Google's Chrome browser has been quietly downloading a 4 GB local AI model onto user's devices without asking permission. What's more, if you manually delete the model, Chrome will simply download it again.
It was security researcher Alexander Hanff, who runs the ThatPrivacyGuy website, who discovered Chrome's dubious behaviour. He found a weights.bin file measuring around 4 GB stored in Chrome's local AppData folders. As the filename implies, it's a weights file for Google's Gemini Nano AI model. And as Hanff notes, it is downloaded without the user's permission.
"It is the weights for Gemini Nano, Google's on-device LLM. Chrome did not ask. Chrome does not surface it. If the user deletes it, Chrome re-downloads it," Hanff says.
As he explains, "Chrome uses it to power features Google has marketed under names like 'Help me write', on-device scam detection, and other AI-assisted browser functions."
Regarding the permissions issue, there i...
English (US)