Two weeks ago I wrote about Anthropic silently registering a Native Messaging bridge in seven Chromium-based browsers on every machine where Claude Desktop was installed [1]. The pattern was: install on user launch of product A, write configuration into the user's installs of products B, C, D, E, F, G, H without asking. Reach across vendor trust boundaries. No consent dialog. No opt-out UI. Re-installs itself if the user removes it manually, every time Claude Desktop is launched.
This week I discovered the same pattern, executed by Google. Google Chrome is reaching into users' machines and writing a 4 GB on-device AI model file to disk without asking. The file is named weights.bin. It lives in OptGuideOnDeviceModel. It is the weights for Gemini Nano, Google's on-device LLM. Chrome did not ask. Chrome does not surface it. If the user deletes it, Chrome re-downloads it.
There is some serious digging going on in this report!
I only have one laptop with Chrome (an M1) but don't have that dir on it:
% find ~/Library/Application\ Support/Google/Chrome/ -type d -name "OptGuideOnDeviceModel" | wc -l 0 % du -d 0 -m ~/Library/Application\ Support/Google/Chrome/ 203 /Users/yourmom/Library/Application Support/Google/Chrome/Probably the hardware is too old for Goog to want to run on it.