News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Why is Comcast is accessing my PC Chrome Browser?

    Posted on Kamante Comment on the AskWoody Lounge

    Home Forums AskWoody support Questions: Browsers and desktop software Why is Comcast is accessing my PC Chrome Browser?

    • This topic has 10 replies, 4 voices, and was last updated 1 month ago.
    Viewing 4 reply threads
    • Author
      Posts
      • #2268708 Reply
        Kamante
        AskWoody Plus

        Why is Comcast logging in to the Google Chrome browser on my PC? Google security alerted me to a log in by a device called Linux and gave me the device IP of 24.9.239.23. I used a Nirsoft utility to learn that this IP belongs to Comcast Cable Communications of Cherry Hill NJ. The most recent log in was today at 4:46 am while I was asleep. My PC was off but my modem/router was on. I have no recollection of authorizing this access. I should add that my PC is connected to the router by ethernet cable. I use Xfinity for internet access and I use an Android phone and Xfinity web-phone service. My Android phone was asleep at 4:46 am.

        Attachments:
      • #2268767 Reply
        SB9K
        AskWoody Lounger

        Rather than Comcast themselves, it was more likely a Linux device at a location with Comcast Internet service being used to log in.

        Android is a customized Linux, but I doubt Google’s system would misidentify an Android device like that. So…

        • Is the email legit? Does it have one of those “if this was not you” sentences, perhaps with a link to go somewhere to do something about it? If so, does that point to a real Google site or some weird third party address?
        • Assuming your location is not near Cherry Hill, NJ, and that IP address is not yours and was not previously used by your router, is there any chance that you know someone near there that may have obtained your credentials? Or that you logged in on someone else’s device and forgot to log out? Sold / gave away an old device without wiping it?

        These are just basic ideas that come to mind – perhaps more security-minded AskWoody users will have others.

        Personally, though, if I experienced the same and were able to rule out all of the above, I’d be logging out of all devices and then changing my password. To something randomly generated by my password manager, as lengthy and complex as allowed by the service in question.

        Gaming Rig: Win 8.1 Pro - Group A + Blackbird
        Work Desktop: Ubuntu 20.04 LTS (+ Win 8.1 VM, "just in case")
        Notebook (guinea pig): Whatever flavor of Linux I tried last
        File Server: TurnKey Linux
        2 users thanked author for this post.
      • #2268806 Reply
        Alex5723
        AskWoody Plus

        Why is Comcast logging in to the Google Chrome browser on my PC?

        Chrome browser doesn’t need login. You are maybe referring to a login attempt of your Google account.

        Check if your Google account has been hacked at : https://haveibeenpwned.com/

        1 user thanked author for this post.
        • #2269048 Reply
          Kamante
          AskWoody Plus

          Thank you SB9K and Alex5723. Yes, it was my google account, as Alex suggested. And my location is about 2000 miles from Cherry Hill, SB9K.

          Since my post I have done a clean install of Windows 10 1909 Pro and have changed my passwords for Google and various other accounts, using passwords from the GRC Password Generator tool.

          I had previously registered my two email addresses with “haveibeenpwned” and no notice has been received of theft but it is time to check again.

          I should have realized right away that the actual “Linux” device was shielded by the device with the IP address I mentioned, but I am somewhat of a novice.

          • #2269235 Reply
            Paul T
            AskWoody MVP

            You should use a password manager to generate and store your passwords. There are several free ones that do a good job.

            cheers, Paul

            1 user thanked author for this post.
      • #2269281 Reply
        Kamante
        AskWoody Plus

        Since my post of June 2 I have been double-checking the security of my modem/router and my PC attached by ethernet to the router. It looks now like the Linux device reported as attached to my Google account may well have been my own modem/router. Still working on trying to understand this.

        I appreciate the responses to my post.

        Paul, yes I use a password manager and a password generator. Thank you for suggesting.

      • #2269443 Reply
        anonymous
        Guest

        24.9.239.23 translates to c-24-9-239-23.hsd1.co.comcast.net which is a Xfinity (Comcast) customer located in Colorado, likely the Denver area given the routers the traceroute is taking.

        1 user thanked author for this post.
        • #2269799 Reply
          Kamante
          AskWoody Plus

          The Linux device in question turned out to be my own Google Nest Mini (2nd Gen)!

          My Google Home speaker (1st Gen) and my Nest Thermostat (1st Gen) do not create Linux device entries.

          I finally realized that the Mini is essentially a small computer with some memory as compared to the Google Home speaker and Nest Thermostat, but it seems strange that my Google Security tab would treat the Mini as if it might be an intruder.

          • #2269803 Reply
            anonymous
            Guest

            Kamante wrote:
            it seems strange that my Google Security tab would treat the Mini as if it might be an intruder.

            It is. 😀

            But yeah, it seems strange that Google would red card one of their own products.

            1 user thanked author for this post.
            • #2269815 Reply
              SB9K
              AskWoody Lounger

              Now that the answer is known, I’d say it’s not a complete surprise. I get login alerts when I access sites/services with devices I seldom use for them.

              However, it’s easy to recognize when it was triggered by my own manual action. It makes me wonder if Google and other services have given much thought to those who are less tech savvy; who wouldn’t have been able to track down which of their devices it was.

              Gaming Rig: Win 8.1 Pro - Group A + Blackbird
              Work Desktop: Ubuntu 20.04 LTS (+ Win 8.1 VM, "just in case")
              Notebook (guinea pig): Whatever flavor of Linux I tried last
              File Server: TurnKey Linux
              1 user thanked author for this post.
              • #2269824 Reply
                Kamante
                AskWoody Plus

                My Google Nest Mini kept going offline and I finally realized this was happening when I would spot the Linux device in the Security Report and sign out of it. A bit slow maybe in putting the pieces together.

                I can’t understand why Google would “red flag” (as Anonymous said) its own device. Even more strange maybe is why it would just call it Linux and not Mini.

                Thanks for your comments.

                 

              • #2270006 Reply
                Paul T
                AskWoody MVP

                Google has no way of knowing if someone has cloned / mimicked a “mini” so it correctly reports a 3rd party login.

                It’s Linux because that’s the operating system.

                cheers, Paul

                1 user thanked author for this post.
    Viewing 4 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Why is Comcast is accessing my PC Chrome Browser?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.