I found in my Norton's firewall log there's many blocked entries of Chrome trying to connect to www.google.com, id.google.com, ssl.gstatic.com, apis.google.com etc. via UDP443, and ajax.googleapis.com etc. via UDP80. I haven't seen such activity except occasional access attempt to google-analytics when I update Chrome, and I disabled most of Chrome's privacy invasive features. Does anyone have some idea about this?
Just a guess that could be somewhat unrelated, but I know that Chrome has updated policies to allow more checking of "unwanted" programs that have the potential to affect Chrome. Even going as far as silently and without prompt, installing their Software Removal Tool within Chrome's user profile folder. Here is a link that Chrome's management people pointed me toward: https://www.google.com/chrome/browser/privacy/whitepaper.html But on a technical level of why Chrome is phoning home for you, I don't have a software firewall with decent logging capabilities to confirm right now. Although maybe this is something that we all need to look into further.
It seems it's due to field trial (not yet confirmed by Fiddler). http://stackoverflow.com/questions/12183575/what-is-following-header-for-x-chrome-variations I added --reset-variation-state switch to minimize privacy risk, tho I hope firewall blocks most of them.
Also, Chrome MAY Be connecting to STUN servers for WEBRTC, we're still investigating, but Chrome is certainly firing off quite a lot of activity lately. I'm not happy about it, to say the least. I am exploring alternatives now, but they would also require me switching out my desktop AV, and frankly the alternatives right now are terrible.. (firefox is.. ugh)
There are other Chromium-based browsers, like SRWare Iron, which is supposed to have better privacy settings. http://www.srware.net/en/software_srware_iron_chrome_vs_iron.php
I've found all of the forked Chromium's to largely be inflated claims with little substance. Unfortunately. Also they ALL contain STUN/WebRTC, I just tested 4 different forks. Although even 'small' improvements in SRWARE Iron may be worth it.. I just need to investigate. Also, Iron doesn't seem to be as supported anymore.. News hasn't been updated in 3 years on the website, and the latest version is almost a month old.
I would never use SWRare Iron it is not trustworthy at all: http://www.insanitybit.com/2012/06/23/srware-iron-browser-a-real-private-alternative-to-chrome-21/
Update checks for the browser, Safe Browsing and/or extensions? Maybe this would help: http://thesimplecomputer.info/the-private-life-of-chromium-browsers None? Most forks are slow to update (lame!) and who knows what kind of alterations they make that might introduce bugs or weaken the browser sandbox... Just use Chrome and with privacy settings changed if you are concerned... https://support.google.com/chrome/answer/114836?p=settings_privacy&rd=1
I'm looking WebRTC thread too, but it appears it's another issue. I never trust Iron. They mislead user to believe as if they are using latest Chromium by showing false version number. And tho I used Dragon in past, this and its successer Chromodo are no more secure browser, they lag behind latest Chromium in update, and also see recent MITM issue on Privdog and new discovery that the Privdog have been sent URL you visitted in plain text! I don't have any recommendation on alternative Chromium-based browser, as I don't like even Blink Opera. Thanks, but I've been disabled automatic update and all other privacy invasive function which I'm aware of. So it must be another issue and somehow I haven't noticed such connection attempt until now, and strangely now I don't see that connection attempt again.