Chrome Sharing Could Blur Sensitive Info
Chrome on Android may soon automatically blur out sensitive data when screen sharing or recording. It's a potentially useful feature that brings some big questions.
The feature was spotted as an optional "flag" in Chrome Canary, which means it's at the very earliest stage of public testing. Canary is a version of Chrome for people happy to be the first to try new features or update, the name referring to the literal "canary in the mine" whose death would warn miners of a problem such as a gas leak.
Making a flag means it's not enabled by default even in Canary. That means it's very possible Google doesn't go ahead with the feature. (Source: mashable.com)
Credit Card Numbers Hidden
There don't seem to be many reports of users actually trying the feature yet, though there's some insights to it from the text accompanying the "flag" setting menu. It reads:
Redact sensitive content during screen sharing, screen recording and similar actions. When enabled, if sensitive form fields (such as credit cards, passwords) are present on the page, the entire content area is redacted during screen sharing, screen recording, and similar actions. It's not clear if the redaction will be in the form of blurring, a black box or similar technique. (Source: androidauthority.com)
Users might share an Android phone or tablet screen when giving a presentation or getting remote technical assistance, while recording a screen might cover situations such as recording game play in a video game. In both cases, the security risk might be accidentally opening a file or app which displays sensitive information.
Desktops May Follow
Screen recording and sharing are arguably more likely on a desktop computer or laptop, so it's possible Google is testing out the technique on a more limited use scenario before rolling it out to the desktop Chrome browser or to the Chromebook operating system.
One question is how Chrome recognizes sensitive data, for example from labeling or tagging of fields in underlying page code, from the content of a document's context, or simply recognizing patterns such as a 16-digit number. Depending on the approach, users might need to trust that Google itself won't store the sensitive information or will at least process it securely, preferably only on the user's device.
What's Your Opinion?
Do you ever share or record your screen, on mobile or desktop? Would you appreciate this automated redaction of sensitive data? Do you trust Google to correctly identify what is and is not sensitive data?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
If it could be turned on and
If it could be turned on and off, it would be useful. There are times I record or take a "screenshot" for myself with sensitive data that I WANT included, though, so having it on all the time wouldn't be something I'd want. Thanks for sharing the info!
Saving people from themselves
In the struggle to make things more "user-friendly" and "safe", what unintended consequences will be injected this time?
Those who exchange safety for security deserve neither.