true, it's still a better option _today_.
In the short term, Helium (if, like me, you can’t live without Chrome’s bookmarks). In the medium term, perhaps Ladybird. In the long term, we’re all dead.
I think they were looking for browsers that aren't based on Chromium or Gecko, which, for something still regularly updated and works with most websites, I think webkit is the only real alternative.
Anything webkit-based and open source like Epiphany or Konqueror/Rekonq, it matches your "moneyed corp" requirement (Apple).
Somebody's promotion packet depended on pushing this through the approval process.
Not too long ago, someone submitted an AI demo to HN that resulted in a 3.1GB download upon visiting the page: https://news.ycombinator.com/item?id=47823460
It reminds me of the "dialup warnings" common 2 decades ago on huge pages (often containing many images). Yes, bandwidth and storage has gotten cheaper, but the unwanted waste should still be called out. I'm not even anti-AI, having waited several hours recently to get some local models to experiment with, but that's because I wanted to and made the decision to use that bandwidth.
I was working on on-device AI for 3 years. This was the prime idea we were exploring, how can someone undercut the OS providers and ship an LLM that other apps can also use on-device. Like if meta decides to do this, it can serve an API to all mobile app companies for an on-device LLM long before the OS is there. This is Google's way of reaching LLM distribution on laptops, since they don't have their own
It is very ironic that this post comes from "The Privacy Guy", given that the whole point of this model is to run inference on your own device rather than sending queries to the cloud, which is also much less power intensive than sending a query to OpenAI.
The site is currently unavailable 503 so I can't read it. But I wonder, what should you consent to? Every dependency? Every dependency above 1GB?
Maybe consent is not an appropriate term. Perhaps an acknowledgement and a way to say "I don't want this" would be a more suitable approach. I feel like a flag to turn off LLMs is useful. Firefox added something like this in a recent release. I don't know how much they're downloading or how much they run it, nor would I be a good judge if it's necessary or not, but I don't want that functionality in my browser so turned it off.
There's a setting in `chrome://flags` mentioned in the post that allows users to turn this off. I guess people want opt-in consent rather opt-out consent which there's always debate about. Some people say it degrades the experience for the majority of users who would opt-in for the happiness of the few possibly already detracting users.
the subject has been faced many years ago an super well applied in EU privacy regulations: Google knows it very well, and in super details and I have no doubt they will be fined for this despite all reduction of it thanks to their lobbying (and corruptions, too, in my super personal opinion): this fact well explain EU fines based on company's income.
Extra power and ram usage without your permission, for example.
Exactly, for all the hate of Windows, I could at least just look for shit named co-pilot and uninstall it for a pretty nice experience on my new computer. Phones aren't always as straightforward (especially jarring as "Google services" are required in Sweden on Android for stuff like mobile identity systems).
This is so absurd... I have to keep an old (rooted in order to hide that adb is enabled) phone connected to my home server just to use such app, because grapheneos without google services is apparently not secure enough.
Read the article, it's not about that, but a mere 4GB of storage.
4GB of storage is not a “mere” thing, to the contrary.
It is in 2026. Average daily household usage is at ~25gig. That's average, so 50% are more than that
It sounds like you’re talking about network usage, but this is about storage.
Also, average doesn’t mean 50% lower and 50% higher.
Oh and why is it there? Do you really think it's not loaded and executed automatically by default, so some Google executive can justify their "AI" spend?
I don’t. Do you have any actual evidence they’re doing that beyond the vibe?
Do I look like law enforcement? I don't have to do innocent until proven guilty.
It's the tech company's problem to convince me they are trying to do something useful to me. Come to think of it, it's their problem to convince me they still understand "useful to the customer" first.
Sounds like the words of someone that doesn't pay for their data use.
Silicon Valley is not the world.
> At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tonnes of CO2-equivalent emissions, depending on how many devices receive the push.
Environmental analysis for operations? Not a fan of thinking in such terms.
> For users on capped mobile data plans, particularly in regions where smartphone-as-only-internet is dominant (much of Africa, much of South and Southeast Asia, most of Latin America), 4 GB of unrequested download is on the order of a month's data allowance, vapourised by Chrome on the user's behalf. Google has not, to my knowledge, published any analysis of the welfare impact of this on the populations whose internet access is metered.
THIS is a valid concern. Otherwise I'm not buying into "ask for consent because of dependency X". Users don't like questions/consents.
However OS (at least windows) has an way to set network connection as a metered so software can make informed decisions. Also Android has "Data Saver" function which should also be honored by software.
> Environmental analysis for operations? Not a fan of thinking in such terms.
Why not? It's about 60 000 London - New York City flights by the way (https://www.theguardian.com/environment/ng-interactive/2019/...). And what's the benefit again?
Some parts of the anti-AI movement are becoming so unhinged that now any use of compute is considered an environmental threat. This degrowth mentality needs to die.
Should I reminder you what unlimited growth means and how it ends up in biology? Society/technology is no exception.
No need for unlimited growth, just normal sustainable progress like the one that allows you and me to communicate here after centuries of technological progress.
> No need for unlimited growth
Well then at some point you need to stop growing.
The "normal sustainable progress" has already pushed us to the brink of extinction. AI is rapidly accelerating our resource use, with nothing good to show for it.
How exactly are we "on the brink of extinction"? ("We" as in humans; many other species are obviously not as lucky.)
We are probably on the brink of very bad consequences for a signification fraction of all humans (up to and including all of them, to some extent), which is a huge problem that needs to be addressed.
But what do you gain by incorrectly labeling that as "extinction"? Because you do definitely lose credibility for it, similarly to everybody using hyperbolic language such as "boiling the oceans" etc.
If it's emissions they worry about, then it's anything emitting.
Are they against washing machines too? Or are they just grandfathered in?
This is literally why the EU mandates appliance energy efficiency.
It's never a binary thing. "Is using energy good or bad?" is a stupid question which can only provide stupid answers. It has to be placed in the context of whether it's proportionate to benefit.
Things which burn a lot of energy for little benefit - and in the case of AI, often negative benefit - end up more towards the "bad".
That's a fair point.
I hadn't considered that societies rightfully impose standards on these things.
I consider it too early to judge the cost-benefit, but it's fair that others might have already evaluated that. I rescind my comment.
Don't be disingenuous. Not all energy is created equally.
Are we back to magic water and magic soil? Does the energy have some morality attached to it?
The emissions per kWh of energy used in providing internet downloads probably is similar to that per kWh of energy used for washing clothes.
You're not seriously trying to explain that a kWh is equal to a kWh. Why not cut the crap? Are you trying to say washing clothes is of equal importance to convenience features in a browser, given that we can use each clean kWh only once? I can't tell what you truly mean like this
>a kWh is equal to a kWh
Yes, and it's none of your business how other people spend their electricity.
That's where we disagree. With our current system so reliant on fossil fuels, every kWh generated is a debt to our planet, our society.
Until that's resolved, I don't wish that debt incurred for frivolous uses.
What do you mean you "disagree"? I pay for the electricity I use and I use it however I want.
Instead of trying to control other people, why can't you start with yourself? Throw away your phone/computer. Go live in a small hut. Practice what you preach.