GTFO My Device, Google

So I'm quite mindful of what's running on my system and what's the storage situation. I rarely get blindsided by weird stuff on my own machine - this time I was, and I'm pissed off about it.

Turns out Chrome has been silently downloading an on-device AI model to my machine and probably yours. No opt-in prompt, no notification no pretty please with a cherry on top. PCMag covered this in detail - Chrome Is Quietly Downloading 4GB AI Model Without Your Permission - and it's exactly what it sounds like.

I never gave consent. I was never asked and neither were you.

Straight up botnet behavior.

What "Botnet Behavior" Actually Means

A botnet is a network of devices that downloads code from a central server and runs it on behalf of the operator, often without the device owner's knowledge or consent. The owner of the hardware isn't in the loop and decisions about what runs, when, and why are made somewhere else by someone else. 🤔

Now read that paragraph again and tell me how it's meaningfully different from a vendor shipping a 4GB inference model to your machine, silently, on their schedule, to run code you didn't ask for - that consumes your disk, your RAM, your CPU cycles, and your electricity.

The model technically isn't malware. But the delivery mechanism is operationally identical: a piece of software you installed once (the browser) is being used as a pipe to push arbitrary payloads onto your device whenever the vendor decides. The trust contract you thought you had - "I install Chrome, Chrome shows me webpages while also stalking and studying my every action" - was basically upgraded to "I install Chrome. I'm Google's bitch."

Nobody should be okay with this because the precedent it sets is quite dangerous.

If they can push 4GB of inference weights today without asking, they can push 40GB of something else tomorrow.

How to Tell Google to GTFO

There is a buried toggle.

Path one - through the UI:

Settings >> System >> On-device AI >> toggle off

Path two - the direct route:

Paste this into your Chrome address bar:

chrome://settings/system

Then scroll down to On-device AI and switch it off.

That tells Chrome to stop downloading and stop running the model. Whether it actually deletes the existing 4GB on disk is a separate question - it seems to be but better be safe. Which brings us to...

How to Check if You Already Have It

The model gets dropped into your Chrome user data folder under OptGuideOnDeviceClassifierModel. The subfolder is a timestamped version directory, so the exact path will drift over time as Google ships new versions of the bot- uhem, model.

Windows

C:\Users\<yourname>\AppData\Local\Google\Chrome\User Data\OptGuideOnDeviceClassifierModel\<version>

So for me that ended up being:

C:\Users\null\AppData\Local\Google\Chrome\User Data\OptGuideOnDeviceClassifierModel\2026.2.12.1554

You can paste %LOCALAPPDATA%\Google\Chrome\User Data\OptGuideOnDeviceClassifierModel into the File Explorer address bar to jump straight there. If the folder exists, congrats, you've been donating disk space to the cause.

Linux (deb-package Chrome install)

ls -la ~/.config/google-chrome/OptGuideOnDeviceClassifierModel/
du -sh ~/.config/google-chrome/OptGuideOnDeviceClassifierModel/

And if you're running it as a flatpak or snap, you'll find it under the sandboxed equivalent (~/.var/app/com.google.Chrome/config/google-chrome/... for flatpak, ~/snap/chromium/common/chromium/... for snap).

macOS

ls -la "$HOME/Library/Application Support/Google/Chrome/OptGuideOnDeviceClassifierModel/"
du -sh "$HOME/Library/Application Support/Google/Chrome/OptGuideOnDeviceClassifierModel/"

If the directory exists with a timestamped subfolder inside it, you've got the model. You can delete the directory after toggling the setting off - though if you don't disable the toggle first, Chrome will just helpfully download it again.

Why Am I Still Using Chrome?

Chrome has been actively annoying on my Linux desktop forever. The UI scaling under fractional HiDPI is just yuck. Fonts render at the wrong size in menus, tabs, address bar. I keep using it mostly due to inertia.

So why haven't I switched?

Because I haven't sat down to set up Vaultwarden (or even cloud Bitwarden) and migrate my passwords off Chrome's built-in manager.

This is, I think, exactly the lock-in Google is counting on. Even though other browsers have password managers and there are good self-hosted options too, people just keep clicking the colourful eyeball icon (some would argue it's a pinwheel) out of habit. The combined ecosystem creates just enough switching friction that even people who know better don't get around to leaving.

"Scam Detection" Is Itself a Scam

The official framing for the on-device AI model is that it's used for things like scam detection, smart suggestions, and similar features. Let's actually think about that for a second.

Scam detection is not a problem that needs to be solved with edge-client background inference. It's a problem of URL reputation, certificate checks, DNS filtering, server-side analysis - things that have worked fine for two decades. Chrome has had Safe Browsing doing exactly this server-side since 2008. And honestly, if you can't tell that a page is sketchy just by looking at it, I'd say that's a digital literacy problem.

Pushing the inference to the client conveniently means:

• Google gets to claim "privacy-respecting" because the model runs on your device. 🙄
• Google gets to deploy whatever capabilities the model has, opaquely, with no visibility for you into what it's actually computing about your browsing.
• Google gets to use your CPU, your RAM, your battery, and your electricity bill to power features that benefit their product surface.
• The model becomes a generic AI inference runtime sitting on every desktop with a Chrome install, ready to be retasked to anything they want without ever needing to ask you again.

So the actual question is: if they're willing to ship 4GB of code to my machine without asking, what else is happening on my device that I don't know about? Quite a lot, unfortunately. Just as a reminder - telemetry exists. Anyone who's ever shipped software knows: the things that hit the press aren't the only things that exist - they're just the things that leaked, or were obvious enough to get caught. Somehow it's always the biggest corporations like Microsoft and Google that get away with it like nothing happened.

Final Question

Why are you still using Chrome?

What's keeping you on it? Is it actually a feature you can't get elsewhere, or is it the same answer most of us would give if we were honest - that you haven't gotten around to switching, and Google has spent twenty years engineering exactly that hesitation into the migration cost?

The browser is the single most-used piece of software on most people's machines. It's the thing that sees every page you visit, every form you fill in, every password you type, every search you make. If there's one piece of software where you should care about whether the vendor respects you as the device owner, it's that one.

GTFO my device, Google.

Live long and prosper. 🖖👽