Did you know a 4GB AI model might already be sitting inside your Chrome profile without you ever clicking “install”?
A privacy researcher says that file is not hidden malware or cache clutter, but part of Google Chrome’s on-device AI system linked to Google Chrome.
Security researcher Alexander Hanff, known online as “The Privacy Guy”, claims Chrome silently downloads a large AI model file named ‘weights.bin’ into a folder called ‘OptGuideOnDeviceModel’.
On a fresh Chrome profile, he observed the browser creating a temporary directory, downloading components, and assembling the full model locally in around 15 minutes.
No prompt was shown, and no user action was required.
The same behaviour has reportedly been observed on Windows 11, macOS (including Apple Silicon), and Ubuntu systems, with some users only noticing it after unexplained storage spikes.
The file is associated with Google’s on-device AI system, including Gemini Nano, which supports certain Chrome features.
It typically sits in paths such as:
Users who delete it often find it reappears after restarting Chrome.
Hanff reports that unless specific settings are changed, the browser simply downloads it again in the background.
Reports of unexplained storage usage linked to this file have been circulating in developer forums for over a year, suggesting it may have been quietly present on many systems without user awareness.
The model is designed to power on-device AI features in Chrome, including writing assistance, scam detection, page summarisation, smart paste suggestions, and tab organisation tools.
However, users may assume these features run entirely locally.
In practice, Chrome’s “AI Mode” in the address bar routes queries to cloud servers, meaning the local model is not always involved in user-facing AI interactions.
Google states the model helps enable “important security capabilities” and developer APIs, and may be automatically removed if device storage is low.
As Google explains in its support documentation:
Chrome may download on-device generative AI models in the background so features remain ready when needed.
Hanff argues the behaviour raises legal concerns under European privacy law, pointing to rules requiring clear, informed consent before storing data on a user’s device.
He references both the ePrivacy Directive and GDPR principles around transparency and data protection by design.
He also compares the case to recent claims involving Anthropic’s Claude Desktop software, where he alleges browser integrations were installed without explicit user approval.
Google has defended the approach, saying:
“We’ve offered Gemini Nano for Chrome since 2024 as a lightweight, on-device model… Chrome may download on-device Generative AI models in the background, so features that rely on these on-device models stay ready for use.”
The company also said users can now disable and remove the model in settings, and that it will no longer download once turned off.
Hanff warns that distributing a 4GB model across Chrome’s global user base could carry a significant environmental footprint.
With billions of installations, he estimates emissions could range between 6,000 and 60,000 tonnes of CO₂-equivalent, depending on download scale and infrastructure usage.
Source: The Privacy Guy
He argues that even if each download is small individually, the cumulative effect becomes meaningful at Chrome’s scale.
Users who want to verify whether the model is installed can type:
`chrome://on-device-internals`
This page shows whether the AI model is present and how much storage it uses.
Removal depends on browser settings:
However, deleting the folder alone is not always permanent, as Chrome may re-download the model unless the feature itself is disabled.
DeFi researcher Chris Powers explores the new trend of "modular lending" in the lending sector, illustrating its potential in addressing market challenges and providing better services. This article, based on an article by Chris Powers, is compiled, translated, and written by BlockBeats.
MiyukiAnimoca Brands Chairman Yat Siu mentioned in an interview yesterday (7th) that Ethereum spot ETF issuers in Hong Kong are currently working to incorporate staking features into the Ethereum spot ETFs. The approval chance is expected to be very high. Can this change the sluggish state of Hong Kong's ETF market?
WeiliangBinance founder Changpeng Zhao CZ started serving a 4-month prison sentence at the beginning of this month, becoming the wealthiest incarcerated individual in the U.S. His wealth surged dramatically due to the Binance Coin (BNB) reaching an all-time high in the past week.
AlexSam Altman has proposed that "computing power will become the new currency in the future." In the current AI hardware and software boom, it's crucial to understand this concept ahead of others to grasp the potential advancements in human technology and society.
MiyukiBitcoin leads investment activity, attracting over $1.97 billion in inflows, while Ethereum experiences its best performance since March, with nearly $70 million in inflows.
WeiliangWhile AI-enhanced crypto crime has not gone mainstream yet, research indicates that it is gaining momentum. As cyber threats evolve at an alarming pace, will there soon be no safe haven left?
CatherineElon Musk's strong opposition to Apple's integration of OpenAI's technology into its operating system, threatening a ban on Apple devices across his companies, further intensified the debate on user privacy and security in AI development.
AnaisThailand's Ministry of Finance revoked Zipmex's license due to compliance issues, financial risks, and improper management, following an SEC investigation revealing unauthorized fund transfers.
AlexRecently, the Solana Foundation removed several validators from its delegation program due to their involvement in "sandwich attacks." More than 30 validators, many of whom are Russian operators, were removed. Since Solana does not have a native memory pool, these validators were found to have added private memory pools to exploit profits.
MiyukiThe Solana network expelled several validators from its delegation programme for breaching the Foundation's best practices, citing their involvement in sandwich attacks against users.
Kikyo