If you use Chrome — especially on a machine that stores crypto keys, runs full nodes, or handles sensitive wallet data — you should check your browser’s storage. Security researcher Alexander Hanff has uncovered that Chrome is quietly placing a roughly 4 GB file on users’ machines: a weights.bin file for Google’s on-device language model, Gemini Nano. The file lives in a folder named OptGuideOnDeviceModel inside your Chrome profile, and Chrome will silently re-download it if you delete it.
What Hanff found
- While auditing a fresh Chrome profile, Hanff used macOS kernel filesystem logs to trace Chrome creating a temp directory, downloading model components, and writing the final weights.bin to disk. The full process took about 15 minutes and required no user prompt or interaction.
- The behavior was reproduced across Windows 11, Apple Silicon Macs, and Ubuntu. Users reporting unexplained storage spikes over the past year may finally have the culprit.
- On Windows the file path is: %LOCALAPPDATA%\Google\Chrome\User Data\OptGuideOnDeviceModel\weights.bin. On macOS and Linux it appears in the equivalent Chrome profile directory.
Why crypto users should care
- Privacy expectations vs. reality: Chrome recently added an “AI Mode” pill in the address bar that suggests on-device processing. But AI Mode actually routes queries to Google’s cloud — the local Gemini Nano model is not used for those requests. That means you may be paying storage (and download bandwidth) for a local model while your queries go off-device.
- Attack surface and storage: Any unexpected large download increases local storage use and marginally expands the software running on your machine. For users who store private keys, run nodes, or use hardware wallets, any additional, unrequested local component is a potential concern that merits scrutiny.
- Regulatory angle: Hanff says this may run afoul of EU privacy rules. He cites Article 5(3) of the ePrivacy Directive (the basis for cookie-consent requirements) and GDPR Articles 5(1) and 25 (transparency and privacy-by-design). He also compares the pattern to his prior finding about Anthropic’s Claude Desktop pre-authorizing browser automation on millions of machines without explicit consent.
What Google says
- Google’s support page states Chrome “may download on-device Generative AI models in the background, so features that rely on these on-device models stay ready for use.” It also says users can turn the model off and remove it from Chrome settings, and that models will auto-delete if storage runs low.
- Android Authority reports Google began rolling out an in-Chrome toggle in February to turn off and remove the model. Google did not address why the model was downloaded without asking first. Hanff also notes Chrome developer guidance tells third-party devs it’s “best practice to alert the user” about long downloads — guidance not followed here.
How to check and disable it
- Look in your Chrome profile directory (Windows path above; macOS and Linux have the equivalent profile folder) for OptGuideOnDeviceModel/weights.bin.
- Deleting the folder is temporary: Chrome will re-download the model on restart unless you disable the feature.
- Ways to stop the automatic downloads:
- chrome://flags — search for the relevant “On-device AI” flag and disable it.
- Settings > System — turn off the On-device AI toggle.
- On Windows, set the registry value OptimizationGuideModelDownloading to disabled.
Bottom line
Chrome is quietly placing a large on-device AI model on user systems without explicit consent, and the model isn’t even used by the browser’s “AI Mode” feature (which sends queries to Google’s cloud). For privacy- and security-conscious crypto users, that mismatch — plus the silent deployment — is a legitimate concern. If you don’t want the model locally, follow the disable steps above and monitor your Chrome profile for OptGuideOnDeviceModel. Researchers like Hanff are pushing the debate toward whether these kinds of background installs need explicit user consent under EU rules — a conversation that will matter to anyone handling sensitive keys or data in their browser.
Read more AI-generated news on: undefined/news
