Edge really needs end-to-end encryption for sync and better privacy policy

%3CLINGO-SUB%20id%3D%22lingo-sub-1189089%22%20slang%3D%22en-US%22%3EEdge%20really%20needs%20end-to-end%20encryption%20for%20sync%20and%20better%20privacy%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1189089%22%20slang%3D%22en-US%22%3E%3CP%3EFirefox%2C%20Vivaldi%20and%20even%20Chrome%20have%20end-to-end%20encryption%20for%20sync.%20For%20Firefox%2C%20it's%20on%20by%20default.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEdge%20doesn't%20have%20that.%20That%20means%20that%20Microsoft%20can%20see%20all%20your%20bookmarks%2C%20tabs%20and%20history.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4468242%2Fmicrosoft-edge-browsing-data-and-privacy%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EEdge's%20privacy%20policy%3C%2FA%3E%20doesn't%20say%20much%20specifically%20in%20regards%20to%20how%20data%20from%20Sync%20is%20used%2C%20only%20about%20history%20and%20tabs%20are%20used%20for%20analytics%20if%20you%20opt%20in%20to%20that.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1189241%22%20slang%3D%22en-US%22%3ERe%3A%20Edge%20really%20needs%20end-to-end%20encryption%20for%20sync%20and%20better%20privacy%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1189241%22%20slang%3D%22en-US%22%3E%3CP%3E%22Firefox%2C%20Vivaldi%20and%20even%20Chrome%20have%20end-to-end%20encryption%20for%20sync.%20%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3ESource%3F%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1189291%22%20slang%3D%22en-US%22%3ERe%3A%20Edge%20really%20needs%20end-to-end%20encryption%20for%20sync%20and%20better%20privacy%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1189291%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F310193%22%20target%3D%22_blank%22%3E%40HotCakeX%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fhelp.vivaldi.com%2Fguide%2Fset-up-sync%2F%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EVivaldi%3C%2FA%3E%3A%20%22The%20data%20on%20your%20Sync%20account%20are%20encrypted.%20Please%20provide%20your%20encryption%20password%20to%20decrypt%20them.%22%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fhacks.mozilla.org%2F2018%2F11%2Ffirefox-sync-privacy%2F%23foot-5%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EFirefox%3C%2FA%3E%3A%20%22Firefox%20Sync%20by%20default%20protects%20all%20your%20synced%20data%20so%20Mozilla%20can%E2%80%99t%20read%20it.%20We%20built%20Sync%20this%20way%20because%20we%20put%20user%20privacy%20first.%20In%20this%20post%2C%20we%20take%20a%20closer%20look%20at%20some%20of%20the%20technical%20design%20choices%20we%20made%20and%20why.%22%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.google.com%2Fchrome%2Fanswer%2F165139%3Fvisit_id%3D637180481868103649-1633798694%26amp%3Bp%3Dsettings_encryption%26amp%3Brd%3D2%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EChrome%3C%2FA%3E%3A%20%22With%20a%20passphrase%2C%20you%20can%20use%20Google's%20cloud%20to%20store%20and%20sync%20your%20Chrome%20data%20without%20letting%20Google%20read%20it.%20...%20Passphrases%20are%20optional.%20Your%20synced%20data%20is%20always%20protected%20by%20encryption%20when%20it's%20in%20transit.%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERight%20now%2C%20Edge%20really%20is%20unique%20in%20offering%20no%20end-to-end%20encryption.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1661860%22%20slang%3D%22en-US%22%3ERe%3A%20Edge%20really%20needs%20end-to-end%20encryption%20for%20sync%20and%20better%20privacy%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1661860%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F565823%22%20target%3D%22_blank%22%3E%40ragingrei%3C%2FA%3E%26nbsp%3BI%20agree%20here%20very%20strongly.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBrowser%20sync%20is%20about%20as%20sensitive%20as%20data%20can%20get%2C%20as%20it%20is%20likely%20to%20contain%20all%20kinds%20of%20personal%20information%2C%20ranging%20from%20political%20opinions%20to%20social%20security%20numbers*%20and%20similar.%20If%20there%20is%20no%20end-to-end%20encryption%2C%20all%20of%20these%20can%20be%20exposed%20by%20rogue%20employees%2C%20successful%20external%20attacks%2C%20or%20plain%20misconfigurations.%20So%20it%20isn't%20even%20about%20trusting%20Microsoft%20as%20a%20company%2C%20E2EE%20is%20simply%20essential%20for%20damage%20mitigation.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGiven%20that%20end-users%20cannot%20be%20expected%20to%20be%20aware%20of%20these%20concepts%2C%20really%20only%20Firefox%20gets%20it%20right%2C%20but%20Chrome%20at%20least%20allows%20the%20end-user%20to%20make%20it%20so.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAdditionally%2C%20Edge%20is%20the%20first%20browser%20I%20have%20seen%20to%20enable%20Sync%20by%20default%2C%20making%20the%20default%20settings%20even%20more%20important.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E*%20It%20isn't%20unlikely%20to%20see%20some%20websites%20transmit%20sensitive%20information%20through%20URI%20parameters%2C%20against%20all%20recommendations%2C%20so%20things%20like%20social%20security%20numbers%20can%20end%20up%20in%20the%20synchronized%20data%20like%20favorites.%20Other%20sensitive%20personal%20information%20is%20directly%20encoded%20in%20the%20bookmarks%20and%2C%20once%20sync%20for%20those%20is%20implemented%2C%20open%20tabs%20and%20history.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Firefox, Vivaldi and even Chrome have end-to-end encryption for sync. For Firefox, it's on by default.

 

Edge doesn't have that. That means that Microsoft can see all your bookmarks, tabs and history.

 

Edge's privacy policy doesn't say much specifically in regards to how data from Sync is used, only about history and tabs are used for analytics if you opt in to that.

3 Replies
Highlighted

"Firefox, Vivaldi and even Chrome have end-to-end encryption for sync. "

 

Source?

 

 

 

 

Highlighted

@HotCakeX 

 

Vivaldi: "The data on your Sync account are encrypted. Please provide your encryption password to decrypt them."

Firefox: "Firefox Sync by default protects all your synced data so Mozilla can’t read it. We built Sync this way because we put user privacy first. In this post, we take a closer look at some of the technical design choices we made and why."

Chrome: "With a passphrase, you can use Google's cloud to store and sync your Chrome data without letting Google read it. ... Passphrases are optional. Your synced data is always protected by encryption when it's in transit."

 

Right now, Edge really is unique in offering no end-to-end encryption.

Highlighted

@ragingrei I agree here very strongly.

 

Browser sync is about as sensitive as data can get, as it is likely to contain all kinds of personal information, ranging from political opinions to social security numbers* and similar. If there is no end-to-end encryption, all of these can be exposed by rogue employees, successful external attacks, or plain misconfigurations. So it isn't even about trusting Microsoft as a company, E2EE is simply essential for damage mitigation.

 

Given that end-users cannot be expected to be aware of these concepts, really only Firefox gets it right, but Chrome at least allows the end-user to make it so.

 

Additionally, Edge is the first browser I have seen to enable Sync by default, making the default settings even more important. 

 

* It isn't unlikely to see some websites transmit sensitive information through URI parameters, against all recommendations, so things like social security numbers can end up in the synchronized data like favorites. Other sensitive personal information is directly encoded in the bookmarks and, once sync for those is implemented, open tabs and history.