Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Microsoft Word installed an English language spellcheck dictionary without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of disk space or bandwidth to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
It's additional software that many users didn't ask for, don't want and will not be aware of. Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
Honestly, for most features you could justifiably say its fine. I mean honestly, how large is an English dictionary? 100 KiB? That is a far cry from 4 GiB. Just taking up 4 GiB of disk space without even asking is indeed a shit move no matter how you shake it. If Microsoft Word updated and suddenly took up 4 GiB more for something like a dictionary, it might not cause as much uproar as if it were something that many people are tired of hearing about and not interested in, but I'm not sure you would find a single soul who would find that acceptable, more just tolerated, probably partly because a lot of people simply wouldn't know better.
> It's additional software that many users didn't ask for, don't want and will not be aware of
You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
I don't have even a single use for Siri on my Mac. It's useless AND redundant with the Siri that I have to have on my phone, yet Apple downloaded and installed "Siri" on there. If I install GarageBand which is the only first-party way to do basic audio manipulation, Apple installs at least 4GB of audio samples on my Mac.
None of this is to say "I approve of this exact thing Google is doing" - just that I agree with GP that this is exactly the same as what every big company (and many small ones) do every day.
The only "consent" we ever get is basically the all-or-nothing EULA we have to click Agree to in order to log in for the first time - the relevant terms are "Want computer? Accept that we will be shipping you all kinds of code constantly, for 'reasons.'"
Equating a 4GB file installed without explicit consent to the installation of a language dictionary is comical. That's like saying an unwanted political mailer left in your mailbox is the equivalent of a pallette of hammers left in your driveway.
The issue is the size of the 'update' and the impact it'z going to have on your computer performance.
If tomorrow Google was to include a Blockchain miner in Google chrome, you'd still say you consented to it by using their software ?
Because I'm pretty sure that this LLM is also going to be used by Google to gather data on the user and feeding it to Google, hence just like the Blockchain miner using our computer ressources (space & performance) to feed Google yearly benefits.
> Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
You know, I never thought about it like that, but it is true. The bloat and spyware is a core part of the OS now.
Chrome installs additional software that 99% of users don't use. It can intercept and modify code running on your computer, and spies on all network requests. Hackers use it to analyze potential vulnerabilities. 90% of users aren't even aware that it exists!
You could say the same thing about shipping V8 with Chrome. Some users disable JS so shipping V8 with Chrome is additional software they didn't ask for.
If someone puts a camera and a microphone on devices that don't need them, then it's a) pushing up the price of goods for everyone with features that mainly serve corporate, b) there are bad actors out there even if you think corporate is a good one, c) no reason to think corporate is a good actor.
Shipping an AI model with a browser is starting to look like sticking cameras on ALL glasses, not just smart glasses, regardless of whether anyone wants that. Saying this is fine and not unusual is clearly motivated reasoning and just normalizes the surveillance state. It's very obvious the way this ends. Browser-based models will eventually be using your computer at the edge to save corporate money in the cloud while they do ever more expensive and invasive stuff to profile you.
No, what's misguided is equating the legal definition of consent ("It's in the ToS") with actual consent. When everyone (especially google) knows 99% of users don't read the ToS. Can they sue over it in a court of law? Maybe, maybe not. But they can write articles, spread the word and generate bad press for google. Then maybe consent will be actual rather than constructive.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
For me the most significant problem is the lack of consent. I assume it's just not how you want to frame the problem. Ignoring the problematic parts or behavior of some sort of behavior is a common problem in modern software, and it's actually what the article is complaining about.
I don't think this is a question of framing or ignoring problematic behavior at all. I'm quite certain that you wouldn't find it anywhere near comparably egregious if Google added a new developer option without your consent- the most significant problem is the 4GB and the LLM. And, of course, you did consent to their software terms. You are free to switch browsers. What does consent have to do with this?
Exactly this. My issue with Microslop isn't that they're using AI, that is its own can of worms.
It's the fact that they were forcing it into MY computer, using MY bandwidth for THEIR profit goals. The lack of consent was the final nail in the coffin for me, no computer in my house uses Windows now, and it will at best be a long time before that changes.
I got rid of Chrome ages ago as well. Chrome's only redeeming feature is its user base. It's slower, uses more system resources, ugly as a browser, and now its an AI rapist too.
That's like saying users have no right to push against certain features. It's like saying Windows Recall was always ok and there was never any reason to demand it not be installed. The only difference is one can choose to use a different browser easier than they can choose a different OS.
You're right in the sense that practicality and consent are orthogonal issues. There are probably stronger arguments to complain about a feature than the disk use.
> The only difference is one can choose to use a different browser easier than they can choose a different OS.
I'm not even sure that is actually true for most people. If you mainly work in the browser, which many do, then you can change the OS under it without impacting the user too much but change the browser and there will need to be much more to adapt/relearn.
> It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
So where is the line we draw where bait-and-switch goes from being acceptable to unacceptable?
MA Chapter 93A for example clearly says that businesses are prohibited from "unfair or deceptive practices" including misrepresentation or concealing defects. Where do you think the line should be?
If you market a product as a Browser and it's codebase is 10% browser related and 90% some other program... Should Google have to correctly represent that product?
Related; If you didn't like when Apple forced you to use Siri on your phone, why did you purchase a Mac? Did you not expect them to continue disrespecting your sovereignty after you let them get away with it the first couple dozen times?
In principle I agree, but chrome has an auto-update setup and using that mechanism to download several GBs of data that is not critical to the app itself is cause for question.
Chrome is not entitled to my disk space just because I installed it and Microsoft has been excoriated for the exact same behaviour with AI.
>Chrome is not entitled to my disk space just because I installed it
When you install any program it becomes entitled to your disk space, by the definition of installation. If you don’t like the program, you can just uninstall it and it’ll no longer take up your disk space.
The difference would be intent. A nearby comment worries that the endgame is the ODM being used to monitor you and report back. Certainly wouldn't put it past the world's biggest ad company to think of that! And if that is what purpose it's put to, I think I'll be mad too.
If Chrome shipped a crypto miner and used the resulting coins generated on my device to let me automatically bypass paywalls with micropayments that would be way better than if they shipped the same and just took the coins.
I agree to install it, but I don’t agree to automatic updates. The bigger problem is, I can hardly find where to disable Google’s automatic updates. In the end, I just locked the file permissions to stop that virus-like auto-update program from running.
Auto-updating browsers is one of the best advances in the web dev space in the past decade. I find it hard to believe that anyone who did web development before evergreen browsers became a thing would ever disagree.
What isn't part of the software? Can they just install as much garbage they want to, as long as they claim it is part of the "browser"?
Also, scale absolutely matters. If I pull up in front of your house and say "hey, mind if I park here?" and you say yes, then I park, walk away, and 10 minutes later park a fleet of 18 wheelers in front of your house, you're going to feel like I wasn't...entirely forthcoming about what I intended.
What is the line is a good question. I'm strongly pro-user agency, but I still think consent is more around what actually impacts the user. If there's some safeguards, for exceptional cirumstances that users can get into if they need it, I feel like the software has to be doing more, having more of an impact on you for there to be an offense or problem here.
That said, I do want to amplify agency. I don't immediately know what to expect for disarming this. If a website starts hitting the API heavily and my machine's fans are spinning up, where am I at, and what do I expect? It feels like the web is close already, with a pretty sophisticated permissions model, where we go to look for things. I'm interested in an evolved permissions model for the web, where even when permissions are on by default, it's the same flow to turn them off. I think that would remove a lot of the grounds for "I don't want this" that seems so persistently abundant these days.
Even it feels like the risk is so low/non-existent, if the user's demanding less agency from the their user agent, in principle I guess we ought give them the less that they asked for. Usually. But that always has some kind of practical limit too. CSS made some people mad! It's ok for this not to be the software for you, for you to go need to go somewhere else.
I believe that relatively inert capabilities like this, where mostly it's taking up some storage space and joules, is generally not really altering the contract, and is fine.
I think the disk space and bandwidth are what make consent needed, because it’s implied that the browser may download small pieces of data but the user would not expect such a large file be downloaded so it should check with them
I think it falls more into the category of needing consent like a crypto miner would. If I use a piece of software to do X and it begins using more resources to do Y that can be a serious issue and is at the heart of this discussion.
A crypto miner needs consent because it burns your battery and CPU power with no benefit to you. This AI model would only be used when you invoke it so the only problem is disk space, which the comment you're replying to acknowledges as a point of issue.
It is changing the product significantly. I wanted/consented to a browser. Nothing more. Agreeable, nothing new with the browser vendor pushing plugins down our throat which are not browser core features, nevertheless not right.
> nothing new with the browser vendor pushing plugins down our throat which are not browser core features
You need to find another browser, if your desire is only browser core features. You have that freedom!! You can do it!
On the other hand: I don't think anyone caters to that position, because it's a bad/nonsense position, that users don't want. There are some browsers that come closer to this, but this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
It’s actually really useful for web devs to have access to a local model. Whether or not browsers should bundle their own rather than using the system-provided model(s) is up for debate, however. For the time being, though, Google does have some of the better small ones.
Furthermore, users aren’t going to want to have to wait for an extra thing to download before their web apps can use AI.
That’s the thing… Without context of why, users probably wouldn’t want a 4 GB download. But they do want their web apps to work properly. When there’s a specific use case they’re interested in, they will want to have it, and they won’t want to wait.
Even Microsoft doesn't install a spellcheck dictionary unprompted; that happens when a user/admin goes into the app configuration and changes the language support options.
But then they should state that minimum size of Chrome is 5-6GB (lol, OS size). Sure this feature should be installed by informing the user what are the pros/cons; just installing without asking - means that you are using user's traffic (huge for mobile, for example) and disk (quite a large part) without notice, which is probably a bit shady.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Java installed an ask.com toolbar without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
wellackshually the bloatware explicitly asked for consent. There was a checkbox at the end of the EULA asking you "I also don't agree to not install the ask.com toolbar. You wouldn't do that, would you?". There is a state of that checkbox which would not install the toolbar, because, as you know, it's not part of the software I'm trying to install. That state, however, is left as an exercise for the decompiler. :)
Though I kinda agree that framing it as "consent" feels a bit off even if I myself would say no if only Chrome had the courtesy to ask. What icks me more is a 4GB[1] blob that has no relevance to the primary business of being a web browser; this is basically the IE anti-trust issue all over again. And it's an experimental feature! Under saner policies this thing would be a plugin from "Google Chrome Labs".
[1] I found weights.bin in Ubuntu 22.04 Chrome v147.0.7727.137 but it's "only" 2.7GB. Still, my ick stands.
Disagreed; it's not a download you'd expect and it's also at least an order or two of magnitude than you'd expect to find reasonable for browsing a page.
I have a 2GB mobile data plan. If I was using Chrome, then some site triggers the Prompt API, that will cause Chrome to not only wipe out my data plan, but need 2 of my data plans. I don't find this reasonable.
This is exactly a consent problem, because I'm not denying it might be a useful feature, but it should be at the user's own informed choice.
The fact that Chrome developers don't appear to see this might be due to them living in a bubble where they've never had to think about the costs.
This kind of unwanted software installed with a product you want used to be clearly considered malware. But these days software companies all think they own your computer and can do whatever they want.
Chrome's model is based on copyright infringement and court cases are pending regarding legality. Even if spellcheck dictionary was 4 GB, installing bloated but legal software is different.
i wonder how exactly it makes it harder to have a discussion. would it be okay to talk about spyware in terms of consent, or would that make it harder to discuss as well? can you think of a situation that it wouldn't be unhelpful to frame what software does in terms of consent?
You’re probably right in a literal technical sense, but a very large number of people (maybe most?) would choose “no” if properly informed and asked for consent, and lots of people are morally opposed even in principle to downloading a large AI model onto their computer. I’m not one of them, but they’re out there. So in a cultural sense, it is different.
What % of Chrome users (this is the default browser that nearly every 'normal person' uses) do you think is confident (and knowledgeable) enough to answer this quiz:
For each, indicate whether it's closest to: 4MB, 4GB, or 400GB:
1. One MP3 song.
2. A 2-hour movie streamed from Netflix at 4K
3. The capacity of this computer's SSD.
4. The free space on the SSD.
5. The whole of English Wikipedia not including images
6. a AAA game from 2010 with all its supporting files and DLC
7. a AAA game from 2026 with all its supporting files and DLC
8. The total of all software updates you installed last month
I'd say maybe 5% could get 80% of those right. So, most people would be purely guessing the same way I'd be guessing if you asked me if I want 800mg of Beta-Carotene for $1. I don't know for sure if I need any Beta-Carotene, and if I did need some I wouldn't know if 800mg is a little, just right, or way more than I'd ever need, because I'm not a nutritionist.
Can't stand this kind of corporate apologism. It's one thing to disagree about whether this is a reasonable thing to do, but there's no need to additionally gaslight people about whether their category of grievance is even valid. Of course it's consent. They did it, without consent, that is a simple and factual statement. You consented to one thing (a browser) and not another (a giant AI file). And then the question with consent is whether the thing is something a person ought to seek consent for, which is entirely relative to how the person will feel about it. Installing a dictionary, probably not because it's small. Installing a 4GB file, probably yes. Obviously.
Its not misleading, AI models (unlike English spelling check) has the potential to mine data on users and invade privacy all under the name of "training the model". I am very skeptical of AI models. Governments and big corp have the ability to exploit AI models and none of them a righteous for us to feel safe from a move like that.
Local models exist as part of the solution to privacy invasion. Not saying google has never been nefarious, but the whole point of local models is that your data doesn't leave your device.
News from the year 2030: Google takes your credit card info, sells it on the black market for pennies and kicks you in the groin.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Google stole your credit card info without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of physical abuse to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
So… every software package you’ve installed has the right to consume an unlimited amount of your system’s resources? It’s an absurd argument. By that logic it can fill your hard drive, RAM, and max out your network bandwidth and the user would have somehow agreed.
i think if google can show that they know what it does and able to contain it then sure, it's a tool they have power over. if not then I don't see how it is being contained by the terms
There was a point in time when a spellchecker was not a standard function of a text program, and a spellcheck dictionary would have been considered a large file to include with that kind of software.
I'm not a fan of Google's actions here, but I do think it's possible that at some future time we'll say, "but a local AI model is a standard function of a web browser."
That was an even more ridiculous post. It wasn't spyware, it was a messaging bridge being installed for exactly the purpose it was intended. It was Claude Desktop installing a bridge that would allow Claude browser plugins to communicate with it. It was only used if the user had installed the browser plugin, and all it did was grant that plugin access to the app that had installed it!
you are being very disingenuous. there are certain expectations from a software vendor. taking things into extreme, if something install malware as an update on your computer, is it not a silly claim that it is free for vendor to do so?
"11.1 The Software which you use may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the Services."
"The element free implies real choice and control for data subjects. As a general rule, the GDPR
prescribes that if the data subject has no real choice, feels compelled to consent or will endure negative
consequences if they do not consent, then consent will not be valid.13 If consent is bundled up as a
non-negotiable part of terms and conditions it is presumed not to have been freely given."
"GDPR Article 7 further tightens consent. It requires clear requests (separate from general terms), a right to withdraw at any time, and documentation to demonstrate that consent was validly obtained. In short, you must prove that a person knowingly opted in. Records of data consent (who, when, how) are mandatory so that you can show regulators you followed GDPR consent requirements."
"You wanted a banana but what you got was a gorilla holding a banana and the entire jungle." - Joe Armstrong
You installed a banana with autoupdates enabled by default. Therefore you consented to installing a gorilla and an entire jungle
Anyway, joking aside, what's missing from this blog post is discussion of potential remedies for the alleged violations
It may be acceptable to Google to violate GDPR, etc. if the remedies enforced are merely a "cost of doing business" and not a threat to business success
Yeah, no. I installed a browser, I expect it to install the required components for it to work _as a browser_. I do not need a local AI model for it to do that. If there are features that need that, fine, but I expect it to at the very least ask permission since those are absolutely not required functions. It’s like if Word installed a bunch CAD modeling software in the background. There’s just no way it needs that to function for it’s primary purpose.
We don't have AI. We have language models trained by rapacious companies on copyrighted material with no concern for copyright violations and with a penchant for intentionally anthropomorhizing their models.
I'm an anti corporate malfeasance activist.
Hacker News and it's underemployed and underpaid user base gets these two confused all the time. I assure you, your tolerance for language models, or your willingness to use them, will have _zero_ impacts on your pay scale in the coming decade.
Finally you should be aware that Google markets this addition as an "anti fraud" and "anti spam" feature. They should have to justify that, I shouldn't have to justify my expectations as a consumer.
If Chrome has the #optimization-guide-on-device-model and #prompt-api-for-gemini-nano flags enabled, either because it's part of some Origin Trial / Early Stable Release or something, then web pages will have access to the new Prompt API which allows any webpage to initiate the (one-time) download of the ~2.7 GiB CPU or ~4.0 GiB GPU model using LanguageModel.create()
When Chrome 148 releases tomorrow, this will be the default behaviour on desktop.
To download, it should check for 22 GiB free disk space on the volume where your Chrome data dir is, and at least double the model size of free space in your tmp dir.
First the tabs came for the RAM and i did not protest, for i had plenty.
Then they came for the chip and i did not protest, for it was dark silcon anyway.
Then they came for the HDD.
The more severe problem is that Google installs model weight files on a per-user basis, meaning Chrome occupies 4 more GB of space for every OS user on your device.
The company I work at has several environments and hundreds of VDI users in each environment. Chrome is the default browser in all of them. By my rough napkin math, this one small change by Google will eat up at least 15 terabytes of new disk space in total. (I sure hope we are using deduplication at the physical storage layer...)
4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks (and in the future even PhD level intelligence) for free?
Oh, the horror!!!
Wait, let me pay my HVAC guy $500 he deserved because he came all the way from his home to replace a fuse
The problem is that some of us are still on connections that charge per GB in rural areas. Here in Montana it's very common to pay about $0.25 per GB regardless of how much you use, so this is a $1 additional cost per desktop device. Places like public school districts have hundreds of computers and this will be somewhat significant for them.
I was thinking a similar thing. Many of our customers have purpose use computers that rarely see physical infrastructure internet, but need a modern browser (many chose Chrome on their own, we never recommended it).
They're going to get blasted with cellular data charges when they fire up their computer in the field.
Google's updater service also currently ignores the windows 11 metered connection hint. It will gladly download that model over your cell connection even if you have a data cap.
This is infuriating behavior.
Silicon Valley must wake up and understand the entire world does not live like them.
That said, you might be surprised to learn that some of the models from 3b-9b could probably replace 80% of the things nonvibe coders use chatgpt for.
Its a good idea to run small models locally if your computer can host them for privacy and cash saving reasons. But how can you trust Google to autoinstall one on your machine in 2026? I just couldn't do it.
I find models of this size (not tested this one specifically) at being very good at simple data extraction from user input. Think about things like parsing date and time of an event from a description or parsing a human-typed description of a repeating event rule.
this is considered a large model. i think you might be surprised how many "small" models chrome has already pulled down on your disk.
but to answer your question: one of the services that uses a small model: PermissionsAIv4
"""
Use the Permission Predictions Service and the AIv4 model to surface permission notification requests using a quieter UI when the likelihood of the user granting the permission is predicted to be low. Requires `Make Searches and Browsing Better` to be enabled. – Mac, Windows, Linux, ChromeOS, Android
"""
Searching about:flags for model comes up with a whole bunch:
#omnibox-ml-url-scoring-model
#omnibox-on-device-tail-suggestions
#optimization-guide-on-device-model
#text-safety-classifier
#prompt-api-for-gemini-nano
#writer-api-for-gemini-nano
#rewriter-api-for-gemini-nano
#proofreader-api-for-gemini-nano
#summarizer-api-for-gemini-nano
#on-device-model-litert-lm-backend
Then around gemini but not caught by the search for models:
#skills (maybe? I think this is implied by "gemini in chrome"?)
edit: I don't see a carte blanch AI disabling option. As much as I dislike Mozilla's growing obsession with AI, at least they give me a top level option to disable all AI stuff. I only keep Chrome around for occasional testing reasons.
So my understanding of that is that the download happens only when sites call the Prompt API right?
Because my Chrome stable has been updated to v148 now, and I don't see any AI models in my user profile folder. My profile size is only 328 MB, with the Code Cache subfolder occupying the most space (135 MB).
Depends on where you get it. By default the flags will be enabled, but some packagers may choose to disable them. I haven't seen a major distro release chromium 148 yet.
Weirdly though, chromium won't be able to actually use the model even though it can download it, because the inference engine is a closed-source blob.
Next step: Invoke the prompt API from within online ads and run a "p2p" AI inference provider which forwards incoming LLM queries to website visitors. :-)
I believe webpages that use the API must request from the user via a system permissions dialogue to aces the prompt API, according the docs a few months ago.
An extra 4GB per user on our NFS home file server is going to be a huge pain (several thousand students). And for our Windows lab machines, they end up in AppData\Local (which isn’t redirected for operational reasons) so we either leave the profiles in place and let them accumulate (suboptimal) or clear out the profiles as we normally do and let it redownload, over and over again.
As much as I’m against unexpected 4GB bloat for an AI model, I’d much prefer it to install one copy, system-wide. 4GB per Windows or Linux lab machine, rather than a 4TB minimum load on our NFS server and 4GB downloads per user, per machine on our Windows labs.
Fellow sysadmin here. I'm glad to see somebody else thinking about the practical side of this.
Google should know better. Chrome has local administrator permissions anyway (w/ its updater) so they should have installed a single copy for the entire machine.
It's not cool to give a damn about the people who keep mundane stuff like desktop infrastructure, file servers, etc, working, I guess. The wanton disregard to even talk to a single in-the-trenches corporate sysadmin seems like malice.
Google has not ever cared about the real world implications of their browser decisions in the past. I can't say I'm surprised that they didn't start caring for this occasion.
I tend to deal with unwanted installations by creating a zero length file with the name (weights.bin) and remove all permissions from all users, taking the ownership as well. While the download and friends commence they fail to overwrite it.
The tactic used to work even as prevention to common RPC exploits (viruses/worms) on windows as well (in the early 2000s).
Conspiracy theory: making the browser bigger makes it harder to run large quantities of headless versions, for all the useful (but anti-Google) things that enables. I suspect this is directly tied to the ongoing ascent of verification laws and other pieces of the drive towards authoritarian dystopia. They're basically DDoS'ing providers of browser-VM services with this.
Because due to Google having a near-monopoly on the entire goddamn Internet, a shocking number of websites and services will refuse to work with non-chrome browsers.
I stopped using chrome 15 years ago and de-googled my life 5 years ago. The hardest thing to let go in fact was Gmaps (most alternatives, until recently, were not great) and I'm still captured by android, but rome was not built in a day.
Quitting chrome these days is the easiest thing to do. The writing is on the way. You don't control the browser on your network, google does. ANd for better or worse, google's priority is AI at this time.
Sysadmins should take notice.
If the network is ~65% chrome and thus deemed painful, take the gradual approach. Do not push chrome on new devices or users. Watch that problem slowly go away.
> Energy intensity of network data transfer: 0.06 kWh per GB, the mid-band of Pärssinen et al. (2018) "Environmental impact assessment of online advertising", Science of The Total Environment [14]. The paper reports a 0.04-0.10 kWh/GB range depending on the share of fixed-line vs mobile transfer and inclusion of end-user device energy. 0.06 is a defensible mid-point.
2018? An estimate from 8 years ago is going to be off by a factor of 10 or so.
Not sure you'd get far with the legal arguments unless you're actually a lawyer. Too easy to misunderstand the jargon (i.e. the same reason why it's dangerous to use an LLM as your lawyer).
(As an aside, the whole thing reads to me like the style LLMs use; not saying for sure it was, just giving me those vibes).
This is the same guy who said that Claude Code was spyware because it makes a few Windows Registry keys [0]. I find it really hard to take him seriously.
Oh, one of those people. Gotcha. Back in the early days of my career (can't remember exactly, possibly 2010?) I tried making screensavers and gave them away on my website, someone followed me directly on twitter then tweeted to everyone that my screensavers were some kind of malware because… I'd named the main class as per the tutorial and somehow this looked scary.
It would also imply that it costs Google ~7¢ in only energy cost to deliver that file to you (using average EU energy costs), which is clearly non-sensical given the rates hyperscalers charge for network egress.
Additionally, the cited number also conflates wired internet (low power consumption) with mobile internet (higher), even though this model is only being downloaded to Chrome Desktop AFAICT.
Long term historical trend, lots of small tech improvements that add up, like all other tech. Some of it's how antennas are higher gain, which puts more of the energy in the path from one end of a line to the other and wasting less (affecting both cellular and WiFi standards over this period), some is improved compute reducing the cost of routing, but as with the improvements to chips and batteries and PV, the list of things is long and each one only contributes part of it.
EDIT: got the maths very wrong with some other estimates, deleted them.
Seems reasonable to believe to me. The cost of a transfer is presumably calculated based on the base power cost of the transfer machinery, since I really doubt that a router or switch's power usage is linear with the amount of data it's transferring. The amount that an industrial router or switch (which is what 80-90% of the hops between you and Google are) has to have increased its bandwidth by around 10x over that time, and I doubt they have 10x'd their energy usage.
Eight years ago my internet was using a current over a copper wire. Now it's light through glass. The latter is much more efficient especially over longer distances.
Agreed. Also, complaining about the climate impact of an AI model download while opening your post with an ai generated image is peak hypocrisy. Did not bother to read the rest.
"Silently installs" is misleading. They are including a file in the package which is presumably related to the functionality of the software. I don't use chrome for a long list of reasons but it is not standard or expected to get consent for that.
There is, however, precedent for software alerting/asking the user to install “extras” or utility packs and showing the disk size that content will take up and even allowing the user to choose a location to store such things. Creative software does this all the time.
There’s nothing stopping Google Chrome from doing something similar except, I suspect, Google knows or feels it will result in many fewer installs of its bloatware.
That's a good point. "Downloads a 4GB LLM model without notice" would get a good amount of attention and be an accurate representation of the situation. The article undermines itself by misrepresenting the problem.
“Silent” seems appropriate given it historically never required such a large storage requirement and the nature of the new feature seems entirely optional; and it’s happening silently as part of a normal upgrade.
> it's happening silently as part of a normal upgrade.
No, this is not true. The large requirement comes after a user wants to use the feature, not as a part of the normal upgrade. If the user never engages with the feature, it's not downloaded.
Are you okay with a 1 GB chrome install suddenly becoming a 5 GB chrome install on all your machines, without your permission or knowledge, for functionality you may or may not want?
Yes because in their mind corporate power is the only thing that matters in our lives. Not what people want, but what Google wants is clearly the only thing that matters for them.
100%. "Researchers Discover Chrome Uses Your Hard Drive to Silently Make a Copy of Everything you Look At Online" is ominous and scary and also an accurate description of how caches work. There's enough scary and bad AI stuff to discuss without needing to use scare tactics.
We live in a tech world where it has become normalized that perfectly functioning software that you used to buy once and then got to use indefinitely suddenly receives an "update" to put previously existing functionality behind a pain subscription. The reasonable expectation people have is that an update fixes security bugs and maybe includes a few optimizations.
So no, I don't think it's a weird trend at all that people start describing software as "silently" doing things when trust in automatic updates of software (a thing that software silently does) has deservedly gone down the drain in the last few years.
Then what is your definition of "installing" exactly? Are you going to split hairs about it not being a separate program being installed and running in the background, but weights being used by code that is run inside the browser? Because honestly, I don't think there's any significant difference from the user's perspective here. Other than the fact that doing the latter bypasses the need to get permission to install a new program. Which makes it an even worse violation, in a way, since it undermines the trust that the browser as a platform is just a browser.
A 4 GiB model has nothing to do with the functionality of a web browser. It is something forced on users without their consent.
Of course that's what we get for giving the benefit of doubt to the company that insisted on learning the wrong things from the Google Buzz fiasco.
Install does convey something more involved than including a file, that's not splitting hairs. It is not uncommon for software to include malware that runs independently of the software you expected, and the headline is clickbait that taps into those concerns. I'm here for the concerns about bloat. "Downloads" would have been the right term to use but it doesn't sound as scary.
> A 4 GiB model has nothing to do with the functionality of a web browser.
Problem is, nor do half its T&Cs. What we thought was a web browser turns out to be a Google content delivery vehicle - and controlled by Google, not the target users.
This might be worth it if Gemma4 E2B were a good model, but honestly it's absolutely useless in all our testing without further training and finetuning, and those aren't usecases that are fit for normal web browser use such that one would care to support it by adding such overly broad and expensive infrastructure to make it happen.
Gemma 4 E4B is a much better model, but it's too large to simply download and run everywhere.
IMHO, this is jumping the gun. Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards. It would be better to wait until a smaller, better model ships before doing this.
Most users aren't even going to know that this is here. Web developers will expose this capability to the user. The devs will have to determine if the model is delivering what they need.
It's good to have something to work with if these Web APIs are going to be part of a standard. I suppose this means that ALL the browser vendors are likely to implement something
> Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards.
I wonder what that will do for the competition between hosted genai and local models...
This is what I've done after spending some time to look into it, this is for Linux Desktop:
Delete Chrome's silent 4 GB AI model file and AI
In Chrome, go to: chrome://flags
Search for and Disable these:
Enables optimization guide on device
Prompt API for Gemini Nano
AI Mode
Open DevTools (F12 or Ctrl+Shift+I).
Click the Settings (gear icon).
Go to AI Innovations and uncheck Enable AI assistance.
For Linux, in a bash shell, this should prevent Chrome from trying to download the file again because the root user instead of my user, will own the file/directory.
Or accidentally trigger it because you're using a key binding you've used for 15 years that, upon hitting an unexpected consent screen, triggers the consent button.
How hard would have been to add a simple message, warning people about it and offering to opt out? Most would have clicked OK without reading anyway, and Google could pretend they give a shit about users. Unless they expected blowback, and that kind of message is the "compromise" they want to eventually land on.
They want to force the prompt API into being a defacto standard without getting buy in by the rest of the web standards body. Having it on by default serves this goal.
I think a local AI model is appreciated, but it being bundled and executed through Chrome, I expect that more or less all data get exfiltrated by Google.
They simply read your mails, how would you expect there to be anything resembling decency in a company like that? It is the ad business.
Doesn't google already extract every single letter you put into the address bar as you type?
The idea that the model is local is just Privacy Washing. What's the chance they aren't capturing your prompts somehow? For "Telemetry" so they can triage bugs of course!
Presumably they think the fraction of their userbase who cares about this would be too small to justify the expense of adding a warning message. The mere existence of a warning message implies that there is something to be worried or concerned, about, a position they probably do not endorse or accept.
Framing 4GB of data moving in a world of petabytes of traffic as a specific environmental disaster is kind of a stretch, regardless of whether we want the model.
Yeah I have to run ski race software with slow and intermittent internet. It is things like this that can wreck the race and bankrupt the small club if we have to refund entry fees to an entire field. It really is brutal and real. Looking at you windows update and now Google and Chrome.
yeah 3 bucks a gig here for quite a while, finally got a kinda sorta unlimited connection recently. I scripted up a meter of sorts to watch my traffic and its amazing how much is just trash. video advertising of any sort is awful. there were many sites that if I just forgot about them in the browser window they would happily reload periodically and trash my days budget lol, then using "links" for just reading really shows off how many websites just reject you for not having javascript.
It's somewhat known that Chrome isn't catering to those users. They aim to deliver feature-rich experiences rather than be the de-facto browser for resource-constrained devices.
I do not agree: I live by the sea and this is exactly the answer I get when I talk about trash in the sea. I personally appreciate even more that kind of "stretch" then the privacy one (which could be another "stretch" on getting closer to 1984 scenario)
I guess you can write an article about every new gigabyte released, and we can use more gigabytes talking about it, but other than that I don't see that any one gigabyte of software I don't want is especially more noteworthy than any other gigabyte of software I don't want.
An xBox game can be 50+ gigs. Millions of gamers. Fire up the presses!
I'm not at all saying nothing matters so we shouldn't care. I just disagree about the utility of calling out specific things out of proportion to their place in the climate crisis. Tackle AI, yes, and fast fashion and cars, and ... that one change to Chrome? I guess if that's where you want to put your energy, Sisyphus.
Chrome is used by about 3.8 billion people [1]. So, if this is rolled out to every chrome user over the next year or two, this would generate about 15 Exabytes of traffic. It's difficult to find accurate, useful numbers on this, but lets assume 29 grams of CO2e per GB, this would be about 450k tons of CO2e. This in turn, equates to average household CO2 expenditure of almost 300k households.
So make your own judgement, but this seem pretty significant to me.
29 grams for something that takes most folks less than 20 seconds to download? How many watts (neglecting the machinery was going to be running regardless of whether you are transferring something!) do you think it takes to transfer data?
Traffic is not homogeneous in total transfer cost. CDN-hosted data at the edge, close to the user is much cheaper than data that has to transit many hops. At the asymptote, transferring data between machines on the LAN is essentially free.
Whilst I am sceptical about Google in this space I do think it is a move in the right direction to do more locally and actually use the space modern machines have on device.
The same old individualistic fallacy [1] of highlighting individual effects to hide global effects, all while compromising user privacy. In reality this will be continuous million of devices downloading these useless weight files.
[1] Used since forever by the Tobacco & Pharmaceutical, Fossil Fuels & Climate, Food & Diet Industries.
For one, not everyone in this world lives on high bandwidth unmetered connections. In Germany, you got a lot of people still running on 16 MBit/s ADSL, that's half an hour worth of full load just for AI garbage. With the average 50 MBit/s, it's still 10 minutes. For those running on hotspots - be it their phone with often enough 10 GB or less on your average data plan or train hotspots that cut you off after 200MB - the situation is similarly dire.
The other thing is storage. I got a nominally 256GB MacBook Air. Of these 256 GB, easily 50GB are already gone for macOS itself, swap, Recovery and everything that macOS doesn't store as part of the immutable partition (such as, you guessed it, its own AI models). Taking up 2% of the disk space without consent is definitely Not Cool.
Another angle is the processing cost, I assume Google is seeking to offload the computation for whatever features this covers from their own data centers to end users. On the scale of billions that's probably measurable and from google's side worth doing whether the users is paying for the service or not, and each of them will have more power usage with some reduced battery life on portable devices. At that scale I'd also wonder about efficiency based on what proportion of end users are using AI or running it on CPU/GPU/NPU.
The climate concern pearl clutching is pure muckraking. The author doesn't care, they're just looking for some sort of controversy. Do they (or the other seemingly horrified commenters) know how much data is transferred during a single evening of watching HD streaming video?
In 2026 4GB of data is not going to have any measurable effect on the climate.
There's a level of hypocrisy involved which is truly absurd. Literally no one reading this is going to curb their data usage. They'll just try to justify their outrage with farcical strawman arguments to be pedantic and then go binge watch some Netflix series without another thought.
I would more worry about storage space on some laptops with pretty small SSDs like 192-256GB of official capacity prior installing Windows, 4GB of that is already pretty significant part of storage space for something which should be opt-in.
not just fiber, e.g. Netflix requires "only" (reliable) ~15Mb/s for a 4k stream, that means most people in most countries feel little difference between ~25 Mb/s and 1Gb/s in their "every day" usage. Sure it's a huge difference if you download a 80GiB AAA game, or preload a 4k movie. But in my experience (which definitely doesn't apply to all countries) a lot of non tech affine people don't do that that often an if they do it (e.g. movies before travel) they tend to do it over the night so it still works out just fine with not so fast internet.
So for a lot of people paying for more then 25-50Mb/s (pro person) makes only sense if it isn't too costly. Hence I rarely see people going for more then 250-500 Mb/s even iff 1Gb/s is available and they have money. And for non-gamers with little money, I mostly see them with ~50Mb/s (or paying for 50Mb/s but getting much less due to old wires :( ).
(Also IMHO The more important things compared to 1Gb/s is how much of the bought bandwidth is reliably available at all times _with good latency_...)
It is sad that this terrible comment inspired so many responses. It is 4GB of traffic for one person, and I am not aware of any single person who is moving petabytes of traffic.
Comparing a single person to the entire world to make the inconvenience to or violation of a single person seem small is deliberately and thoughtfully deceptive.
Why not 4TB in traffic and storage for chrome, then? In a world of petabytes of traffic, it's a feather. What's wrong with jailing somebody wrongly for 20 years in a world where millions are jailed, many wrongly, often for lifetimes? What's a lost finger on the job when there's a genocide going on?
Not on my devices. Auto update has been abused so often now that it is an embarrassment to the industry. Auto update should be for bug fixes and security issues only.
I'm on an Arch flavor, so its whenever I feel like updating. I try to update frequently enough, but if i wait weeks or months, nothing breaks, it always just works, and I get the latest of everything.
- software company decides to release a new version and auto installs it for everyone who has the old version (like Google Chrome)
- software company decides to release a new version. The Debian packaage maintainer checks if the update is fine, is compatible with Debian policies, then includes it in the packages repositories.
In the first, there are no checks. In the second, there are.
When Google stuffs AI into everything, people shrug. Can't expect anything else from big tech.
When Firefox does it, it sparks outrage across the internet, with entire forums filled with people vowing to leave Firefox forever and switching to something like Waterfor or Ilp/Zorp/Floop instead.
As a result, searching for experiences other people had with Firefox makes it sound like hell on earth, while people have little more to say about Chrome other than "Google gonna Google, but it's fast at least".
What browsers would you recommend? I use Brave but it's still Chromium under the hood. It's the only one that I never had trouble with adblock though. Also lets me play youtube on mobile when my screen is locked.
Vivaldi - built in ad blocker, the creator is a nice guy, transparent business model. It might be rough around the edges, but it's much better from every alternative imho.
Arc is still great on macOS (not so much the Windows build, essentially an abandoned beta) even if it's not getting active development anymore.
I'm defaulting to Firefox ever since I moved my desktop to CachyOS, but I need to either reacquaint myself with its add-on situation after a long arc of using "chrome alternatives", or migrate to something else niche. Vivaldi was what I was sold on before Arc caught my attention through its wonderful UX/UI.
Google's "don't be evil" motto already felt ironic over a decade ago, long before they even replaced it with "do the right thing [for shareholder value?]".
> Why use a browser from Google or Microsoft in 2026? Why in the world?
There are only three major browser rendering engines. One is Gecko, by Mozilla. One is Webkit, currently tended to by Apple. And one is Blink, which is Google/Microsoft. Of those, Blink is the most featureful. That's why.
You could use Chromium just for Google Meet. That's what I do. I have Chromium relatively up to date that I basically solely use when I need to. It can be Google Meet, or Teams, or whatever was purposely botched in order NOT to work with Firefox, basically sabotage, but it can also be very rare cases like Lego Spike or GrapheneOS Web installer which require WebUSB.
99.99% I do not need Chromium but when I do, it's worth the ~200MB of used space.
What mess? I only ever used Chrome as my main browser for a short while when Firefox had become rather bloaty and had slow JS, and Chrome was small and nimble. But that was something like fifteen years ago. Firefox works, is plenty fast these days, and only eats most of my RAM compared to Chrome which takes all of it, and serves me a web devoid of almost all ads and most trackers.
Firefox has a complete UBo unlike the Chrom* corporateware turd which is just Microsoft 2.0 from Google. Chrome instead of IE, and propietary JS code for Google services such as Youtube -deliberately made slower in Firefox- as the new Active X shoved down your throat in order to keep a monopoly.
With Librewolf I can get proper WebGL, full UBo -with the AI blocklist too to avoid all the slop- and Bypass Paywall Clean from Giflic or whatever was called. Yeah, eh, y local newspaper won't mainly get adverts' money but the rest of local company ads show up well even with UBo/BPC, so they get some money after all.
On RAM usage, Librewolf it's far lighter on the long term and it doesn't ping back as Firefox, and many times less than Chrom* based browsers where, I repeat, Chrome based browsers don't allow UBo any more even if installed from their Github repo enforcing some about:flags variables related to legacy extension support.
The web today without UBo it's unmanageable. Popus, more than the ones from 2003, malware disguised as ads even on mainstream, safe sites, and all of these running zillions of cookies and trackers converting your -otherwise perfectly usable- old amd64 Celeron machine with 2GB of RAM into some crawling Pentium III with 256MB of RAM. With LibreWolf and UBo I could even test Yandex Maps with Prypiat and the like and InstantStreetView too. No slowdowns, no OpenGL >= 3.3/Vulkan video card required, and no need to own a 8GB machine.
HN developers there without UBo if they depend on the web for documentation they are bit screwed if they use Chrom* based browsers, sorry. Half of the resources for their machines coudn't be used, you know for IDE's, compilers, virtual machines/containers and whatnot.
And, yes, I know about ZRAM under GNU/Linux, and just imagine how many tasks would anyone accomplish with a ZRAM compressed chunk (~1/3 of the physical RAM), a light desktop environment as Lumina/LXQT and a non-Chrom* browser blocking all pests. Up to 3X more tasks in the same machine. No need to waste money on upgrades, and compilng cycles are cut down for the good.
Yeah that's mostly why I use it. When I try Firefox I get out of memory messages for some reason. Also the Google Lens tool is very handy and gets used often.
What are the alternatives? Only a massively moneyed corp has the resources to fight vulns at acceptable rates. Firefox doesn’t count because they’re being funded by Google.
I don't understand this perspective. How can one accept the objectively more user hostile option because the less hostile one gets money from the other. If one objects to using products funded by google, why is there not also an objection to using products from google?
For as long as the funding for Firefox continues, it remains a viable option. And despite all their bad decisions of late, they still give users the ability to configure or disable user hostile components.
Their funding model is a risk, but I've been using Firefox and librewolf forever and I'd argue it's a much better option than chrome or edge, especially with a handful of plugins. A risk is still better than the actual realization of the risk.
In the short term, Helium (if, like me, you can’t live without Chrome’s bookmarks). In the medium term, perhaps Ladybird. In the long term, we’re all dead.
FYI, this doesn't appear to work on macOS, unless I'm lucky enough that Chrome has never installed anything related to this on my machine. I don't even have a ~/.config/google-chrome directory; it's possible Google is using some Apple-alternative to that standard.
I was working on on-device AI for 3 years. This was the prime idea we were exploring, how can someone undercut the OS providers and ship an LLM that other apps can also use on-device.
Like if meta decides to do this, it can serve an API to all mobile app companies for an on-device LLM long before the OS is there.
This is Google's way of reaching LLM distribution on laptops, since they don't have their own
I don't see how this is going to work when every application decides to ship and run a 4GB model, competing for video memory. It's going to be the Electron problem times 10.
It reminds me of the "dialup warnings" common 2 decades ago on huge pages (often containing many images). Yes, bandwidth and storage has gotten cheaper, but the unwanted waste should still be called out. I'm not even anti-AI, having waited several hours recently to get some local models to experiment with, but that's because I wanted to and made the decision to use that bandwidth.
Maybe consent is not an appropriate term. Perhaps an acknowledgement and a way to say "I don't want this" would be a more suitable approach. I feel like a flag to turn off LLMs is useful. Firefox added something like this in a recent release. I don't know how much they're downloading or how much they run it, nor would I be a good judge if it's necessary or not, but I don't want that functionality in my browser so turned it off.
the subject has been faced many years ago an super well applied in EU privacy regulations: Google knows it very well, and in super details and I have no doubt they will be fined for this despite all reduction of it thanks to their lobbying (and corruptions, too, in my super personal opinion): this fact well explain EU fines based on company's income.
There's a setting in `chrome://flags` mentioned in the post that allows users to turn this off. I guess people want opt-in consent rather opt-out consent which there's always debate about. Some people say it degrades the experience for the majority of users who would opt-in for the happiness of the few possibly already detracting users.
Exactly, for all the hate of Windows, I could at least just look for shit named co-pilot and uninstall it for a pretty nice experience on my new computer. Phones aren't always as straightforward (especially jarring as "Google services" are required in Sweden on Android for stuff like mobile identity systems).
> At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tonnes of CO2-equivalent emissions, depending on how many devices receive the push.
Environmental analysis for operations? Not a fan of thinking in such terms.
> For users on capped mobile data plans, particularly in regions where smartphone-as-only-internet is dominant (much of Africa, much of South and Southeast Asia, most of Latin America), 4 GB of unrequested download is on the order of a month's data allowance, vapourised by Chrome on the user's behalf. Google has not, to my knowledge, published any analysis of the welfare impact of this on the populations whose internet access is metered.
THIS is a valid concern. Otherwise I'm not buying into "ask for consent because of dependency X". Users don't like questions/consents.
However OS (at least windows) has an way to set network connection as a metered so software can make informed decisions. Also Android has "Data Saver" function which should also be honored by software.
Some parts of the anti-AI movement are becoming so unhinged that now any use of compute is considered an environmental threat. This degrowth mentality needs to die.
The oceans are boiling [0], marine life is dying [1]. Land close to the water will be land under water soon [2]. The ice caps are melting and setting free all sorts of diseases. [3]
Large parts of our planet on fire all the time now, here's one from Australia from this year [4], but I'm sure you've read about wildfires in Australia last year, California every year, Greece last year etc etc.
What you're proposing is nothing short of a death cult. It's either degrowth or we all die, sacrificed at the altar of capitalism.
I know it takes extra steps to make Android perform OS or app updates over LTE. I doubt it's downloading a 4GB model over LTE unless the user has chosen to perform updates over LTE.
> However OS (at least windows) has an way to set network connection as a metered so software can make informed decisions. Also Android has "Data Saver" function which should also be honored by software.
Unfortunately, that automation is unreliable. It doesn't work across operating systems - Windows laptops won't enable data-saver mode when connected to iPhones and macOS laptops won't when connected to Android phones, and neither will enable it when connected to, say, public transport wifi.
And even if the OS has the information, websites can't reliably use it either. Firefox and Safari both don't implement the NetworkInformation API [1].
If you back up to "intention" it's fully insane to make a GDPR argument against on-device AI. Yes it downloads bits, but those bits are not there to identify you - they are basically a local copy of the internet. This enables private data to be kept on-device. Having no personal data leave the device is fantastic for GDPR compliance.
The good point in this article is about how the "AI" features in Chrome all use Google's cloud API and not a local model. That's true and some of it should be local. ("AI mode" uses the Web index, so it fundamentally cannot be local, but there are features that could be.)
Chromium doesn't support this API because it needs a binary blob to run the inference, although in theory it may still be configured to download the weights:
Chromium on Linux already has Google's AI Mode in the omnibox and the new tab page, so I'm not sure Chromium would be immune to changes like local AI models.
It is very ironic that this post comes from "The Privacy Guy", given that the whole point of this model is to run inference on your own device rather than sending queries to the cloud, which is also much less power intensive than sending a query to OpenAI.
Firefox is dependent on Google for funding, but not for source code. Brave is dependent on Google for source code, but not for funding. Safari is dependent on neither but Apple locks down the experience.
Hopefully Ladybird will deliver us from our Google dependence in a year or two. It's already usable for very light web browsing. I wrote this comment on Ladybird.
One upside to this is that it doesn't use Gemma and instead uses Gemini. So at least for Gemini Nano (apparently called XS internally by Google) it means that the weights are now de facto open and you no longer need a current Android phone to get the latest and best model in this class. This also makes it the only open American frontier-level model right now.
Sources for what? The pareto frontier of LLMs? How Google is pretty much on the line with most of their LLM products? Or this particular model? For the first two you need to look for size/cost vs. accuracy charts. There are tons of them floating around. For the latter there is not much official info except what you can infer by analyzing the weights.bin file that Chrome downloads. But it does mention Gemini in there, so it seems pretty obvious that it is from their proprietary line of models.
Hard to believe it's over 10 years since they first started pulling crap like this by downloading a binary to listen for 'OK Google' (including on chromium builds): https://lwn.net/Articles/648392/
Wow, so glad to see this on HN because yesterday coincidentally I told codex to figure out what was taking up space on my computer and lo and behold their was an ai model in my chrome folder... And i certainly didnt recall downloading that myself.
What’s wrong with shipping a local llm? This is quite nice IMO is there a privacy concern with running it locally? I already have a few games I wrote web based using this and it’s quiet nice to not need a server to run my game in pure HTML from my file system
Chrome also silently installs a powerful relational database engine without warning or consent.
All of your history, trivially searchable. Imagine the waste heat generated by the browser bar conducting thousands of non-consensual searches every time you type.
OK, I rarely use Chrome (I like Safari and only ever open Chrome on the increasingly rare occasions when a site doesn’t work in Safari and lately it’s turned out that the site is just broken) but looking at the article and the comments here, I can’t figure out where this 4GB is supposed to be stored. None of the likely cases panned out when I looked.
On one level, I can't figure out how bent out of shape to get over this (but read on). Software I use downloads updates all the time, adds new features all the time, and I mostly don't ask for any of it.
So if you see this as just a new feature that provides some on-device AI, it's a bit, so what? A new feature? The last GT7 or Flight Sim patch was bigger than this, what's the big deal, etc.
However, that's not really what's going on. It theory Chrome gives you a local LLM that can provide local AI powered features. In practice, everything gets sent to the cloud anyway so the local LLM seems mostly to exist as a disguise for that, which is shady AF.
As others have pointed out, the solution is https://www.firefox.com/. And whilst it's been trendy on HN for several years to slag off Firefox and Mozilla, I went back to Firefox as my daily driver several years ago, and Chrome's high-handed enforcement of Manifest V3 extensions (meaning no full fat uBlock Origin) has only served to cement that decision.
It's mostly been great. The only downside is that some sites don't work properly on Firefox, and I'm 99.999% sure that's not Firefox's fault.
For example, Paypal's post-login verification step breaks so every time I want to buy something using Paypal I have to switch to Chrome. And, no, disabling uBlock Origin and other extensions on Paypal doesn't help - I've done this already. Seriously, Paypal, it's been months: will you please just fix signing in and paying on Firefox, please?
And many sites will assume you're a bot first and ask questions later if you hit them with anything other than Chrome or Safari... which is also extremely lame and scummy.
I don't think that adding the feature is the issue here, but instead Google deciding it needs to push an order of magnitude more data and store it on your device. I can understand wanting to at least re-evaluate your use of a tool when that happens.
If you were to install Chrome fresh, what if it was a 4GB+ download from their website? I would at least pause. For reference, a regular offline installer is 140MB.
Weird, I access PayPal through FF all the time. It's probably one of those weird geographical differences or something. One thing I did see is that at least one site (AliExpress) doesn't initiate the redirect after the payment, but still accepted the payment.
I’m guessing there’s some UX metric out there, that if they pre-load downloading the model, the user is more likely to stick with trying things out; rather than have them wait for a hefty download to complete.
The future is local models. This makes sense and I wouldn't be surprised if future web standards require this to be swappable so that you can use a model of your choice as the intelligence in the various APIs. Being able to use summarization and text extraction locally will be a powerful enabler. Apple's ability to copy text out of photos etc. is really useful.
They do this so they don't have to host the model on Google servers and then have claims of "Google spies on chrome users and uploads all their data to Google servers, including private dm's".
I'm not a fan of this being downloaded by default. Still, I very much prefer that, if something if Chrome uses a LLM, that's done via a local LLM rather than by via an API call
If Chrome had installed 4GB for some other tooling that most people don't need, would anyone care? My operating system installs with a million default packages that I don't need. Users install applications with optional features all the time. Applications install additional tooling so that they'll function all the time.
To the other point: of course Claude Desktop modifies the browser--that's how it works. Most apps install integrations with existing apps. Often apps install a whole collection of plugins, even for things the user doesn't use, so they're available if the user does start using the other apps.
The fact that this happens to be AI-related is a moot point. The environment concern is utter nonsense. They're not using everyone's browser to power AI for others as some kind of shared collective resource. 4GB is not a lot of data in the grand scheme of things (beyond general application bloat). I have more than 4GB worth of ads shoved in my face every month.
The legal argument is facile as well. When you install any application, its terms of service cover functional updates and additions. You don't have to explicitly consent to all of them.
Other than the size of it, I don't have any problem with anything this article is mentioning.
This is a huge nothingburger that only caught peoples' attention because of the irrelevant mention of AI.
You could probably truncate the weights to be much smaller and it would just cause a runtime error. Or replace it with mostly zeros. Unlikely that they checksum the file. But ultimately it is a losing battle -- in browser LLM is coming, and future APIs will expose it to js, and it will become essential.
Rolled my eyes when this article got to the unlawful and climate parts. Rolled my eyes harder when I clicked to the homepage and saw what the main sell of this site is. I'd ask why this is so high on HN but it's so tailor-made for this audience I'm more disappointed than surprised.
Agreed, very disappointing. I wonder if this was 40gb would it still be celebrated? 100gb? At what point, if ever would this be recognized as an unwanted waste of space?
What a massive fail on Google's part. They could have given you the option to auth to Gemini, Claude, or ChatGPT (or whatever) and provided a meaningfully better product and experience. But instead, they chose to push their crap on everyone. This is the bullshit I expect from Microsoft, not Google.
The whole Prompt API is poorly designed. Devs will end up trying to fine tune very specific prompts out of necessity, only to have them break with the next model update.
The logic around not providing access to model version to prevent fingerprinting is laughable when the suggestion to counteract fingerprinting from prompting is the model should only update when user agent string updates. Just put the damn API behind a explicit user permission.
While I find the issue at hand extremely annoying and in poor taste (and this is not news - this was known in advance) - the same applies to the blog. This annoying clickbaity SEO slop of a blog seems to exist only to advertise their consultation services.
Javascript running on a page can use a feature that requires a model to be downloaded.
I have pages that use it, or other LLM models via LiteRT or HuggingFace transformers.js.
I try to warn the user, but that is my responsibility as a page author. I like that this is enabling the web platform to remain competitive.
The author is pulling a long bow by trying to claim this is some GDPR violation. Have they ever used the web? There are inefficient sites everywhere, with autoplaying video etc.
4GB isn't nothing, but if a page wants to use it then hopefully it is useful to the user!
Talk about a nothing burger. "OOh they downloaded 4GB!" You mean 30 minutes of Netflix? The carbon emissions thing apparently isn't a big deal since the author says the browser's AI use is cloud based anyway, and offloading AI compute from the DC to the browser isn't really increasing carbon is it? Reads like another AI doomer trying to find something to get angry about.
>offloading AI compute from the DC to the browser isn't really increasing carbon is it?
That is actually an interesting question. I would think that any given amount of processing is at least slightly more efficient when running on large-scale cloud hardware, but I have no idea whether it's a few percent or 75%. There's also some overhead, so maybe there's no gain for smaller jobs.
Try to look outside your bubble. Millions of people still have monthly quotas on their internet plan, and 4GB can be a big chunk of it (possibly over all of it, in some cases).
It's annoyingly huge, but is this worse than that? It's software - it does stuff and takes up space. If it takes up more space than you think the stuff is worth, then complain it's bloated, sure, but I am not sure why "silently" is being thrown around.
This has to be some kind of a limited rollout, since none of my machines have this AI model installed even when Chrome is updated to the latest version. No indication that anything is being downloaded, since after updating to the latest version of Chrome on this machine, I'm seeing <100 kB/s download speeds for the entire system.
..will tell you everything you need to know - including model state, file path, device capabilities, etc.
And there's a single button to uninstall the model.
There is also the ability to load a model from a central location, as suggested by another commenter here, although I haven't tested it yet.
The official chrome.dev Prompt API Playground linked in the thread doesn't work.
Chatgpt made a me tiny chrome extension to test the prompt and summariser api's when they announced last year - my laptop wasn't capable the time but these newer models are obviously smaller and more efficient, so it has sprung into life.
Full prompt and code is on pastebin `7Ja3ATHZ` if anyone wants to test quickly. It summarises the current page and brainstorms app ideas based on the summary.
600 comments and yet no one's questioning the math, just running with "4GB" even though the fsevents log literally says that the file is the result of an unpack operation?
The file might be 4GB but the transfer sure as heck wasn't, so what are we even talking about? How much data is actually transferred? Can someone just grab that weights.bin file and zip it up with max compression and report a more realistic number that we can do the math with, if the number is even worth doing the math for?
> Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane.
OH MY GOODNESS, this is the WORST headline.
If Google Chrome comes with an AI model, and you install Chrome of your own free will, you just gave consent.
The "climate costs" are happening whether or not the AI is there. Sure, maybe it makes the hardware work a bit harder, but like, come on. I'm still using my computer anyway. YOU are the one costing the climate, not Google. You're the one turning the "On" button on.
I don't even know why headlines like these are taken seriously.
consent implies people know what they are downloading but this is a silent feature they are adding.
regular people download Chrome to just use a browser, they don't consent to running an AI model.
>Google Chrome silently installs a 4 GB AI model on your device without consent.
Oh my god thats terrible I hope you continue this article in this mode and dont pivot to some unsubstantiated bs claim that makes absolutely no sense...
>At a billion-device scale the climate costs are insane.
sigh.
Imagine if everyone on the planet start using a memory hogging, cpu chugging browser application what a terrible hazard that would be for the climate.
Oh and it might have an AI component in it.
This claim is worse than the AI in data centers boiling the earth claims.
We can measure carbon released down to the watt. If you have an issue with people using power, shut up and talk to your government about carbon taxation/moving to alternative power sources. trying to shame some power users, quite arbitrarily isn't just senseless its self defeating. Its a measurement problem, the second people start getting shaky measurements of what their neighbors are doing, they start trying to shift the blame.
On the one hand, Waymo seems to have a better safety record than Tesla does. That's not nothing. For someone nominally in charge of SpaceX like Elon is, it's a red flag
On the other, Google does things like this with Chrome, and also they arguably censor. It's irritating
So typical. Just imagining the consequences for someone with chronically low disk space, like me. Luckily I'm a Firefox person, though I use Vivaldi now and then.
Why the hell can't this just be an extension in the first place? Why does it have to be bolted in by default? Why does Google and by extension its employees have this constant need to assault and violate me with this garbage?
Thanks for reminding, it was a moment of weakness. Here is the relevant quote:
> the features that do use the local model (Help-Me-Write in <textarea>, tab-group AI suggestions, smart paste, page summary) are buried in textarea-context menus and tab-group right-click menus
> The pattern was: install on user launch of product A, write configuration into the user's installs of products B, C, D, E, F, G, H without asking. Reach across vendor trust boundaries. No consent dialog. No opt-out UI. Re-installs itself if the user removes it manually, every time Claude Desktop is launched.
God, I'm SICK of this AI slop style. After ingesting terabytes of pirated books you'd expect a little bit more variety in it's writing.
Like 2/3 posts on HN now have this "No X. No Y. No Z." pattern. It's one of strong signals for me that the author didn't bother and just copy pasted their LLM's output as is. And the LLM mostly likely was pointed at some other resource to write the article, and I'd rather read the original. I think HN needs a policy to replace AI slop articles with the original articles/announcements etc. once detected, and technically the guidelines already cover it: "Please submit the original source. If a post reports on something found on another site, submit the latter."
>After ingesting terabytes of pirated books you'd expect a little bit more variety in it's writing.
I think it's the result of post-training. The original base model most likely had a less slopy style. This style is what AI companies think is a good style (they specifically train for it).
This is egregious and the only people who can get away with it are these Big Tech companies. The legal analysis is moot. They have operated with impunity for decades. The law, especially with AI, only applies to organizations that Big Tech and the government want to eliminate. Rules for thee, not for me.
Sorry but the whole climate angle on this is extremely stupid and needs to be challenged. I have noticed this new phenomenon of people using climate as a trump card to oppose any thing they don’t like.
The thing about these kind of arguments is that any economic activity or any sort of action involves some load on climate. The magnitudes are important.
In this case: a single hamburger does the same amount of emissions as 50 such downloads. What’s really the point of this kind of virtue signalling?
> In this case: a single hamburger does the same amount of emissions as 50 such downloads
Hamburger is usually held up as a grotesque example in climate talk and can't be consumed with a clear conscious so are downloads insanely worse than we thought or is a hamburger not even in the same realm of climate damage as usually claimed.
This is a bit disingenuous. If you install Chrome, you install Chrome and all it's parts. They don't ask your consent for individual parts because that would be absurd. If you don't want Chrome and all its parts, don't use it.
If I install Chrome, I expect it to take a few hundred MBs and then only take up additional space in a controlled and transparent manner - for its cache, for example. For me, secretly adding 4GB after installation is a bit too much.
If you're okay with 4GB being added, where would you draw a line? What if it downloaded a 40GB file? 400GB?
Personally I draw the line where Chrome becomes worse than alternatives, and then I switch.
Lately Firefox has been getting better, but I still prefer Chrome for almost all my needs, so I stick to it. This barely even makes a difference to me. If it was 400GB however it would make a difference to me, and I would make more of an effort to switch to something else.
I use Firefox as my main browser but occasionally run into Chrome requirements for certain web apps so end up begrudgingly installing it. I'm in the habit of going straight to the chrome flags page and turning off all this junk exactly because disk usage of chrome is ridiculous otherwise.
I did the same thing, but realized I was contributing to the problem. If a web app requires Chrome for full functionality, then us switching browsers is giving them permission to continue and expand their invasive practices.
These days, I just navigate away from anything that demands I use Chrome "for best results." One of the sites for a local utility company does this, so instead I just call monthly and pay or manage my service by phone. I'm old enough to remember when that was the preferred way after mailing personal cheques went the way of the dodo, so it does not feel that inconvenient to me, but I can see where it might for other people. Still, nobody said the fight to regaining our agency online would be easy. Or convenient.
What's another 4gb of disk space when computer hardware prices are soaring into unobtanium?
I hate how much companies don't care about efficiency or their customers. It's like windows 11 requiring like 2 more GB of RAM just to see your desktop, what an upgrade, yuck.
I think the only time I've ever had to use Chrome instead of Firefox was because of some USB device thing that worked inside Chrome. Otherwise everything just works in Firefox.
I am using Firefox for years now. It's such a splendid experience.
I can recommend the following extensions:
- Youtube Enhancer
- DuckDuckGo Privacy Essentials
- Cookie Auto Decline (a MUST for Europeans)
- Slop Evader
- No Gender (a MUST for Germans)
Its a totally different browsing experience than what most people have.
I recently watched my kiddo looking something up with Edge on her laptop. I had to interfere and install Firefox. It was ridicolous!!! The amount of spam on the screen. How people can cope with this is beyond me. Especially if the solution doesn't cost anything. Just Firefox + some free extensions.
edit: because people asked about the No Gender extension:
Germany didn't have “gendered” language, until it was introduced some years ago.
Imagine the sentence: The teachers explain to their pupiles that the managers work only for the shareholders.
in regular German, it would translate to:
Die Lehrer erklärten den Schülern, dass die Manager ausschliesslich für die Anteilhaber arbeiten.
In gendered German, it became:
Die Lehrer:innen erklärten den Schüler:innen, dass die Manager:innen ausschliesslich für die Anteilhaber:innen arbeiten.
Firefox added split view where you can look at two (or more) webpages side by side. This is a lifesaver when you have to fill up a form looking up stuff from another page!
You don't have to have the sidebar chatbot thing. When mozilla added these AI features, after the update the browser prompted me to whether I want it or not, with the "yes" and "no" being equally easy to select. It did not add them without consent. You can disable all AI features altogether, or you can completely remove chatbot sidebar specifically (with 2 clicks) and have the rest of the features if you want them.
Gosh most of the time when I read people complain about firefox, it gives me the impression they have not even used firefox.
That's really a bullshit argument. First off, there are plenty of technical solutions that allow minors (15-17 years old) to bypass the restrictions: using sites that don't follow the law, using Tor, etc. But furthermore, these measures to restrict access to porn are counterproductive for sex workers, because it makes their situation more precarious, and they only exist to weaponize the "think of the children" narrative in order to push draconian laws and social control. Soon it will be social media's turn, and then the entire internet asking for an ID. This isn't just an empty "slippery slope" argument, it's exactly what regulators are currently doing in all Western countries.
Oh is this the browser by that company that are funded half a billion dollars a year by Google and want to become an advertising company[1] and wants their browser to become a modern AI browser[2]?
... that recently added a setting which allows you to entirely disable any AI enhancements? https://support.mozilla.org/en-US/kb/firefox-ai-controls#w_b... I mean Mozilla / Firefox aren't perfect but it's a hell of a lot better than Chrome and this comment does feel a bit like the perfect being the enemy of the good.
Sounds like you've jumped to conclusions without reading the whole thing, or are making a disingenuous connection between two very different concepts. Climate impacts (really just energy waste) and "legal" arguments are different parts of this article. The legal part centers around whether they have permission to install this model along with Chrome, and whether they are using deceptive practices related to the model.
"Article 5(3) of Directive 2002/58/EC (the ePrivacy Directive) prohibits the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user, without the user's prior, freely-given, specific, informed, and unambiguous consent, except where strictly necessary for the provision of an information-society service explicitly requested by the user..."
That is not about climate.
The article goes on to say that there would not be a legal issue if Google simply asked, documented, not taken initial action without user approval, allow deletion, etc. Also not about climate.
What they do imply is that Google's being dishonest if they say that they are carbon neutral (as is often said in their Environmental, Social, and Governance reports) while imposing up to 250 GWh of power use on network providers and end users. I can see the concern.
Or places with collateral damage due to failures of German ISPs and state... That is many other parts of Europe while roaming... 4GB is significant cut of the roaming data allocated...
Does anyone else find the writing in the article to be overdramatic? Including a 4gb is a negligible amount of space for current hardware and Chrome is not known as the browser to run on resource constrained devices. To put 4gb in context, I currently have 2 *tabs* open that nearly take up 4gb. The fact Chrome also has a way to disable this makes it kind of a nothingburger in my opinion.
> The roughly 4 GB × N devices of disk-storage cost, sustained, on user hardware. SSDs have a per-GB embodied carbon cost of approximately 0.16 kg CO2e per GB of NAND manufactured [18]
The estimated environmental aspect of the download also seems like an overblown point, noted for sensationalism. There are always hand-wavy numbers involved and I had to look no further than the quote above to find evidence of this. The reference for [18], "The dirty secret of SSDs: embodied carbon", incorrectly links to "Toward Carbon-Aware Networking" and makes no mention of the environmental cost of SSDs. After looking up "The Dirty Secret of SSDs: Embodied Carbon" myself, I was able to see the same methodologies as I was expecting used [1].
> We conducted an analysis encompassing 94 Life Cycle Assessment
(LCA) reports, which collectively quantify the embodied cost of
SSDs. Owing to the scarcity of direct and up-to-date LCA studies
focused specifically on SSDs. We compiled a dataset comprising
LCA reports pertaining to Server, Workstation, Desktop, Laptop,
and Chromebook products, all of which feature SSDs
All these studies rely on metrics extrapolated from layered assumptions and end up being used by those who try to use them as objective numbers.
Exactly. Nand is expensive. I upgraded what my laptop came with but after installing a few games, cloning repositories over the years, various projects I've done, and other regular use, it's perpetually full. 4GB is probably about half the space I have free at any given time
Which apparently means it'll never install btw, even if I were to run Chrome. Another comment said they check for 22GB free space
> Including a 4gb is a negligible amount of space for current hardware and Chrome is not known as the browser to run on resource constrained devices.
4gb definitely isn’t a negligible amount of space on most people’s devices.
The quite successful it would seem MacBook Neo has 256GB of storage in its base configuration.
A MacBook Air and a basic sub $1000 Dell laptop starts at 512GB.
> To put 4gb in context, I currently have 2 tabs open that nearly take up 4gb.
You are conflating disk and memory.
> The fact Chrome also has a way to disable this makes it kind of a nothingburger in my opinion.
There’s a reason they picked an opt-out model for this, and not an opt-in approach.
But I also see the point in it. We recently did a hackathon, and I considered relying on Gemma 4 for privacy considerations. The local model could interpret the user’s natural language request and derive less privacy revealing requests to form based on that.
But then, a web app that shows people a loading screen while it downloads a 4GB model probably wouldn’t be a best-selling UX.
I don't get the outrage. AAA games routinely take 100-200 GBs. I certainly prefer local inference to feeding google my private data over the network (assuming they actually don't do that anyway...)
I already pay for an LLM, and one that's much smarter than Gemini Nano. I didn't ask for this, I didn't make any choice for it to be installed, and I almost certainly won't ever use it.
Sometimes I marvel at how nice it would be to have such a narrow view of the world and other's perspectives and contexts. Life would be so much easier!
https://archive.ph/vhTfm
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Microsoft Word installed an English language spellcheck dictionary without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of disk space or bandwidth to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
It's additional software that many users didn't ask for, don't want and will not be aware of. Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
Honestly, for most features you could justifiably say its fine. I mean honestly, how large is an English dictionary? 100 KiB? That is a far cry from 4 GiB. Just taking up 4 GiB of disk space without even asking is indeed a shit move no matter how you shake it. If Microsoft Word updated and suddenly took up 4 GiB more for something like a dictionary, it might not cause as much uproar as if it were something that many people are tired of hearing about and not interested in, but I'm not sure you would find a single soul who would find that acceptable, more just tolerated, probably partly because a lot of people simply wouldn't know better.
> It's additional software that many users didn't ask for, don't want and will not be aware of
You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
I don't have even a single use for Siri on my Mac. It's useless AND redundant with the Siri that I have to have on my phone, yet Apple downloaded and installed "Siri" on there. If I install GarageBand which is the only first-party way to do basic audio manipulation, Apple installs at least 4GB of audio samples on my Mac.
None of this is to say "I approve of this exact thing Google is doing" - just that I agree with GP that this is exactly the same as what every big company (and many small ones) do every day.
The only "consent" we ever get is basically the all-or-nothing EULA we have to click Agree to in order to log in for the first time - the relevant terms are "Want computer? Accept that we will be shipping you all kinds of code constantly, for 'reasons.'"
30 replies →
> That is a far cry from 4 GiB
Equating a 4GB file installed without explicit consent to the installation of a language dictionary is comical. That's like saying an unwanted political mailer left in your mailbox is the equivalent of a pallette of hammers left in your driveway.
12 replies →
The issue is the size of the 'update' and the impact it'z going to have on your computer performance.
If tomorrow Google was to include a Blockchain miner in Google chrome, you'd still say you consented to it by using their software ?
Because I'm pretty sure that this LLM is also going to be used by Google to gather data on the user and feeding it to Google, hence just like the Blockchain miner using our computer ressources (space & performance) to feed Google yearly benefits.
1 reply →
> Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
You know, I never thought about it like that, but it is true. The bloat and spyware is a core part of the OS now.
It's just more efficient that way!
Chrome installs additional software that 99% of users don't use. It can intercept and modify code running on your computer, and spies on all network requests. Hackers use it to analyze potential vulnerabilities. 90% of users aren't even aware that it exists!
You could say the same thing about shipping V8 with Chrome. Some users disable JS so shipping V8 with Chrome is additional software they didn't ask for.
5 replies →
An AI is not additional software. Infact, a model is not software.
6 replies →
If someone puts a camera and a microphone on devices that don't need them, then it's a) pushing up the price of goods for everyone with features that mainly serve corporate, b) there are bad actors out there even if you think corporate is a good one, c) no reason to think corporate is a good actor.
Shipping an AI model with a browser is starting to look like sticking cameras on ALL glasses, not just smart glasses, regardless of whether anyone wants that. Saying this is fine and not unusual is clearly motivated reasoning and just normalizes the surveillance state. It's very obvious the way this ends. Browser-based models will eventually be using your computer at the edge to save corporate money in the cloud while they do ever more expensive and invasive stuff to profile you.
Shipping the model with the browser is exactly the opposite of what you are claiming.
The alternative is sending the data to Google.
3 replies →
No, what's misguided is equating the legal definition of consent ("It's in the ToS") with actual consent. When everyone (especially google) knows 99% of users don't read the ToS. Can they sue over it in a court of law? Maybe, maybe not. But they can write articles, spread the word and generate bad press for google. Then maybe consent will be actual rather than constructive.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
For me the most significant problem is the lack of consent. I assume it's just not how you want to frame the problem. Ignoring the problematic parts or behavior of some sort of behavior is a common problem in modern software, and it's actually what the article is complaining about.
I don't think this is a question of framing or ignoring problematic behavior at all. I'm quite certain that you wouldn't find it anywhere near comparably egregious if Google added a new developer option without your consent- the most significant problem is the 4GB and the LLM. And, of course, you did consent to their software terms. You are free to switch browsers. What does consent have to do with this?
1 reply →
Exactly this. My issue with Microslop isn't that they're using AI, that is its own can of worms.
It's the fact that they were forcing it into MY computer, using MY bandwidth for THEIR profit goals. The lack of consent was the final nail in the coffin for me, no computer in my house uses Windows now, and it will at best be a long time before that changes.
I got rid of Chrome ages ago as well. Chrome's only redeeming feature is its user base. It's slower, uses more system resources, ugly as a browser, and now its an AI rapist too.
That's like saying users have no right to push against certain features. It's like saying Windows Recall was always ok and there was never any reason to demand it not be installed. The only difference is one can choose to use a different browser easier than they can choose a different OS.
You're right in the sense that practicality and consent are orthogonal issues. There are probably stronger arguments to complain about a feature than the disk use.
> The only difference is one can choose to use a different browser easier than they can choose a different OS.
I'm not even sure that is actually true for most people. If you mainly work in the browser, which many do, then you can change the OS under it without impacting the user too much but change the browser and there will need to be much more to adapt/relearn.
> It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
So where is the line we draw where bait-and-switch goes from being acceptable to unacceptable?
MA Chapter 93A for example clearly says that businesses are prohibited from "unfair or deceptive practices" including misrepresentation or concealing defects. Where do you think the line should be?
If you market a product as a Browser and it's codebase is 10% browser related and 90% some other program... Should Google have to correctly represent that product?
Related; If you didn't like when Apple forced you to use Siri on your phone, why did you purchase a Mac? Did you not expect them to continue disrespecting your sovereignty after you let them get away with it the first couple dozen times?
In principle I agree, but chrome has an auto-update setup and using that mechanism to download several GBs of data that is not critical to the app itself is cause for question.
Chrome is not entitled to my disk space just because I installed it and Microsoft has been excoriated for the exact same behaviour with AI.
>Chrome is not entitled to my disk space just because I installed it
When you install any program it becomes entitled to your disk space, by the definition of installation. If you don’t like the program, you can just uninstall it and it’ll no longer take up your disk space.
1 reply →
Couldn't the same argument be made for Chrome suddenly including a bitcoin miner? Seems like that would be a difference in degree rather than in kind.
The difference would be intent. A nearby comment worries that the endgame is the ODM being used to monitor you and report back. Certainly wouldn't put it past the world's biggest ad company to think of that! And if that is what purpose it's put to, I think I'll be mad too.
If Chrome shipped a crypto miner and used the resulting coins generated on my device to let me automatically bypass paywalls with micropayments that would be way better than if they shipped the same and just took the coins.
I agree to install it, but I don’t agree to automatic updates. The bigger problem is, I can hardly find where to disable Google’s automatic updates. In the end, I just locked the file permissions to stop that virus-like auto-update program from running.
Auto-updating browsers is one of the best advances in the web dev space in the past decade. I find it hard to believe that anyone who did web development before evergreen browsers became a thing would ever disagree.
2 replies →
> It's just part of the software.
What isn't part of the software? Can they just install as much garbage they want to, as long as they claim it is part of the "browser"?
Also, scale absolutely matters. If I pull up in front of your house and say "hey, mind if I park here?" and you say yes, then I park, walk away, and 10 minutes later park a fleet of 18 wheelers in front of your house, you're going to feel like I wasn't...entirely forthcoming about what I intended.
Where does this line of thinking end? What couldn't be construed as part of the software?
It ends at the usual place, the shrink-wrap agreement. What did the license agreement say?
3 replies →
What is the line is a good question. I'm strongly pro-user agency, but I still think consent is more around what actually impacts the user. If there's some safeguards, for exceptional cirumstances that users can get into if they need it, I feel like the software has to be doing more, having more of an impact on you for there to be an offense or problem here.
That said, I do want to amplify agency. I don't immediately know what to expect for disarming this. If a website starts hitting the API heavily and my machine's fans are spinning up, where am I at, and what do I expect? It feels like the web is close already, with a pretty sophisticated permissions model, where we go to look for things. I'm interested in an evolved permissions model for the web, where even when permissions are on by default, it's the same flow to turn them off. I think that would remove a lot of the grounds for "I don't want this" that seems so persistently abundant these days.
Even it feels like the risk is so low/non-existent, if the user's demanding less agency from the their user agent, in principle I guess we ought give them the less that they asked for. Usually. But that always has some kind of practical limit too. CSS made some people mad! It's ok for this not to be the software for you, for you to go need to go somewhere else.
I believe that relatively inert capabilities like this, where mostly it's taking up some storage space and joules, is generally not really altering the contract, and is fine.
I think the disk space and bandwidth are what make consent needed, because it’s implied that the browser may download small pieces of data but the user would not expect such a large file be downloaded so it should check with them
Under the EU AI act this REQUIRES disclosure. The user should be informed that the system is installing an LLM
I think it falls more into the category of needing consent like a crypto miner would. If I use a piece of software to do X and it begins using more resources to do Y that can be a serious issue and is at the heart of this discussion.
A crypto miner needs consent because it burns your battery and CPU power with no benefit to you. This AI model would only be used when you invoke it so the only problem is disk space, which the comment you're replying to acknowledges as a point of issue.
5 replies →
It is changing the product significantly. I wanted/consented to a browser. Nothing more. Agreeable, nothing new with the browser vendor pushing plugins down our throat which are not browser core features, nevertheless not right.
Welcome to 2026, in which a browser is an operating system!
1 reply →
> nothing new with the browser vendor pushing plugins down our throat which are not browser core features
You need to find another browser, if your desire is only browser core features. You have that freedom!! You can do it!
On the other hand: I don't think anyone caters to that position, because it's a bad/nonsense position, that users don't want. There are some browsers that come closer to this, but this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
3 replies →
> I wanted/consented to a browser. Nothing more.
I agree. I want just a browser. No non-browser-related features, such as JavaScript, CSS, WebRTC, WebGPU, Wasm, etc. Nope, just browsing.
Edit: /s, obviously
4 replies →
It’s actually really useful for web devs to have access to a local model. Whether or not browsers should bundle their own rather than using the system-provided model(s) is up for debate, however. For the time being, though, Google does have some of the better small ones.
Furthermore, users aren’t going to want to have to wait for an extra thing to download before their web apps can use AI.
That’s the thing… Without context of why, users probably wouldn’t want a 4 GB download. But they do want their web apps to work properly. When there’s a specific use case they’re interested in, they will want to have it, and they won’t want to wait.
8 replies →
Even Microsoft doesn't install a spellcheck dictionary unprompted; that happens when a user/admin goes into the app configuration and changes the language support options.
But then they should state that minimum size of Chrome is 5-6GB (lol, OS size). Sure this feature should be installed by informing the user what are the pros/cons; just installing without asking - means that you are using user's traffic (huge for mobile, for example) and disk (quite a large part) without notice, which is probably a bit shady.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Java installed an ask.com toolbar without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
wellackshually the bloatware explicitly asked for consent. There was a checkbox at the end of the EULA asking you "I also don't agree to not install the ask.com toolbar. You wouldn't do that, would you?". There is a state of that checkbox which would not install the toolbar, because, as you know, it's not part of the software I'm trying to install. That state, however, is left as an exercise for the decompiler. :)
Though I kinda agree that framing it as "consent" feels a bit off even if I myself would say no if only Chrome had the courtesy to ask. What icks me more is a 4GB[1] blob that has no relevance to the primary business of being a web browser; this is basically the IE anti-trust issue all over again. And it's an experimental feature! Under saner policies this thing would be a plugin from "Google Chrome Labs".
[1] I found weights.bin in Ubuntu 22.04 Chrome v147.0.7727.137 but it's "only" 2.7GB. Still, my ick stands.
2 replies →
Disagreed; it's not a download you'd expect and it's also at least an order or two of magnitude than you'd expect to find reasonable for browsing a page.
I have a 2GB mobile data plan. If I was using Chrome, then some site triggers the Prompt API, that will cause Chrome to not only wipe out my data plan, but need 2 of my data plans. I don't find this reasonable.
This is exactly a consent problem, because I'm not denying it might be a useful feature, but it should be at the user's own informed choice. The fact that Chrome developers don't appear to see this might be due to them living in a bubble where they've never had to think about the costs.
This kind of unwanted software installed with a product you want used to be clearly considered malware. But these days software companies all think they own your computer and can do whatever they want.
Chrome's model is based on copyright infringement and court cases are pending regarding legality. Even if spellcheck dictionary was 4 GB, installing bloated but legal software is different.
i wonder how exactly it makes it harder to have a discussion. would it be okay to talk about spyware in terms of consent, or would that make it harder to discuss as well? can you think of a situation that it wouldn't be unhelpful to frame what software does in terms of consent?
If Rockstar games can be criticized for Hot Coffee then Chrome can absolutely be criticized for such bloat ware.
Invoking a different case with bad logic doesn't make this one any stronger. I never understand this impulse, is it just "nuh uh!"?
That was also stupid
TIL, what a nutty situation.
please don't defend this anymore.
People installed an html client, not a backdoor into their computer.
Incorrect. Adding LLMs in the browser IS the backdoor into your computer.
You’re probably right in a literal technical sense, but a very large number of people (maybe most?) would choose “no” if properly informed and asked for consent, and lots of people are morally opposed even in principle to downloading a large AI model onto their computer. I’m not one of them, but they’re out there. So in a cultural sense, it is different.
What % of Chrome users (this is the default browser that nearly every 'normal person' uses) do you think is confident (and knowledgeable) enough to answer this quiz:
I'd say maybe 5% could get 80% of those right. So, most people would be purely guessing the same way I'd be guessing if you asked me if I want 800mg of Beta-Carotene for $1. I don't know for sure if I need any Beta-Carotene, and if I did need some I wouldn't know if 800mg is a little, just right, or way more than I'd ever need, because I'm not a nutritionist.
Can't stand this kind of corporate apologism. It's one thing to disagree about whether this is a reasonable thing to do, but there's no need to additionally gaslight people about whether their category of grievance is even valid. Of course it's consent. They did it, without consent, that is a simple and factual statement. You consented to one thing (a browser) and not another (a giant AI file). And then the question with consent is whether the thing is something a person ought to seek consent for, which is entirely relative to how the person will feel about it. Installing a dictionary, probably not because it's small. Installing a 4GB file, probably yes. Obviously.
They are abusing our trust. That's the issue.
not just that, unfortunately
This is just today
"Tech giants Microsoft, Google and xAI say they will allow the United States federal government access to their new artificial intelligence models for national security testing." https://www.aljazeera.com/economy/2026/5/5/microsoft-google-...
Its not misleading, AI models (unlike English spelling check) has the potential to mine data on users and invade privacy all under the name of "training the model". I am very skeptical of AI models. Governments and big corp have the ability to exploit AI models and none of them a righteous for us to feel safe from a move like that.
Local models exist as part of the solution to privacy invasion. Not saying google has never been nefarious, but the whole point of local models is that your data doesn't leave your device.
News from the year 2030: Google takes your credit card info, sells it on the black market for pennies and kicks you in the groin.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Google stole your credit card info without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of physical abuse to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
You're arguing in bad faith.
1 reply →
So… every software package you’ve installed has the right to consume an unlimited amount of your system’s resources? It’s an absurd argument. By that logic it can fill your hard drive, RAM, and max out your network bandwidth and the user would have somehow agreed.
Except spellcheck is a reasonably foreseeable part of a word processor. An AI model isn't really a common component of a typical web browser.
Disagree
It is consent - and its a pattern ubiquitous in tech.
Idk a random model being part of the software is not a given as much as things are trying to be pushed.
i think if google can show that they know what it does and able to contain it then sure, it's a tool they have power over. if not then I don't see how it is being contained by the terms
A spellchecker is a standard function of a text program.
Since when is an AI part of the browser?
On top it’s another abuse of their market domination. What if users prefer other models?
By that reasoning, any novel/cutting-edge addition to a browser or other software is wrong? Every standard was new at some point.
8 replies →
At least Word lets me choose which dictionaries I want to install during its installation. With an estimate on how much disk space it will take.
There was a point in time when a spellchecker was not a standard function of a text program, and a spellcheck dictionary would have been considered a large file to include with that kind of software.
I'm not a fan of Google's actions here, but I do think it's possible that at some future time we'll say, "but a local AI model is a standard function of a web browser."
1 reply →
Hey if people could go for their pitchforks and torches over Apple giving them a free U2 album that ate up limited device storage space,
we have every right to be upset at Google's audacity to suddenly gobble up 4 fucking GB
Also from the same webiste, Claude installing spyware: https://www.thatprivacyguy.com/blog/anthropic-spyware/
but discussion about that seems to have been suppressed on HN: https://hn.algolia.com/?q=Anthropic+spyware
That was an even more ridiculous post. It wasn't spyware, it was a messaging bridge being installed for exactly the purpose it was intended. It was Claude Desktop installing a bridge that would allow Claude browser plugins to communicate with it. It was only used if the user had installed the browser plugin, and all it did was grant that plugin access to the app that had installed it!
1 reply →
I disagree. Its a browser, damnit. Framing it as non-consentual AI is the right way. BTW, how much does Google pay you for this comment?
> You consented to installing the software and having it autoupdate.
You make a good case for much stronger laws and regulations on what such consent can legally allow.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
Spoken like a Google shareholder. It’s wild to see this level of gaslighting being presented as some sort of reasonable position.
hey i found google ceo here!
Disagree. By your framing, might as well add a 4 Gb LLM to grep as an unasked for and downloaded option.
you are being very disingenuous. there are certain expectations from a software vendor. taking things into extreme, if something install malware as an update on your computer, is it not a silly claim that it is free for vendor to do so?
"You consented to installing the software and having it autoupdate. That covers it."
Were the terms something like
https://chromium.googlesource.com/chromium/chromium/+/refs/h...
"11.1 The Software which you use may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the Services."
https://www.gdpreu.org/the-regulation/key-concepts/consent/
"Where should the consent request go?
Consent information must be easily identifiable by the user. It should be presented separately from any terms and conditions."
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
"You cannot rely on silence, inactivity, pre-ticked boxes, opt-out boxes, default settings or a blanket acceptance of your terms and conditions."
https://www.edpb.europa.eu/sites/default/files/files/file1/e...
"The element free implies real choice and control for data subjects. As a general rule, the GDPR prescribes that if the data subject has no real choice, feels compelled to consent or will endure negative consequences if they do not consent, then consent will not be valid.13 If consent is bundled up as a non-negotiable part of terms and conditions it is presumed not to have been freely given."
https://www.dpo-consulting.com/blog/gdpr-data-consent
"GDPR Article 7 further tightens consent. It requires clear requests (separate from general terms), a right to withdraw at any time, and documentation to demonstrate that consent was validly obtained. In short, you must prove that a person knowingly opted in. Records of data consent (who, when, how) are mandatory so that you can show regulators you followed GDPR consent requirements."
"You wanted a banana but what you got was a gorilla holding a banana and the entire jungle." - Joe Armstrong
You installed a banana with autoupdates enabled by default. Therefore you consented to installing a gorilla and an entire jungle
Anyway, joking aside, what's missing from this blog post is discussion of potential remedies for the alleged violations
It may be acceptable to Google to violate GDPR, etc. if the remedies enforced are merely a "cost of doing business" and not a threat to business success
Yeah, no. I installed a browser, I expect it to install the required components for it to work _as a browser_. I do not need a local AI model for it to do that. If there are features that need that, fine, but I expect it to at the very least ask permission since those are absolutely not required functions. It’s like if Word installed a bunch CAD modeling software in the background. There’s just no way it needs that to function for it’s primary purpose.
[dead]
[dead]
You're missing that this is anti-AI activism
We should be actively anti-AI being part of a web browser just like that though.
10 replies →
It's not about AI. I'm pretty sure most people wouldn't be ok with eg a calculator app shipping a 4GB word processor.
Maybe it’s pro-browser activism.
A browser should render web pages not bring its own AI
2 replies →
It is? Or is it just a pragmatic dislike?
We don't have AI. We have language models trained by rapacious companies on copyrighted material with no concern for copyright violations and with a penchant for intentionally anthropomorhizing their models.
I'm an anti corporate malfeasance activist.
Hacker News and it's underemployed and underpaid user base gets these two confused all the time. I assure you, your tolerance for language models, or your willingness to use them, will have _zero_ impacts on your pay scale in the coming decade.
Finally you should be aware that Google markets this addition as an "anti fraud" and "anti spam" feature. They should have to justify that, I shouldn't have to justify my expectations as a consumer.
3 replies →
If Chrome has the #optimization-guide-on-device-model and #prompt-api-for-gemini-nano flags enabled, either because it's part of some Origin Trial / Early Stable Release or something, then web pages will have access to the new Prompt API which allows any webpage to initiate the (one-time) download of the ~2.7 GiB CPU or ~4.0 GiB GPU model using LanguageModel.create()
https://developer.chrome.com/docs/ai/prompt-api
When Chrome 148 releases tomorrow, this will be the default behaviour on desktop.
To download, it should check for 22 GiB free disk space on the volume where your Chrome data dir is, and at least double the model size of free space in your tmp dir.
First the tabs came for the RAM and i did not protest, for i had plenty. Then they came for the chip and i did not protest, for it was dark silcon anyway. Then they came for the HDD.
And then they made the ram and ssd so expensive :)
I am curious if it reuses the LLM across all tabs, hard to imagine most machines can boot up 1-2 of any 4gb model unless its a more powerful system.
2 replies →
Okay, but the browser is basically the computer for most people.
Told ya.
The more severe problem is that Google installs model weight files on a per-user basis, meaning Chrome occupies 4 more GB of space for every OS user on your device.
The company I work at has several environments and hundreds of VDI users in each environment. Chrome is the default browser in all of them. By my rough napkin math, this one small change by Google will eat up at least 15 terabytes of new disk space in total. (I sure hope we are using deduplication at the physical storage layer...)
7 replies →
Does each playwright (or similar automation system) count as a different user, and does it keep the model around ?
If yes, it's an interesting API to call when a AI crawler hit your website.
4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks (and in the future even PhD level intelligence) for free?
Oh, the horror!!!
Wait, let me pay my HVAC guy $500 he deserved because he came all the way from his home to replace a fuse
10 replies →
You can already trigger a 2 GB model download with the Summarizer API[0], which is already shipped in Chrome.
[0]: https://developer.chrome.com/docs/ai/summarizer-api#model-do...
I think this is a distinct model from the Prompt API, since the other shipped AI APIs use fine tuned models.
Both of them say they use Gemini Nano.
1 reply →
So now we're up to 6 GB
1 reply →
The problem is that some of us are still on connections that charge per GB in rural areas. Here in Montana it's very common to pay about $0.25 per GB regardless of how much you use, so this is a $1 additional cost per desktop device. Places like public school districts have hundreds of computers and this will be somewhat significant for them.
I was thinking a similar thing. Many of our customers have purpose use computers that rarely see physical infrastructure internet, but need a modern browser (many chose Chrome on their own, we never recommended it).
They're going to get blasted with cellular data charges when they fire up their computer in the field.
Google's updater service also currently ignores the windows 11 metered connection hint. It will gladly download that model over your cell connection even if you have a data cap.
This is infuriating behavior.
Silicon Valley must wake up and understand the entire world does not live like them.
It is a small model, so what utility can I / Google expect from it? What is the on-board model used for?
It's not a very good small model to be honest.
That said, you might be surprised to learn that some of the models from 3b-9b could probably replace 80% of the things nonvibe coders use chatgpt for.
Its a good idea to run small models locally if your computer can host them for privacy and cash saving reasons. But how can you trust Google to autoinstall one on your machine in 2026? I just couldn't do it.
33 replies →
It's based on Gemma 3n, and it's not the best.
I find it works fine for simple classification, translation, interpretation of images & audio. It can write longer prose, but it's pretty bad.
It can also write text in the format of a JSON schema or regexp for anything you might want to do with structured data.
4 replies →
I find models of this size (not tested this one specifically) at being very good at simple data extraction from user input. Think about things like parsing date and time of an event from a description or parsing a human-typed description of a repeating event rule.
this is considered a large model. i think you might be surprised how many "small" models chrome has already pulled down on your disk.
but to answer your question: one of the services that uses a small model: PermissionsAIv4
""" Use the Permission Predictions Service and the AIv4 model to surface permission notification requests using a quieter UI when the likelihood of the user granting the permission is predicted to be low. Requires `Make Searches and Browsing Better` to be enabled. – Mac, Windows, Linux, ChromeOS, Android """
1 reply →
I ran a fairly large production test of this and on _every_ measure except for privacy it was worse than a free tier server hosted LLM.
Not happy about that as I would like to see more local models but that's the current state of things.
https://sendcheckit.com/blog/ai-powered-subject-line-alterna...
1 reply →
Something to do with serving more ads. My guess is they will use this to “better target” or to drain more information from you for their ads.
> It is a small model, so what utility can I / Google expect from it?
Precedence for shipping models alongside consumer software.
Potentially without consent if it truly is a silent install.
Those two (and more) exist in chrome://flags in Chrome 147. I'm disabling them now, with the expectation that will prevent the new default.
One option I'm leaving as default is "Use LiteRT-LM runtime for on-device model service inference." Any comment on that?
I'm on Chrome 147 too and disabled:
"optimization-guide-on-device-model"
- Enables optimization guide on device
"prompt-api-for-gemini-nano"
- Prompt API for Gemini Nano
- Prompt API for Gemini Nano with Multimodal Input
and deleted weights.bin and the 2025.x folder in "OptGuideOnDeviceModel"
Will report if Chrome 148 downloads the model again.
6 replies →
Those flags will exist already, but will default to enabled in 148.
That other flag is for using a different open-source inference engine to the (from what I can tell) closed-source one that's used by default.
[dead]
Searching about:flags for model comes up with a whole bunch:
#omnibox-ml-url-scoring-model
#omnibox-on-device-tail-suggestions
#optimization-guide-on-device-model
#text-safety-classifier
#prompt-api-for-gemini-nano
#writer-api-for-gemini-nano
#rewriter-api-for-gemini-nano
#proofreader-api-for-gemini-nano
#summarizer-api-for-gemini-nano
#on-device-model-litert-lm-backend
Then around gemini but not caught by the search for models: #skills (maybe? I think this is implied by "gemini in chrome"?)
edit: I don't see a carte blanch AI disabling option. As much as I dislike Mozilla's growing obsession with AI, at least they give me a top level option to disable all AI stuff. I only keep Chrome around for occasional testing reasons.
So my understanding of that is that the download happens only when sites call the Prompt API right?
Because my Chrome stable has been updated to v148 now, and I don't see any AI models in my user profile folder. My profile size is only 328 MB, with the Code Cache subfolder occupying the most space (135 MB).
In my understanding, yes. I wrote a blog post about some of the internals here: https://news.ycombinator.com/item?id=48028662
Do you know if also Chromium has thesenfkags enabled?
Depends on where you get it. By default the flags will be enabled, but some packagers may choose to disable them. I haven't seen a major distro release chromium 148 yet.
Weirdly though, chromium won't be able to actually use the model even though it can download it, because the inference engine is a closed-source blob.
https://adsm.dev/posts/prompt-api/#which-browsers-support-th...
I wrote a more detailed blog post here:
https://news.ycombinator.com/item?id=48028662
Next step: Invoke the prompt API from within online ads and run a "p2p" AI inference provider which forwards incoming LLM queries to website visitors. :-)
This sounds perfectly reasonable. No objection from me.
I believe webpages that use the API must request from the user via a system permissions dialogue to aces the prompt API, according the docs a few months ago.
It can only be called after the user has interacted with the page, but there's no dialogue from the browser
https://developer.chrome.com/docs/ai/get-started#user-activa...
[dead]
An extra 4GB per user on our NFS home file server is going to be a huge pain (several thousand students). And for our Windows lab machines, they end up in AppData\Local (which isn’t redirected for operational reasons) so we either leave the profiles in place and let them accumulate (suboptimal) or clear out the profiles as we normally do and let it redownload, over and over again.
As much as I’m against unexpected 4GB bloat for an AI model, I’d much prefer it to install one copy, system-wide. 4GB per Windows or Linux lab machine, rather than a 4TB minimum load on our NFS server and 4GB downloads per user, per machine on our Windows labs.
Fellow sysadmin here. I'm glad to see somebody else thinking about the practical side of this.
Google should know better. Chrome has local administrator permissions anyway (w/ its updater) so they should have installed a single copy for the entire machine.
It's not cool to give a damn about the people who keep mundane stuff like desktop infrastructure, file servers, etc, working, I guess. The wanton disregard to even talk to a single in-the-trenches corporate sysadmin seems like malice.
Google has not ever cared about the real world implications of their browser decisions in the past. I can't say I'm surprised that they didn't start caring for this occasion.
I tend to deal with unwanted installations by creating a zero length file with the name (weights.bin) and remove all permissions from all users, taking the ownership as well. While the download and friends commence they fail to overwrite it.
The tactic used to work even as prevention to common RPC exploits (viruses/worms) on windows as well (in the early 2000s).
Conspiracy theory: making the browser bigger makes it harder to run large quantities of headless versions, for all the useful (but anti-Google) things that enables. I suspect this is directly tied to the ongoing ascent of verification laws and other pieces of the drive towards authoritarian dystopia. They're basically DDoS'ing providers of browser-VM services with this.
Why not force a light-weight browser and prohibit Chrome?
That would create vastly more support issues. You don't get to choose the software your users need.
2 replies →
Because due to Google having a near-monopoly on the entire goddamn Internet, a shocking number of websites and services will refuse to work with non-chrome browsers.
2 replies →
I stopped using chrome 15 years ago and de-googled my life 5 years ago. The hardest thing to let go in fact was Gmaps (most alternatives, until recently, were not great) and I'm still captured by android, but rome was not built in a day.
Quitting chrome these days is the easiest thing to do. The writing is on the way. You don't control the browser on your network, google does. ANd for better or worse, google's priority is AI at this time.
Sysadmins should take notice.
If the network is ~65% chrome and thus deemed painful, take the gradual approach. Do not push chrome on new devices or users. Watch that problem slowly go away.
> most alternatives, until recently, were not great
Curious to know, what viable alternatives did you discover?
Kagi Maps isn't bad, it's slow but POIs are there with enough data.
Wait, Chrome has been around for 15 years? Damn I'm old.
> Energy intensity of network data transfer: 0.06 kWh per GB, the mid-band of Pärssinen et al. (2018) "Environmental impact assessment of online advertising", Science of The Total Environment [14]. The paper reports a 0.04-0.10 kWh/GB range depending on the share of fixed-line vs mobile transfer and inclusion of end-user device energy. 0.06 is a defensible mid-point.
2018? An estimate from 8 years ago is going to be off by a factor of 10 or so.
Not sure you'd get far with the legal arguments unless you're actually a lawyer. Too easy to misunderstand the jargon (i.e. the same reason why it's dangerous to use an LLM as your lawyer).
(As an aside, the whole thing reads to me like the style LLMs use; not saying for sure it was, just giving me those vibes).
This is the same guy who said that Claude Code was spyware because it makes a few Windows Registry keys [0]. I find it really hard to take him seriously.
[0] https://www.thatprivacyguy.com/blog/anthropic-spyware/
Oh, one of those people. Gotcha. Back in the early days of my career (can't remember exactly, possibly 2010?) I tried making screensavers and gave them away on my website, someone followed me directly on twitter then tweeted to everyone that my screensavers were some kind of malware because… I'd named the main class as per the tutorial and somehow this looked scary.
2 replies →
0.04 to 0.1 kWh/GB is insane even for 2018 lol.
I have gigabit internet (125 MB/s). This would imply when I'm downloading something I'm using 18 to 45 kW of electricity. Completely bonkers.
It would also imply that it costs Google ~7¢ in only energy cost to deliver that file to you (using average EU energy costs), which is clearly non-sensical given the rates hyperscalers charge for network egress.
Additionally, the cited number also conflates wired internet (low power consumption) with mobile internet (higher), even though this model is only being downloaded to Chrome Desktop AFAICT.
I'd guess there is some offset power needed for keeping a "line" open. Like, 200 kB/s is not twice the power of 100?
1 reply →
Clearly you're charging an EV to drive a jar of microsd cards with your data back and forth
1.8 to 4.5 kW.
2 replies →
You think the energy cost to transfer has dropped by 10 X in eight years? Why?
Long term historical trend, lots of small tech improvements that add up, like all other tech. Some of it's how antennas are higher gain, which puts more of the energy in the path from one end of a line to the other and wasting less (affecting both cellular and WiFi standards over this period), some is improved compute reducing the cost of routing, but as with the improvements to chips and batteries and PV, the list of things is long and each one only contributes part of it.
EDIT: got the maths very wrong with some other estimates, deleted them.
Seems reasonable to believe to me. The cost of a transfer is presumably calculated based on the base power cost of the transfer machinery, since I really doubt that a router or switch's power usage is linear with the amount of data it's transferring. The amount that an industrial router or switch (which is what 80-90% of the hops between you and Google are) has to have increased its bandwidth by around 10x over that time, and I doubt they have 10x'd their energy usage.
Eight years ago my internet was using a current over a copper wire. Now it's light through glass. The latter is much more efficient especially over longer distances.
1 reply →
Agreed. Also, complaining about the climate impact of an AI model download while opening your post with an ai generated image is peak hypocrisy. Did not bother to read the rest.
"Silently installs" is misleading. They are including a file in the package which is presumably related to the functionality of the software. I don't use chrome for a long list of reasons but it is not standard or expected to get consent for that.
There is, however, precedent for software alerting/asking the user to install “extras” or utility packs and showing the disk size that content will take up and even allowing the user to choose a location to store such things. Creative software does this all the time.
There’s nothing stopping Google Chrome from doing something similar except, I suspect, Google knows or feels it will result in many fewer installs of its bloatware.
That's a good point. "Downloads a 4GB LLM model without notice" would get a good amount of attention and be an accurate representation of the situation. The article undermines itself by misrepresenting the problem.
[flagged]
2 replies →
“Silent” seems appropriate given it historically never required such a large storage requirement and the nature of the new feature seems entirely optional; and it’s happening silently as part of a normal upgrade.
> it's happening silently as part of a normal upgrade.
No, this is not true. The large requirement comes after a user wants to use the feature, not as a part of the normal upgrade. If the user never engages with the feature, it's not downloaded.
4 replies →
Are you okay with a 1 GB chrome install suddenly becoming a 5 GB chrome install on all your machines, without your permission or knowledge, for functionality you may or may not want?
Yes because in their mind corporate power is the only thing that matters in our lives. Not what people want, but what Google wants is clearly the only thing that matters for them.
It's a bizarre way of living your life.
1 reply →
Isn't that what it always has done after caching a few weeks of websites?
100%. "Researchers Discover Chrome Uses Your Hard Drive to Silently Make a Copy of Everything you Look At Online" is ominous and scary and also an accurate description of how caches work. There's enough scary and bad AI stuff to discuss without needing to use scare tactics.
What part of rendering a web page needs Gemini?
6 replies →
Look at how many headlines indicated that something is silently happening. It's a weird trend at the moment.
We live in a tech world where it has become normalized that perfectly functioning software that you used to buy once and then got to use indefinitely suddenly receives an "update" to put previously existing functionality behind a pain subscription. The reasonable expectation people have is that an update fixes security bugs and maybe includes a few optimizations.
So no, I don't think it's a weird trend at all that people start describing software as "silently" doing things when trust in automatic updates of software (a thing that software silently does) has deservedly gone down the drain in the last few years.
1 reply →
No weird: accurate. It IS a silent install.
I wanted a browser, not an LLM.
2 replies →
If it gets the clicks it sticks.
They are installing a software package nobody expects and which isn’t need to run a browser.
Then what is your definition of "installing" exactly? Are you going to split hairs about it not being a separate program being installed and running in the background, but weights being used by code that is run inside the browser? Because honestly, I don't think there's any significant difference from the user's perspective here. Other than the fact that doing the latter bypasses the need to get permission to install a new program. Which makes it an even worse violation, in a way, since it undermines the trust that the browser as a platform is just a browser.
A 4 GiB model has nothing to do with the functionality of a web browser. It is something forced on users without their consent.
Of course that's what we get for giving the benefit of doubt to the company that insisted on learning the wrong things from the Google Buzz fiasco.
Install does convey something more involved than including a file, that's not splitting hairs. It is not uncommon for software to include malware that runs independently of the software you expected, and the headline is clickbait that taps into those concerns. I'm here for the concerns about bloat. "Downloads" would have been the right term to use but it doesn't sound as scary.
> A 4 GiB model has nothing to do with the functionality of a web browser.
Problem is, nor do half its T&Cs. What we thought was a web browser turns out to be a Google content delivery vehicle - and controlled by Google, not the target users.
> A 4 GiB model has nothing to do with the functionality of a web browser. It is something forced on users without their consent.
This does not happen. The model is not downloaded unless the user intentionally uses the feature that requires it. Then it's downloaded at that point.
4 replies →
> "Silently installs" is misleading. They are including a file in the package which is presumably related to the functionality of the software.
Related... to the functionality of feeding the same profit and loss account, right?
"functionality of the software" has already been mentioned haha
This feels deliberately reductive
This might be worth it if Gemma4 E2B were a good model, but honestly it's absolutely useless in all our testing without further training and finetuning, and those aren't usecases that are fit for normal web browser use such that one would care to support it by adding such overly broad and expensive infrastructure to make it happen.
Gemma 4 E4B is a much better model, but it's too large to simply download and run everywhere.
IMHO, this is jumping the gun. Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards. It would be better to wait until a smaller, better model ships before doing this.
Most users aren't even going to know that this is here. Web developers will expose this capability to the user. The devs will have to determine if the model is delivering what they need.
It's good to have something to work with if these Web APIs are going to be part of a standard. I suppose this means that ALL the browser vendors are likely to implement something
> I suppose this means that ALL the browser vendors are likely to implement something
Mozilla has taken a strong stand against the prompt api.
2 replies →
> Google's going through a lot of effort to release a model that will give everyone a very poor first impression of what on-device models are capable of, souring it for everyone for a long time afterwards.
I wonder what that will do for the competition between hosted genai and local models...
This is what I've done after spending some time to look into it, this is for Linux Desktop:
Delete Chrome's silent 4 GB AI model file and AI
In Chrome, go to: chrome://flags
Open DevTools (F12 or Ctrl+Shift+I).
For Linux, in a bash shell, this should prevent Chrome from trying to download the file again because the root user instead of my user, will own the file/directory.
In case they already existed from doing the above previously, make sure root user owns them.
List to check them.
That's a lot of steps compared to using a browser that doesn't treat your computer as their property.
FWIW, first two sections worked for Chrome on Windows.
DevTools uses a server side model, and only after you opt in with explicit consent.
Or accidentally trigger it because you're using a key binding you've used for 15 years that, upon hitting an unexpected consent screen, triggers the consent button.
How hard would have been to add a simple message, warning people about it and offering to opt out? Most would have clicked OK without reading anyway, and Google could pretend they give a shit about users. Unless they expected blowback, and that kind of message is the "compromise" they want to eventually land on.
They don't want you to opt out. Then they can't brag to the shareholders about Chrome being "AI Powered"
You're not even the customer when it comes to Google.
Don't forget the metric saying "99.97% of user have installed this" even though less than 1% of users know it exists, much less use it
2 replies →
at this point you're barely the product either. You're more a passive platform for them to execute their strategy on.
4 replies →
> Then they can't brag to the shareholders about Chrome being "AI Powered"
Or at least justify the hundreds of billions they are burning
I was not happy when they added Gemini to the top bar, in its own place that nothing else gets to use.
They want to force the prompt API into being a defacto standard without getting buy in by the rest of the web standards body. Having it on by default serves this goal.
I think a local AI model is appreciated, but it being bundled and executed through Chrome, I expect that more or less all data get exfiltrated by Google.
They simply read your mails, how would you expect there to be anything resembling decency in a company like that? It is the ad business.
Bad thing is that people still use gmail.
Doesn't google already extract every single letter you put into the address bar as you type?
The idea that the model is local is just Privacy Washing. What's the chance they aren't capturing your prompts somehow? For "Telemetry" so they can triage bugs of course!
1 reply →
Presumably they think the fraction of their userbase who cares about this would be too small to justify the expense of adding a warning message. The mere existence of a warning message implies that there is something to be worried or concerned, about, a position they probably do not endorse or accept.
Because we must get what the tech overlords want us to get, not what we want to get.
Framing 4GB of data moving in a world of petabytes of traffic as a specific environmental disaster is kind of a stretch, regardless of whether we want the model.
Your word might be of petabytes of traffic. Some people have slow lines. Some people have metered Internet subscriptions.
Not everyone has access to the same infrastructure you have.
Or just tethering abroad with an esim data plan... Just opening chrome would deplete your quota and leave you stranded. Google you are sick!
4 replies →
Yeah I have to run ski race software with slow and intermittent internet. It is things like this that can wreck the race and bankrupt the small club if we have to refund entry fees to an entire field. It really is brutal and real. Looking at you windows update and now Google and Chrome.
yeah 3 bucks a gig here for quite a while, finally got a kinda sorta unlimited connection recently. I scripted up a meter of sorts to watch my traffic and its amazing how much is just trash. video advertising of any sort is awful. there were many sites that if I just forgot about them in the browser window they would happily reload periodically and trash my days budget lol, then using "links" for just reading really shows off how many websites just reject you for not having javascript.
now I'm working on upgrading my computer lol
It's somewhat known that Chrome isn't catering to those users. They aim to deliver feature-rich experiences rather than be the de-facto browser for resource-constrained devices.
1 reply →
Okay, but that's still not an environmental disaster.
I do not agree: I live by the sea and this is exactly the answer I get when I talk about trash in the sea. I personally appreciate even more that kind of "stretch" then the privacy one (which could be another "stretch" on getting closer to 1984 scenario)
I guess you can write an article about every new gigabyte released, and we can use more gigabytes talking about it, but other than that I don't see that any one gigabyte of software I don't want is especially more noteworthy than any other gigabyte of software I don't want.
An xBox game can be 50+ gigs. Millions of gamers. Fire up the presses!
I'm not at all saying nothing matters so we shouldn't care. I just disagree about the utility of calling out specific things out of proportion to their place in the climate crisis. Tackle AI, yes, and fast fashion and cars, and ... that one change to Chrome? I guess if that's where you want to put your energy, Sisyphus.
4 replies →
Chrome is used by about 3.8 billion people [1]. So, if this is rolled out to every chrome user over the next year or two, this would generate about 15 Exabytes of traffic. It's difficult to find accurate, useful numbers on this, but lets assume 29 grams of CO2e per GB, this would be about 450k tons of CO2e. This in turn, equates to average household CO2 expenditure of almost 300k households.
So make your own judgement, but this seem pretty significant to me.
[1]: https://www.aboutchromebooks.com/global-chrome-user-base/ [2]: https://www.iea.org/commentaries/the-carbon-footprint-of-str... [3]: https://www.anthesisgroup.com/insights/what-exactly-is-1-ton...
This is about the same as each of those people streaming a movie to their TV. There's no there there.
2 replies →
> but lets assume 29 grams of CO2e per GB
29 grams for something that takes most folks less than 20 seconds to download? How many watts (neglecting the machinery was going to be running regardless of whether you are transferring something!) do you think it takes to transfer data?
https://www.eia.gov/tools/faqs/faq.php?id=74&t=11
Coal, the absolute worst of all, represents 18 grams over 60 full seconds to produce 1000 watts of power.
1 reply →
Traffic is not homogeneous in total transfer cost. CDN-hosted data at the edge, close to the user is much cheaper than data that has to transit many hops. At the asymptote, transferring data between machines on the LAN is essentially free.
Yes and this is just the first version of this model. As if there won't be an update (complete replacement) of the model every few months.
Other comparisons:
About equal to a major iOS update at 8 GB x 1.5B.
Netflix and YouTube together are perhaps around 200EB/month.
What is a lot of traffic to you?
2.5 million downloads of 4 GB are 10 PB of traffic.
I think there are be a lot more than 2.5 million Chrome users in the world.
More data moves in your average playstation system update than that. Steam probably transmits more in a morning than that
4 replies →
You only download it when some JS requests it for the first time, most people will never have it.
5 replies →
Wikipedia say 3.6 billion Chrome users.
Amazing how many people missed the "environmental disaster" part of this post and are talking about personal inconvenience.
Sorry folks, your low bandwidth situation is not, in fact, a climate change emergency.
And adding climate hysteria here diminishes the climate change argument generally. It's like "the boy who cried wolf".
Whilst I am sceptical about Google in this space I do think it is a move in the right direction to do more locally and actually use the space modern machines have on device.
The same old individualistic fallacy [1] of highlighting individual effects to hide global effects, all while compromising user privacy. In reality this will be continuous million of devices downloading these useless weight files.
[1] Used since forever by the Tobacco & Pharmaceutical, Fossil Fuels & Climate, Food & Diet Industries.
60.000.000 kg ÷ 1.000.000.000 user
is about 60 gramms of co2 per user?
Which ullustrates that humanity has reached such numbers that the smallest collective change has an enormous impact.
5 replies →
There are multiple problems here.
For one, not everyone in this world lives on high bandwidth unmetered connections. In Germany, you got a lot of people still running on 16 MBit/s ADSL, that's half an hour worth of full load just for AI garbage. With the average 50 MBit/s, it's still 10 minutes. For those running on hotspots - be it their phone with often enough 10 GB or less on your average data plan or train hotspots that cut you off after 200MB - the situation is similarly dire.
The other thing is storage. I got a nominally 256GB MacBook Air. Of these 256 GB, easily 50GB are already gone for macOS itself, swap, Recovery and everything that macOS doesn't store as part of the immutable partition (such as, you guessed it, its own AI models). Taking up 2% of the disk space without consent is definitely Not Cool.
Another angle is the processing cost, I assume Google is seeking to offload the computation for whatever features this covers from their own data centers to end users. On the scale of billions that's probably measurable and from google's side worth doing whether the users is paying for the service or not, and each of them will have more power usage with some reduced battery life on portable devices. At that scale I'd also wonder about efficiency based on what proportion of end users are using AI or running it on CPU/GPU/NPU.
framing 4 gb of data per user as 4 gb is even more of a stretch
The next Netflix breakout show will burn this planet to the grounds :)
Netflix does not store 4gb on your drive...
2 replies →
The climate concern pearl clutching is pure muckraking. The author doesn't care, they're just looking for some sort of controversy. Do they (or the other seemingly horrified commenters) know how much data is transferred during a single evening of watching HD streaming video?
In 2026 4GB of data is not going to have any measurable effect on the climate.
There's a level of hypocrisy involved which is truly absurd. Literally no one reading this is going to curb their data usage. They'll just try to justify their outrage with farcical strawman arguments to be pedantic and then go binge watch some Netflix series without another thought.
I would more worry about storage space on some laptops with pretty small SSDs like 192-256GB of official capacity prior installing Windows, 4GB of that is already pretty significant part of storage space for something which should be opt-in.
4Gb times 2,000,000,000 chrome installs gives us 8,000 petabytes. Are we allowed to worry now?
What is petabytes if not 4GB at Chrome userbase scale?
Its unsollicited. Not everyone has fiber either
not just fiber, e.g. Netflix requires "only" (reliable) ~15Mb/s for a 4k stream, that means most people in most countries feel little difference between ~25 Mb/s and 1Gb/s in their "every day" usage. Sure it's a huge difference if you download a 80GiB AAA game, or preload a 4k movie. But in my experience (which definitely doesn't apply to all countries) a lot of non tech affine people don't do that that often an if they do it (e.g. movies before travel) they tend to do it over the night so it still works out just fine with not so fast internet.
So for a lot of people paying for more then 25-50Mb/s (pro person) makes only sense if it isn't too costly. Hence I rarely see people going for more then 250-500 Mb/s even iff 1Gb/s is available and they have money. And for non-gamers with little money, I mostly see them with ~50Mb/s (or paying for 50Mb/s but getting much less due to old wires :( ).
(Also IMHO The more important things compared to 1Gb/s is how much of the bought bandwidth is reliably available at all times _with good latency_...)
Agreed, my eyes rolled hard at that. Definitely more of an F-U to users with bad connections than anything else.
I mean, with the price of SSDs lately, 4GB is not a completely negligible addition.
It is sad that this terrible comment inspired so many responses. It is 4GB of traffic for one person, and I am not aware of any single person who is moving petabytes of traffic.
Comparing a single person to the entire world to make the inconvenience to or violation of a single person seem small is deliberately and thoughtfully deceptive.
Why not 4TB in traffic and storage for chrome, then? In a world of petabytes of traffic, it's a feather. What's wrong with jailing somebody wrongly for 20 years in a world where millions are jailed, many wrongly, often for lifetimes? What's a lost finger on the job when there's a genocide going on?
Not on my devices. Auto update has been abused so often now that it is an embarrassment to the industry. Auto update should be for bug fixes and security issues only.
Auto update is basically a root backdoor, it's especially troublesome when you are not the customer, you are the product!
Yes, which is why I use paid-for OSes and browsers, instead of free ones like Linux or Firefox. I don't want to be the product.
14 replies →
I'm on an Arch flavor, so its whenever I feel like updating. I try to update frequently enough, but if i wait weeks or months, nothing breaks, it always just works, and I get the latest of everything.
This is exactly how it works on Debian. Can recommend.
Guess what runs my PC. Tech companies just don't understand consent.
5 replies →
There is a difference between
- software company decides to release a new version and auto installs it for everyone who has the old version (like Google Chrome)
- software company decides to release a new version. The Debian packaage maintainer checks if the update is fine, is compatible with Debian policies, then includes it in the packages repositories.
In the first, there are no checks. In the second, there are.
1 reply →
Why use a browser from Google or Microsoft in 2026? Why in the world?
I have no idea but when I mention Firefox my colleagues under 35 or so literally think I'm joking.
When Google stuffs AI into everything, people shrug. Can't expect anything else from big tech.
When Firefox does it, it sparks outrage across the internet, with entire forums filled with people vowing to leave Firefox forever and switching to something like Waterfor or Ilp/Zorp/Floop instead.
As a result, searching for experiences other people had with Firefox makes it sound like hell on earth, while people have little more to say about Chrome other than "Google gonna Google, but it's fast at least".
17 replies →
They've been consuming 15+ years of anti-Mozilla rants anytime it or Firefox are mentioned online.
It's how you get things like "Browser monocultures are an issue, so don't use Chrome (Blink), use Brave (Chromium (Blink)) instead!" said in earnest.
42 replies →
Is Vivaldi any good?
2 replies →
What browsers would you recommend? I use Brave but it's still Chromium under the hood. It's the only one that I never had trouble with adblock though. Also lets me play youtube on mobile when my screen is locked.
Brave origin on linux looks pretty solid now. Now I'm using that and Librewolf.
9 replies →
Firefox.
27 replies →
Vivaldi - built in ad blocker, the creator is a nice guy, transparent business model. It might be rough around the edges, but it's much better from every alternative imho.
1 reply →
Arc is still great on macOS (not so much the Windows build, essentially an abandoned beta) even if it's not getting active development anymore.
I'm defaulting to Firefox ever since I moved my desktop to CachyOS, but I need to either reacquaint myself with its add-on situation after a long arc of using "chrome alternatives", or migrate to something else niche. Vivaldi was what I was sold on before Arc caught my attention through its wonderful UX/UI.
1 reply →
I still use Firefox. It does all I need with no ads. That's nice.
Konform Browser
Mullvad Browser
Tor Browser for those occasions
Currently using Helium.
2 replies →
Safari
I agree. This is Google doing underhanded Google-things. Why the hell would anyone trust them in the first place?
Google's "don't be evil" motto already felt ironic over a decade ago, long before they even replaced it with "do the right thing [for shareholder value?]".
1 reply →
> Why use a browser from Google or Microsoft in 2026? Why in the world?
There are only three major browser rendering engines. One is Gecko, by Mozilla. One is Webkit, currently tended to by Apple. And one is Blink, which is Google/Microsoft. Of those, Blink is the most featureful. That's why.
> Blink is the most featureful
It’s not a waste of bandwidth and disk space, it’s a feature!
Exactly my thoughts. There are so many good alternatives already, it's insane to me that people still use this garbage. LibreWolf is a godsend
Why in the world do people keep shipping Chrome with their pseudo native applications?
Easy. You work for a company that has only whitelisted chrome or edge.
Nothing says you have to use the same browser at work and outside of work? I use Edge for work, Firefox everywhere else.
I use Chrome because at Google Meet it renders a nice separate window with mute/unmute controls as you switch to another tab and screen share.
Curious if Google plans to allow other browsers doing that too.
You could use Chromium just for Google Meet. That's what I do. I have Chromium relatively up to date that I basically solely use when I need to. It can be Google Meet, or Teams, or whatever was purposely botched in order NOT to work with Firefox, basically sabotage, but it can also be very rare cases like Lego Spike or GrapheneOS Web installer which require WebUSB.
99.99% I do not need Chromium but when I do, it's worth the ~200MB of used space.
1 reply →
i use chrome enterprise for my personal use, which is managed via the google workspace admin.
you would think google is not stupid enough to mess with gcp account holders
Because ladybird isn’t alpha yet, and Firefox is a mess.
What mess? I only ever used Chrome as my main browser for a short while when Firefox had become rather bloaty and had slow JS, and Chrome was small and nimble. But that was something like fifteen years ago. Firefox works, is plenty fast these days, and only eats most of my RAM compared to Chrome which takes all of it, and serves me a web devoid of almost all ads and most trackers.
4 replies →
Firefox has a complete UBo unlike the Chrom* corporateware turd which is just Microsoft 2.0 from Google. Chrome instead of IE, and propietary JS code for Google services such as Youtube -deliberately made slower in Firefox- as the new Active X shoved down your throat in order to keep a monopoly.
With Librewolf I can get proper WebGL, full UBo -with the AI blocklist too to avoid all the slop- and Bypass Paywall Clean from Giflic or whatever was called. Yeah, eh, y local newspaper won't mainly get adverts' money but the rest of local company ads show up well even with UBo/BPC, so they get some money after all.
On RAM usage, Librewolf it's far lighter on the long term and it doesn't ping back as Firefox, and many times less than Chrom* based browsers where, I repeat, Chrome based browsers don't allow UBo any more even if installed from their Github repo enforcing some about:flags variables related to legacy extension support.
The web today without UBo it's unmanageable. Popus, more than the ones from 2003, malware disguised as ads even on mainstream, safe sites, and all of these running zillions of cookies and trackers converting your -otherwise perfectly usable- old amd64 Celeron machine with 2GB of RAM into some crawling Pentium III with 256MB of RAM. With LibreWolf and UBo I could even test Yandex Maps with Prypiat and the like and InstantStreetView too. No slowdowns, no OpenGL >= 3.3/Vulkan video card required, and no need to own a 8GB machine.
HN developers there without UBo if they depend on the web for documentation they are bit screwed if they use Chrom* based browsers, sorry. Half of the resources for their machines coudn't be used, you know for IDE's, compilers, virtual machines/containers and whatnot. And, yes, I know about ZRAM under GNU/Linux, and just imagine how many tasks would anyone accomplish with a ZRAM compressed chunk (~1/3 of the physical RAM), a light desktop environment as Lumina/LXQT and a non-Chrom* browser blocking all pests. Up to 3X more tasks in the same machine. No need to waste money on upgrades, and compilng cycles are cut down for the good.
1 reply →
It's the browser that annoys me the least. Almost everything just works.
Yeah that's mostly why I use it. When I try Firefox I get out of memory messages for some reason. Also the Google Lens tool is very handy and gets used often.
because it's really well developed and Just Works
What are the alternatives? Only a massively moneyed corp has the resources to fight vulns at acceptable rates. Firefox doesn’t count because they’re being funded by Google.
I don't understand this perspective. How can one accept the objectively more user hostile option because the less hostile one gets money from the other. If one objects to using products funded by google, why is there not also an objection to using products from google?
For as long as the funding for Firefox continues, it remains a viable option. And despite all their bad decisions of late, they still give users the ability to configure or disable user hostile components.
Their funding model is a risk, but I've been using Firefox and librewolf forever and I'd argue it's a much better option than chrome or edge, especially with a handful of plugins. A risk is still better than the actual realization of the risk.
> Firefox doesn’t count because they’re being funded by Google.
Even if that were true, it's still a better option _today_.
In the short term, Helium (if, like me, you can’t live without Chrome’s bookmarks). In the medium term, perhaps Ladybird. In the long term, we’re all dead.
1 reply →
Anything webkit-based and open source like Epiphany or Konqueror/Rekonq, it matches your "moneyed corp" requirement (Apple).
Thank you. Exactly this question. Full stop.
The following seems to keep Chrome from re-downloading this beast:
Adapt as appropriate for your OS. For "Chrome Unstable" installs, the dir name is google-chrome-unstable.
This has, so far, kept Chrome from (re)installing that file on my system.
Hypothetically the parts involving weights.bin aren't needed so long as the containing directory is not writable.
FYI, this doesn't appear to work on macOS, unless I'm lucky enough that Chrome has never installed anything related to this on my machine. I don't even have a ~/.config/google-chrome directory; it's possible Google is using some Apple-alternative to that standard.
Somebody's promotion packet depended on pushing this through the approval process.
I was working on on-device AI for 3 years. This was the prime idea we were exploring, how can someone undercut the OS providers and ship an LLM that other apps can also use on-device. Like if meta decides to do this, it can serve an API to all mobile app companies for an on-device LLM long before the OS is there. This is Google's way of reaching LLM distribution on laptops, since they don't have their own
I don't see how this is going to work when every application decides to ship and run a 4GB model, competing for video memory. It's going to be the Electron problem times 10.
Not too long ago, someone submitted an AI demo to HN that resulted in a 3.1GB download upon visiting the page: https://news.ycombinator.com/item?id=47823460
It reminds me of the "dialup warnings" common 2 decades ago on huge pages (often containing many images). Yes, bandwidth and storage has gotten cheaper, but the unwanted waste should still be called out. I'm not even anti-AI, having waited several hours recently to get some local models to experiment with, but that's because I wanted to and made the decision to use that bandwidth.
The site is currently unavailable 503 so I can't read it. But I wonder, what should you consent to? Every dependency? Every dependency above 1GB?
Maybe consent is not an appropriate term. Perhaps an acknowledgement and a way to say "I don't want this" would be a more suitable approach. I feel like a flag to turn off LLMs is useful. Firefox added something like this in a recent release. I don't know how much they're downloading or how much they run it, nor would I be a good judge if it's necessary or not, but I don't want that functionality in my browser so turned it off.
Isn't that asking for consent?
the subject has been faced many years ago an super well applied in EU privacy regulations: Google knows it very well, and in super details and I have no doubt they will be fined for this despite all reduction of it thanks to their lobbying (and corruptions, too, in my super personal opinion): this fact well explain EU fines based on company's income.
2 replies →
There's a setting in `chrome://flags` mentioned in the post that allows users to turn this off. I guess people want opt-in consent rather opt-out consent which there's always debate about. Some people say it degrades the experience for the majority of users who would opt-in for the happiness of the few possibly already detracting users.
Extra power and ram usage without your permission, for example.
Exactly, for all the hate of Windows, I could at least just look for shit named co-pilot and uninstall it for a pretty nice experience on my new computer. Phones aren't always as straightforward (especially jarring as "Google services" are required in Sweden on Android for stuff like mobile identity systems).
1 reply →
Read the article, it's not about that, but a mere 4GB of storage.
7 replies →
Does that include the CPU burning cat girl captchas or not?
1 reply →
Hello iOS upgrade.
Don't install chrome in the first place then
1 reply →
That ship has sailed on the web a long time ago.
Sounds like the words of someone that doesn't pay for their data use.
Silicon Valley is not the world.
> At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tonnes of CO2-equivalent emissions, depending on how many devices receive the push.
Environmental analysis for operations? Not a fan of thinking in such terms.
> For users on capped mobile data plans, particularly in regions where smartphone-as-only-internet is dominant (much of Africa, much of South and Southeast Asia, most of Latin America), 4 GB of unrequested download is on the order of a month's data allowance, vapourised by Chrome on the user's behalf. Google has not, to my knowledge, published any analysis of the welfare impact of this on the populations whose internet access is metered.
THIS is a valid concern. Otherwise I'm not buying into "ask for consent because of dependency X". Users don't like questions/consents.
However OS (at least windows) has an way to set network connection as a metered so software can make informed decisions. Also Android has "Data Saver" function which should also be honored by software.
> Environmental analysis for operations? Not a fan of thinking in such terms.
Why not? It's about 60 000 London - New York City flights by the way (https://www.theguardian.com/environment/ng-interactive/2019/...). And what's the benefit again?
Some parts of the anti-AI movement are becoming so unhinged that now any use of compute is considered an environmental threat. This degrowth mentality needs to die.
Should I reminder you what unlimited growth means and how it ends up in biology? Society/technology is no exception.
6 replies →
If it's emissions they worry about, then it's anything emitting.
Are they against washing machines too? Or are they just grandfathered in?
25 replies →
Our planet is literally dying.
The oceans are boiling [0], marine life is dying [1]. Land close to the water will be land under water soon [2]. The ice caps are melting and setting free all sorts of diseases. [3]
Large parts of our planet on fire all the time now, here's one from Australia from this year [4], but I'm sure you've read about wildfires in Australia last year, California every year, Greece last year etc etc.
What you're proposing is nothing short of a death cult. It's either degrowth or we all die, sacrificed at the altar of capitalism.
[0] https://www.theguardian.com/environment/2026/jan/09/profound...
[1] https://www.nature.com/articles/s41559-026-03013-5
[2] https://www.nature.com/articles/s43247-025-02299-w
[3] https://www.unep.org/news-and-stories/story/could-microbes-l...
[4] https://phys.org/news/2026-01-australia-declares-state-disas...?
8 replies →
I know it takes extra steps to make Android perform OS or app updates over LTE. I doubt it's downloading a 4GB model over LTE unless the user has chosen to perform updates over LTE.
> However OS (at least windows) has an way to set network connection as a metered so software can make informed decisions. Also Android has "Data Saver" function which should also be honored by software.
Unfortunately, that automation is unreliable. It doesn't work across operating systems - Windows laptops won't enable data-saver mode when connected to iPhones and macOS laptops won't when connected to Android phones, and neither will enable it when connected to, say, public transport wifi.
And even if the OS has the information, websites can't reliably use it either. Firefox and Safari both don't implement the NetworkInformation API [1].
[1] https://developer.mozilla.org/en-US/docs/Web/API/NetworkInfo...
Looks like the site's struggling to keep up with the traffic. A couple mirror links:
https://web.archive.org/web/20260505052217/https://www.thatp...
https://archive.ph/sM7O5 (missing images and styling, but the content all seems to be there)
Oh dear! Imagine all the carbon the many requests this server are using! Hoisted by their own petard…
If you back up to "intention" it's fully insane to make a GDPR argument against on-device AI. Yes it downloads bits, but those bits are not there to identify you - they are basically a local copy of the internet. This enables private data to be kept on-device. Having no personal data leave the device is fantastic for GDPR compliance.
The good point in this article is about how the "AI" features in Chrome all use Google's cloud API and not a local model. That's true and some of it should be local. ("AI mode" uses the Web index, so it fundamentally cannot be local, but there are features that could be.)
Agreed, strange line of argument
And that's why we have, promote, and (hopefully) all use Chromium on our Linuxes.
Or Firefox of course.
Chromium doesn't support this API because it needs a binary blob to run the inference, although in theory it may still be configured to download the weights:
https://adsm.dev/posts/prompt-api/#which-browsers-support-th...
Chromium on Linux already has Google's AI Mode in the omnibox and the new tab page, so I'm not sure Chromium would be immune to changes like local AI models.
I'd expect them to be less cheerful about a 4GB bump than Google's team behind Chrome
If anything I am glad a bit of shift to local llm's. Their gemma4 is pretty powerful for such small model so I guess that's what they are delivering.
Man the longer all this crap goes on the more I realise Stallman was right
Eating the toenails is sort of like drinking the Koolade but for privacy
It is very ironic that this post comes from "The Privacy Guy", given that the whole point of this model is to run inference on your own device rather than sending queries to the cloud, which is also much less power intensive than sending a query to OpenAI.
And that will be 4GB per chrome instance I assume? (not profiles, instances) And what happens with each electron app if it uses chrome?
languagemodel should be an OS service..
Electron uses Chromium and nothing prevents them from disabling it, if it ever ends up there.
AI generated header image and a heavy scent of LLM prose, but this guy still complains about the "insane climate costs" of google's 4GB on device LLM?
There's simply no reason to be using Google Chrome in 2026. Purge it from your computer and install a less user hostile browser.
Google Chrome just exists to make Google money at your expense, to sell your data and deplete your battery.
What do you suggest as alternatives? Currently I'm using firefox which seems ok but I know they are propped up by google somewhat
Firefox, Safari, Brave, Vivaldi, Ungoogled Chromium.
Firefox is dependent on Google for funding, but not for source code. Brave is dependent on Google for source code, but not for funding. Safari is dependent on neither but Apple locks down the experience.
Hopefully Ladybird will deliver us from our Google dependence in a year or two. It's already usable for very light web browsing. I wrote this comment on Ladybird.
keep using firefox
I mean, if your choices are "propped up somewhat by Google" and "literally run by literally Google"...
Brave
One upside to this is that it doesn't use Gemma and instead uses Gemini. So at least for Gemini Nano (apparently called XS internally by Google) it means that the weights are now de facto open and you no longer need a current Android phone to get the latest and best model in this class. This also makes it the only open American frontier-level model right now.
Can you provide any sources for that? I'd like to learn more about this open frontier model.
Sources for what? The pareto frontier of LLMs? How Google is pretty much on the line with most of their LLM products? Or this particular model? For the first two you need to look for size/cost vs. accuracy charts. There are tons of them floating around. For the latter there is not much official info except what you can infer by analyzing the weights.bin file that Chrome downloads. But it does mention Gemini in there, so it seems pretty obvious that it is from their proprietary line of models.
9 replies →
Hard to believe it's over 10 years since they first started pulling crap like this by downloading a binary to listen for 'OK Google' (including on chromium builds): https://lwn.net/Articles/648392/
Wow, so glad to see this on HN because yesterday coincidentally I told codex to figure out what was taking up space on my computer and lo and behold their was an ai model in my chrome folder... And i certainly didnt recall downloading that myself.
Alternative to archive.ph
Works without Javascript, no CAPTCHA, no DDoS, no geoblocking, etc.
https://web.archive.org/web/20260504192142if_/https://www.th...
What’s wrong with shipping a local llm? This is quite nice IMO is there a privacy concern with running it locally? I already have a few games I wrote web based using this and it’s quiet nice to not need a server to run my game in pure HTML from my file system
Because it's huge and people were counting on having that disk space.
I am trying to wrap my head around this: if I remove Chrome Browser, will I reclaim the disk space for this model? Thanks in advance.
I think this policy will disable the automatic download of the model:
https://chromeenterprise.google/policies/#GenAILocalFoundati...
The prompt API can be tested here: https://chrome.dev/web-ai-demos/prompt-api-playground/
It would be really helpful if there was a way to download the model to a central location, so multiple users on a single system could easily share it.
I use brave. Firefox doesn't work in my qemu VM with (none pass through) hardware acceleration, it just crashes the VM.
Brave has always just worked for me and seems light on memory usage. Dunno why anyone would use chrome.
If you're not aware already, there's also Brave origin: https://support.brave.app/hc/en-us/articles/38561489788173-W...
A lighter Brave.
Chrome also silently installs a powerful relational database engine without warning or consent.
All of your history, trivially searchable. Imagine the waste heat generated by the browser bar conducting thousands of non-consensual searches every time you type.
SQLite is around 1MB or less. This download is four thousand times larger.
It's funny how they steal 4gb of local storage but also will sell you cloud storage when you run low on space.
OK, I rarely use Chrome (I like Safari and only ever open Chrome on the increasingly rare occasions when a site doesn’t work in Safari and lately it’s turned out that the site is just broken) but looking at the article and the comments here, I can’t figure out where this 4GB is supposed to be stored. None of the likely cases panned out when I looked.
That's timely. I had been thinking of trying Chrome out again, but it looks like it's in my interests to remain fully de-Googled.
On one level, I can't figure out how bent out of shape to get over this (but read on). Software I use downloads updates all the time, adds new features all the time, and I mostly don't ask for any of it.
So if you see this as just a new feature that provides some on-device AI, it's a bit, so what? A new feature? The last GT7 or Flight Sim patch was bigger than this, what's the big deal, etc.
However, that's not really what's going on. It theory Chrome gives you a local LLM that can provide local AI powered features. In practice, everything gets sent to the cloud anyway so the local LLM seems mostly to exist as a disguise for that, which is shady AF.
As others have pointed out, the solution is https://www.firefox.com/. And whilst it's been trendy on HN for several years to slag off Firefox and Mozilla, I went back to Firefox as my daily driver several years ago, and Chrome's high-handed enforcement of Manifest V3 extensions (meaning no full fat uBlock Origin) has only served to cement that decision.
It's mostly been great. The only downside is that some sites don't work properly on Firefox, and I'm 99.999% sure that's not Firefox's fault.
For example, Paypal's post-login verification step breaks so every time I want to buy something using Paypal I have to switch to Chrome. And, no, disabling uBlock Origin and other extensions on Paypal doesn't help - I've done this already. Seriously, Paypal, it's been months: will you please just fix signing in and paying on Firefox, please?
And many sites will assume you're a bot first and ask questions later if you hit them with anything other than Chrome or Safari... which is also extremely lame and scummy.
I don't think that adding the feature is the issue here, but instead Google deciding it needs to push an order of magnitude more data and store it on your device. I can understand wanting to at least re-evaluate your use of a tool when that happens.
If you were to install Chrome fresh, what if it was a 4GB+ download from their website? I would at least pause. For reference, a regular offline installer is 140MB.
Weird, I access PayPal through FF all the time. It's probably one of those weird geographical differences or something. One thing I did see is that at least one site (AliExpress) doesn't initiate the redirect after the payment, but still accepted the payment.
I have the PayPal on Firefox problem. Once I see it, I just give up and use a credit card instead.
Wait for Ladybug to come out, it'll bury all the company-controlled browsers.
Ladybird?
I’m guessing there’s some UX metric out there, that if they pre-load downloading the model, the user is more likely to stick with trying things out; rather than have them wait for a hefty download to complete.
Chrome has no moat and is always evil. I advocate against it whenever it comes up.
The future is local models. This makes sense and I wouldn't be surprised if future web standards require this to be swappable so that you can use a model of your choice as the intelligence in the various APIs. Being able to use summarization and text extraction locally will be a powerful enabler. Apple's ability to copy text out of photos etc. is really useful.
They want u to buy more and more storage
They do this so they don't have to host the model on Google servers and then have claims of "Google spies on chrome users and uploads all their data to Google servers, including private dm's".
I'm not a fan of this being downloaded by default. Still, I very much prefer that, if something if Chrome uses a LLM, that's done via a local LLM rather than by via an API call
I would prefer they use their own electricity to run these LLM that I don't need. Api calls are fine imo, running it on my computer isn't.
How much electricity is too much?
The alternative is an AI model hosted on their servers (cause whether we like it or not)
...so what?
If Chrome had installed 4GB for some other tooling that most people don't need, would anyone care? My operating system installs with a million default packages that I don't need. Users install applications with optional features all the time. Applications install additional tooling so that they'll function all the time.
To the other point: of course Claude Desktop modifies the browser--that's how it works. Most apps install integrations with existing apps. Often apps install a whole collection of plugins, even for things the user doesn't use, so they're available if the user does start using the other apps.
The fact that this happens to be AI-related is a moot point. The environment concern is utter nonsense. They're not using everyone's browser to power AI for others as some kind of shared collective resource. 4GB is not a lot of data in the grand scheme of things (beyond general application bloat). I have more than 4GB worth of ads shoved in my face every month.
The legal argument is facile as well. When you install any application, its terms of service cover functional updates and additions. You don't have to explicitly consent to all of them.
Other than the size of it, I don't have any problem with anything this article is mentioning.
This is a huge nothingburger that only caught peoples' attention because of the irrelevant mention of AI.
> If Chrome had installed 4GB for some other tooling that most people don't need, would anyone care?
Of course I would. It’s already the largest application on my computer, and I only keep it around for when a site doesn’t render right in Firefox.
This kind of size increase clearly pushes it over the line for me and it’s getting uninstalled.
Have you seen SSD prices recently?
I was overly-dismissive of the 4GB part.
The author's main points were all the other alarmist nonsense, though.
I think any program suddenly x5'ing its install size would raise eyebrows as to its purpose.
Has anyone tried out to chmod 400 the download directories? Perhaps that prevents the whole thing to work...
I haven't touched a Chrome browser in a very long time and I just hope that other vendors don't take a similar route.
"sixty thousand tonnes of CO2-equivalent emissions" ? Is that what 0.0000001% of the worlds population produces in one day?
This is total flamebait
Good time to try Orion! https://orionbrowser.com
Better not, it's too buggy and sluggish, it's more in a beta stage on desktop. I've been using it for the last year but not anymore.
Curious how this thread would have been if Firefox did that.
same or worst since at least people put Firefox in a pedestal, but they didn't, they actually pushed to stop this
Well,
did worse
that's a willing act - you are actively asking npm to download something, and accepting it might be terrible for you.
Here chrome is just installing things behind your back, whether you really want it or not.
Never use “npm install”, only “npm ci”. Using “npm install” is a willing act to run fresh exploits.
Nowadays I wonder if it's best practice to run everything in a desktop VM and not on your actual computer...
The question I have is whether there is a means of disabling that download or preventing that functionality.
You could probably truncate the weights to be much smaller and it would just cause a runtime error. Or replace it with mostly zeros. Unlikely that they checksum the file. But ultimately it is a losing battle -- in browser LLM is coming, and future APIs will expose it to js, and it will become essential.
unfortunately you have probably consented and its between the lines of user agreement
So we've all got a local LLM on our machine.
Can it be the basis for nano-openclaw?
Can I use it to run a Karpathy optimization loop?
Botnet browser does botnet things, not surprised.
Rolled my eyes when this article got to the unlawful and climate parts. Rolled my eyes harder when I clicked to the homepage and saw what the main sell of this site is. I'd ask why this is so high on HN but it's so tailor-made for this audience I'm more disappointed than surprised.
If only Chrome had deferred implementing delta updates back in 2009 (?), they could have introduced it along with this to make it a net zero change!
I wonder what this model will do and if anyone can map out its capabilities?
So that's why Chrome kills my PC's memory?
on desktop you have read/write access to the chrome "app data"
on android aicore: mediatek, qualcomm, aosp vendors, and google will pull down models you cant touch
If you use PSD (profile-sync-daemon or similar) to mount browser profiles to RAM to lessen SSD/NVMe wear. This might be an issue for you.
all in storage stocks! imagine how much extra storage the world over is required...
The majority of comments seem to think this is not a big deal. Not surprising from this crowd, but disconcerting nonetheless.
Agreed, very disappointing. I wonder if this was 40gb would it still be celebrated? 100gb? At what point, if ever would this be recognized as an unwanted waste of space?
What a massive fail on Google's part. They could have given you the option to auth to Gemini, Claude, or ChatGPT (or whatever) and provided a meaningfully better product and experience. But instead, they chose to push their crap on everyone. This is the bullshit I expect from Microsoft, not Google.
it's so absurd at this point. isn't chrome already so much abused.
The whole Prompt API is poorly designed. Devs will end up trying to fine tune very specific prompts out of necessity, only to have them break with the next model update.
The logic around not providing access to model version to prevent fingerprinting is laughable when the suggestion to counteract fingerprinting from prompting is the model should only update when user agent string updates. Just put the damn API behind a explicit user permission.
In related news, I’ve uninstalled Google Chrome on all my devices. I strongly recommend you all do the same.
A 4gb unbidden download is insane! I'm still running machines with 30gb HDs.
I blame the kids these days (waggles fist), downloading their Pokiman shows at 4-5gb a pop! No respect for their disk space limited elders.
I'm actually gonna have to uninstall Chrome from a few machines tonight.
It's a good time to be using Vivaldi.
While I find the issue at hand extremely annoying and in poor taste (and this is not news - this was known in advance) - the same applies to the blog. This annoying clickbaity SEO slop of a blog seems to exist only to advertise their consultation services.
Does Chromium do this?
is this only for desktop or will they bloat phones and tablets too?
Like the recent copilot silent signing incident, the without consent part is blatant foul move.
If you don't like be treated like anything but human, you should seriously consider replacing chrome with ungoogled chromium or other browsers.
These people owe me a RAM upgrade. This is out of control.
That's why I hate Google. They do the same shit that Microsoft and treat their customer as crap.
I think this is a bad framing.
Javascript running on a page can use a feature that requires a model to be downloaded.
I have pages that use it, or other LLM models via LiteRT or HuggingFace transformers.js.
I try to warn the user, but that is my responsibility as a page author. I like that this is enabling the web platform to remain competitive.
The author is pulling a long bow by trying to claim this is some GDPR violation. Have they ever used the web? There are inefficient sites everywhere, with autoplaying video etc.
4GB isn't nothing, but if a page wants to use it then hopefully it is useful to the user!
Talk about a nothing burger. "OOh they downloaded 4GB!" You mean 30 minutes of Netflix? The carbon emissions thing apparently isn't a big deal since the author says the browser's AI use is cloud based anyway, and offloading AI compute from the DC to the browser isn't really increasing carbon is it? Reads like another AI doomer trying to find something to get angry about.
>offloading AI compute from the DC to the browser isn't really increasing carbon is it?
That is actually an interesting question. I would think that any given amount of processing is at least slightly more efficient when running on large-scale cloud hardware, but I have no idea whether it's a few percent or 75%. There's also some overhead, so maybe there's no gain for smaller jobs.
Try to look outside your bubble. Millions of people still have monthly quotas on their internet plan, and 4GB can be a big chunk of it (possibly over all of it, in some cases).
Google should have asked.
It's annoyingly huge, but is this worse than that? It's software - it does stuff and takes up space. If it takes up more space than you think the stuff is worth, then complain it's bloated, sure, but I am not sure why "silently" is being thrown around.
This has to be some kind of a limited rollout, since none of my machines have this AI model installed even when Chrome is updated to the latest version. No indication that anything is being downloaded, since after updating to the latest version of Chrome on this machine, I'm seeing <100 kB/s download speeds for the entire system.
chrome://on-device-internals/
..will tell you everything you need to know - including model state, file path, device capabilities, etc.
And there's a single button to uninstall the model.
There is also the ability to load a model from a central location, as suggested by another commenter here, although I haven't tested it yet.
The official chrome.dev Prompt API Playground linked in the thread doesn't work.
Chatgpt made a me tiny chrome extension to test the prompt and summariser api's when they announced last year - my laptop wasn't capable the time but these newer models are obviously smaller and more efficient, so it has sprung into life.
Full prompt and code is on pastebin `7Ja3ATHZ` if anyone wants to test quickly. It summarises the current page and brainstorms app ideas based on the summary.
You can load a model from this page but it's only for testing purposes on this page and it won't be used for the Prompt API.
While the official Prompt API Playground doesn't work, the one for the Summarization API does...
https://chrome.dev/web-ai-demos/summarization-api-playground...
and you can watch it generate the output token by token in the Event Logs:
chrome://on-device-internals/
Masterclass. Hope some qualified lawyers just got wet.
local: FUCK YOU GOOGLE
cloud: FUCK YOU GOOGLE
https://www.youtube.com/watch?v=5AeO-dKGBLs
600 comments and yet no one's questioning the math, just running with "4GB" even though the fsevents log literally says that the file is the result of an unpack operation?
The file might be 4GB but the transfer sure as heck wasn't, so what are we even talking about? How much data is actually transferred? Can someone just grab that weights.bin file and zip it up with max compression and report a more realistic number that we can do the math with, if the number is even worth doing the math for?
Time to switch.
I feel this is great in combination with an agent like OpenClaw or Hermes.
> Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane.
OH MY GOODNESS, this is the WORST headline.
If Google Chrome comes with an AI model, and you install Chrome of your own free will, you just gave consent.
The "climate costs" are happening whether or not the AI is there. Sure, maybe it makes the hardware work a bit harder, but like, come on. I'm still using my computer anyway. YOU are the one costing the climate, not Google. You're the one turning the "On" button on.
I don't even know why headlines like these are taken seriously.
consent implies people know what they are downloading but this is a silent feature they are adding. regular people download Chrome to just use a browser, they don't consent to running an AI model.
Another reason to switch to Firefox.
Why they insert their "DNA" without my consent?
Is it true for Chromium too?
>Google Chrome silently installs a 4 GB AI model on your device without consent.
Oh my god thats terrible I hope you continue this article in this mode and dont pivot to some unsubstantiated bs claim that makes absolutely no sense...
>At a billion-device scale the climate costs are insane.
sigh.
Imagine if everyone on the planet start using a memory hogging, cpu chugging browser application what a terrible hazard that would be for the climate.
Oh and it might have an AI component in it.
This claim is worse than the AI in data centers boiling the earth claims.
We can measure carbon released down to the watt. If you have an issue with people using power, shut up and talk to your government about carbon taxation/moving to alternative power sources. trying to shame some power users, quite arbitrarily isn't just senseless its self defeating. Its a measurement problem, the second people start getting shaky measurements of what their neighbors are doing, they start trying to shift the blame.
Google/Alphabet is a big company
On the one hand, Waymo seems to have a better safety record than Tesla does. That's not nothing. For someone nominally in charge of SpaceX like Elon is, it's a red flag
On the other, Google does things like this with Chrome, and also they arguably censor. It's irritating
So typical. Just imagining the consequences for someone with chronically low disk space, like me. Luckily I'm a Firefox person, though I use Vivaldi now and then.
Google abuses users.
You can also ask why the US government fails to protect the users. Corporate dictatorship at its finest.
I can't read the article (503) but does anyone know why someone calling themselves thatprivacyguy is installing Google Chrome?
Maybe in order to document a privacy problem with it that they heard about.
Why the hell can't this just be an extension in the first place? Why does it have to be bolted in by default? Why does Google and by extension its employees have this constant need to assault and violate me with this garbage?
I thought using local rather than cloud AI was pretty universally agreed to be good?
The universally agreed upon good is leaving the choice to use AI or not to the end user.
There is a secret, third option.
https://c.tenor.com/odyVsZbC-OYAAAAC/tenor.gif
Except these weights are barely used. Read the article.
Thanks for reminding, it was a moment of weakness. Here is the relevant quote:
> the features that do use the local model (Help-Me-Write in <textarea>, tab-group AI suggestions, smart paste, page summary) are buried in textarea-context menus and tab-group right-click menus
> The pattern was: install on user launch of product A, write configuration into the user's installs of products B, C, D, E, F, G, H without asking. Reach across vendor trust boundaries. No consent dialog. No opt-out UI. Re-installs itself if the user removes it manually, every time Claude Desktop is launched.
God, I'm SICK of this AI slop style. After ingesting terabytes of pirated books you'd expect a little bit more variety in it's writing.
Like 2/3 posts on HN now have this "No X. No Y. No Z." pattern. It's one of strong signals for me that the author didn't bother and just copy pasted their LLM's output as is. And the LLM mostly likely was pointed at some other resource to write the article, and I'd rather read the original. I think HN needs a policy to replace AI slop articles with the original articles/announcements etc. once detected, and technically the guidelines already cover it: "Please submit the original source. If a post reports on something found on another site, submit the latter."
>After ingesting terabytes of pirated books you'd expect a little bit more variety in it's writing.
I think it's the result of post-training. The original base model most likely had a less slopy style. This style is what AI companies think is a good style (they specifically train for it).
That's crazy just another reason I've been degoogling my phone.
This is egregious and the only people who can get away with it are these Big Tech companies. The legal analysis is moot. They have operated with impunity for decades. The law, especially with AI, only applies to organizations that Big Tech and the government want to eliminate. Rules for thee, not for me.
If only there was an orange canine coming to help us
...or some Italian composer
I can't for the life of me understand how this browser has become the world's most used. It's literally from an ad company.
Sorry but the whole climate angle on this is extremely stupid and needs to be challenged. I have noticed this new phenomenon of people using climate as a trump card to oppose any thing they don’t like.
The thing about these kind of arguments is that any economic activity or any sort of action involves some load on climate. The magnitudes are important.
In this case: a single hamburger does the same amount of emissions as 50 such downloads. What’s really the point of this kind of virtue signalling?
There is consumer demand for hamburgers. There is no consumer demand for AI, hence how egregious that it also comes with negative externalities.
I have to tell you something: there is consumer demand for AI.
3 replies →
> In this case: a single hamburger does the same amount of emissions as 50 such downloads
Hamburger is usually held up as a grotesque example in climate talk and can't be consumed with a clear conscious so are downloads insanely worse than we thought or is a hamburger not even in the same realm of climate damage as usually claimed.
Both are not too consequential and downloads even more so
it also installs an entire remote desktop stack on your computer without consent, and video codecs, and pdf reader... what is new here?
This is a bit disingenuous. If you install Chrome, you install Chrome and all it's parts. They don't ask your consent for individual parts because that would be absurd. If you don't want Chrome and all its parts, don't use it.
If I install Chrome, I expect it to take a few hundred MBs and then only take up additional space in a controlled and transparent manner - for its cache, for example. For me, secretly adding 4GB after installation is a bit too much.
If you're okay with 4GB being added, where would you draw a line? What if it downloaded a 40GB file? 400GB?
Personally I draw the line where Chrome becomes worse than alternatives, and then I switch.
Lately Firefox has been getting better, but I still prefer Chrome for almost all my needs, so I stick to it. This barely even makes a difference to me. If it was 400GB however it would make a difference to me, and I would make more of an effort to switch to something else.
3 replies →
Chrome is the default browser on Android.
One would imagine that the model could be shared on Android and not be part of chrome. Maybe this way it’s simpler or is compatible with regulations.
This is not a reasonable size for something that's "just another part of Chrome", this blows up the file size by many times
[flagged]
[dead]
[flagged]
I use Firefox as my main browser but occasionally run into Chrome requirements for certain web apps so end up begrudgingly installing it. I'm in the habit of going straight to the chrome flags page and turning off all this junk exactly because disk usage of chrome is ridiculous otherwise.
I did the same thing, but realized I was contributing to the problem. If a web app requires Chrome for full functionality, then us switching browsers is giving them permission to continue and expand their invasive practices.
These days, I just navigate away from anything that demands I use Chrome "for best results." One of the sites for a local utility company does this, so instead I just call monthly and pay or manage my service by phone. I'm old enough to remember when that was the preferred way after mailing personal cheques went the way of the dodo, so it does not feel that inconvenient to me, but I can see where it might for other people. Still, nobody said the fight to regaining our agency online would be easy. Or convenient.
What's another 4gb of disk space when computer hardware prices are soaring into unobtanium?
I hate how much companies don't care about efficiency or their customers. It's like windows 11 requiring like 2 more GB of RAM just to see your desktop, what an upgrade, yuck.
Like what?
I think the only time I've ever had to use Chrome instead of Firefox was because of some USB device thing that worked inside Chrome. Otherwise everything just works in Firefox.
2 replies →
Yea. Anyone still using chrome at this point must really love getting emails about class action lawsuits from Google. My god.
I am using Firefox for years now. It's such a splendid experience.
I can recommend the following extensions:
- Youtube Enhancer
- DuckDuckGo Privacy Essentials
- Cookie Auto Decline (a MUST for Europeans)
- Slop Evader
- No Gender (a MUST for Germans)
Its a totally different browsing experience than what most people have.
I recently watched my kiddo looking something up with Edge on her laptop. I had to interfere and install Firefox. It was ridicolous!!! The amount of spam on the screen. How people can cope with this is beyond me. Especially if the solution doesn't cost anything. Just Firefox + some free extensions.
edit: because people asked about the No Gender extension:
Germany didn't have “gendered” language, until it was introduced some years ago.
Imagine the sentence: The teachers explain to their pupiles that the managers work only for the shareholders.
in regular German, it would translate to:
Die Lehrer erklärten den Schülern, dass die Manager ausschliesslich für die Anteilhaber arbeiten.
In gendered German, it became:
Die Lehrer:innen erklärten den Schüler:innen, dass die Manager:innen ausschliesslich für die Anteilhaber:innen arbeiten.
For me, it ruins the reading experience.
For me the most important extension is uBlock Origin. It's worth switching to Firefox for this alone.
5 replies →
Firefox added split view where you can look at two (or more) webpages side by side. This is a lifesaver when you have to fill up a form looking up stuff from another page!
6 replies →
Can you explain what the "No Gender" extension is about and why it is a must?
26 replies →
- Ublock origin - decentraleyes
Extensions are a vector for vulnerabilities and malware though. Its happened many times already.
1 reply →
Switched over to Waterfox recently, nice alternative with some added extras for privacy etc.
Isn't waterfox owned by an ad company? Might as well be the Google of the fire fox browsers.
1 reply →
The browser with a sidebar AI chatbot? What a simple solution.
You don't have to have the sidebar chatbot thing. When mozilla added these AI features, after the update the browser prompted me to whether I want it or not, with the "yes" and "no" being equally easy to select. It did not add them without consent. You can disable all AI features altogether, or you can completely remove chatbot sidebar specifically (with 2 clicks) and have the rest of the features if you want them.
Gosh most of the time when I read people complain about firefox, it gives me the impression they have not even used firefox.
6 replies →
Firefox lets you disable all AI features with 1 setting switch.
LibreWolf.
[flagged]
We've banned this account.
6 replies →
[flagged]
Don't need a VPN for that, a fake moustache is enough. https://news.ycombinator.com/item?id=48018080
Take responsibility for your kids. Talk to them (or ask someone you trust to do it) about what is acceptable in your household and elsewhere.
That's really a bullshit argument. First off, there are plenty of technical solutions that allow minors (15-17 years old) to bypass the restrictions: using sites that don't follow the law, using Tor, etc. But furthermore, these measures to restrict access to porn are counterproductive for sex workers, because it makes their situation more precarious, and they only exist to weaponize the "think of the children" narrative in order to push draconian laws and social control. Soon it will be social media's turn, and then the entire internet asking for an ID. This isn't just an empty "slippery slope" argument, it's exactly what regulators are currently doing in all Western countries.
1 reply →
Won't someone think of the kids! Not the parents, no, they should be increasing shareholder value. /s
... and it takes up 50% CPU on 16 cores just to run a video call. Laptop battery drains in 30 minutes.
Chrome doesn't do that. I literally can't use Firefox anywhere I don't have a power socket.
My laptop also becomes a toaster.
Oh is this the browser by that company that are funded half a billion dollars a year by Google and want to become an advertising company[1] and wants their browser to become a modern AI browser[2]?
[1] https://www.jwz.org/blog/2024/10/mozillas-ceo-doubles-down-o... [2] https://blog.mozilla.org/en/mozilla/leadership/mozillas-next...
Yes, that one! It's great, I can recommend it.
... that recently added a setting which allows you to entirely disable any AI enhancements? https://support.mozilla.org/en-US/kb/firefox-ai-controls#w_b... I mean Mozilla / Firefox aren't perfect but it's a hell of a lot better than Chrome and this comment does feel a bit like the perfect being the enemy of the good.
Please feel free to suggest a better alternative.
20 replies →
We Should Improve Society Somewhat
1 reply →
[flagged]
[dead]
[flagged]
[flagged]
[flagged]
[dead]
[dead]
[flagged]
[flagged]
[flagged]
You should have finished reading the article. Stop being lazy and binary-minded.
[flagged]
Sounds like you've jumped to conclusions without reading the whole thing, or are making a disingenuous connection between two very different concepts. Climate impacts (really just energy waste) and "legal" arguments are different parts of this article. The legal part centers around whether they have permission to install this model along with Chrome, and whether they are using deceptive practices related to the model.
"Article 5(3) of Directive 2002/58/EC (the ePrivacy Directive) prohibits the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user, without the user's prior, freely-given, specific, informed, and unambiguous consent, except where strictly necessary for the provision of an information-society service explicitly requested by the user..."
That is not about climate.
The article goes on to say that there would not be a legal issue if Google simply asked, documented, not taken initial action without user approval, allow deletion, etc. Also not about climate.
What they do imply is that Google's being dishonest if they say that they are carbon neutral (as is often said in their Environmental, Social, and Governance reports) while imposing up to 250 GWh of power use on network providers and end users. I can see the concern.
> Google has not, to my knowledge, published any analysis of the welfare impact of this on the populations whose internet access is metered.
This is satire, obviously.
Clearly, you've never lived in Germany or other places that still have data caps and slow and unreliable internet connections.
Yes, 4GB of unintended traffic can absolutely wreck someone's finances.
Or places with collateral damage due to failures of German ISPs and state... That is many other parts of Europe while roaming... 4GB is significant cut of the roaming data allocated...
1 reply →
Besides the numbers being stupidly overblown, this post shows why Europe is in a unstoppable death spiral.
Does anyone else find the writing in the article to be overdramatic? Including a 4gb is a negligible amount of space for current hardware and Chrome is not known as the browser to run on resource constrained devices. To put 4gb in context, I currently have 2 *tabs* open that nearly take up 4gb. The fact Chrome also has a way to disable this makes it kind of a nothingburger in my opinion.
> The roughly 4 GB × N devices of disk-storage cost, sustained, on user hardware. SSDs have a per-GB embodied carbon cost of approximately 0.16 kg CO2e per GB of NAND manufactured [18]
The estimated environmental aspect of the download also seems like an overblown point, noted for sensationalism. There are always hand-wavy numbers involved and I had to look no further than the quote above to find evidence of this. The reference for [18], "The dirty secret of SSDs: embodied carbon", incorrectly links to "Toward Carbon-Aware Networking" and makes no mention of the environmental cost of SSDs. After looking up "The Dirty Secret of SSDs: Embodied Carbon" myself, I was able to see the same methodologies as I was expecting used [1].
> We conducted an analysis encompassing 94 Life Cycle Assessment (LCA) reports, which collectively quantify the embodied cost of SSDs. Owing to the scarcity of direct and up-to-date LCA studies focused specifically on SSDs. We compiled a dataset comprising LCA reports pertaining to Server, Workstation, Desktop, Laptop, and Chromebook products, all of which feature SSDs
All these studies rely on metrics extrapolated from layered assumptions and end up being used by those who try to use them as objective numbers.
[1] https://arxiv.org/abs/2207.10793
4gb isn't really a negligible amount, given the amount of desktops and laptops sold with just a 256gb ssd
Exactly. Nand is expensive. I upgraded what my laptop came with but after installing a few games, cloning repositories over the years, various projects I've done, and other regular use, it's perpetually full. 4GB is probably about half the space I have free at any given time
Which apparently means it'll never install btw, even if I were to run Chrome. Another comment said they check for 22GB free space
> Including a 4gb is a negligible amount of space for current hardware and Chrome is not known as the browser to run on resource constrained devices.
4gb definitely isn’t a negligible amount of space on most people’s devices.
The quite successful it would seem MacBook Neo has 256GB of storage in its base configuration.
A MacBook Air and a basic sub $1000 Dell laptop starts at 512GB.
> To put 4gb in context, I currently have 2 tabs open that nearly take up 4gb.
You are conflating disk and memory.
> The fact Chrome also has a way to disable this makes it kind of a nothingburger in my opinion.
There’s a reason they picked an opt-out model for this, and not an opt-in approach.
But I also see the point in it. We recently did a hackathon, and I considered relying on Gemma 4 for privacy considerations. The local model could interpret the user’s natural language request and derive less privacy revealing requests to form based on that.
But then, a web app that shows people a loading screen while it downloads a 4GB model probably wouldn’t be a best-selling UX.
> You are conflating disk and memory.
I never conflated anything. I said it's a neglible amount of space for current hardware, which I still believe.
If anything, the fact that I think the amount of space is acceptable for the amount of ram a modern laptop has exaggerates the point.
> There’s a reason they picked an opt-out model for this, and not an opt-in approach.
That's the approach they take for most of their features.
> But then, a web app that shows people a loading screen while it downloads a 4GB model probably wouldn’t be a best-selling UX.
Which seems to be the motivation of having these local models embedded in the browser's available resources: https://developer.chrome.com/docs/ai/prompt-api
1 reply →
I don't get the outrage. AAA games routinely take 100-200 GBs. I certainly prefer local inference to feeding google my private data over the network (assuming they actually don't do that anyway...)
I download a game with intent, and they're stored on a larger drive than where my programs/user data is installed.
A modest-sized security patch is routinely several gigabytes.
Hell, a few hours of browsing Tiktok or Youtube will take more bandwidth.
This is fake engagement bait.
I already pay for an LLM, and one that's much smarter than Gemini Nano. I didn't ask for this, I didn't make any choice for it to be installed, and I almost certainly won't ever use it.
AI haters think their activism is going to make a difference what other people want.
Anyone, voluntarily installing a spy browser like Google Chrome on their devices, deserves this and much more.
Sometimes I marvel at how nice it would be to have such a narrow view of the world and other's perspectives and contexts. Life would be so much easier!
Ironically, your comment seems to perfectly reflect the viewpoint you're criticizing.
For many, it's also involuntarily installed (e.g. corporate, vendor etc).