I wonder how they did it. The sync data is supposed to be protected by E2EE where the key is derived from the user password or an separate sync password, at least before I abandon Chrome and go FF few years ago.
Last I looked, Chrome’s sync is not E2EE. Next to nothing (user space) is E2EE, in Google’s ecosystem. By default it’s only Encryption in Transit. I think you can enable a Passphrase (encryption on device), but that’s optional.
I wonder how they did it. The sync data is supposed to be protected by E2EE where the key is derived from the user password or an separate sync password, at least before I abandon Chrome and go FF few years ago.
It’s not Chrome and it’s not through sync.
It’s Google Collections. Read the post.
Yes. I read that. Thank you.
And thanks the person clarifying it.
Last I looked, Chrome’s sync is not E2EE. Next to nothing (user space) is E2EE, in Google’s ecosystem. By default it’s only Encryption in Transit. I think you can enable a Passphrase (encryption on device), but that’s optional.
deleted by creator
Idk then. I had a separate sync password which will not sync anything after logged on in Chrome until I gave that password.
Encrypted between… Chrome and Chrome? Two installations of Google’s non-FOSS browser? You never really had control over that data.
At least what they claim to be back then.