Google Chrome Hack Allows Websites to Listen to You

Google Chrome Hack Allows Websites to Listen to You

Google Chrome Hack Allows Websites to Listen to YouHere’s a thought. You’re a die-hard Google Chrome fan, so every time you peruse the Internet it’s Chrome all the way. In fact, you’re such a pro that you have even enabled voice-recognition. Pretty high tech. At least that’s what voice-recognition apps developer Tal Ater thought until he noticed sometime strange hidden in the background.

Chrome users listen up! Any site that’s enabled for voice-recognition has the ability to use a pop-up window to record your voice almost indefinitely without you even knowing. Ater demonstrated this by closing a tab in Chrome, yet he continued talking. He then revealed a pop-up behind the main Chrome window that was transcribing everything he was saying.

Scary? I’d say, especially if it’s a malicious site using Chrome to listen to people’s offline conversations. Just think of all the details the “bad guys” could learn about you!

So, what’s the deal with Chrome? Once you’ve given an HTTPS-enabled site permission to use your mic in Chrome, you’ve just given the whole site, even pop-ups in the background, permission. And, with the code running in a different window, none of Chrome’s recording icons will initiate, so it looks like nothing is accessing your computer at all.

What should you do? Manually revoke the microphone permissions, which most of us, me included, would never even think to do.

This bug was first reported to Google in September 2013, and while their engineers have isolated the problem, the “fix” still hasn’t made it to user computers.

And, a future warning? There is a new class of apps being developed that require even more invasive permissions. Think in-browser services, like Google Hangouts, even though more convenient because you don’t have to reauthorize your mic for each session, blanked permissions can create a privacy issue.

(Photo credit: antb / Shutterstock.com)

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities