Google Chrome Hack Allows Websites to Listen to You

Google Chrome Hack Allows Websites to Listen to You

Google Chrome Hack Allows Websites to Listen to YouHere’s a thought. You’re a die-hard Google Chrome fan, so every time you peruse the Internet it’s Chrome all the way. In fact, you’re such a pro that you have even enabled voice-recognition. Pretty high tech. At least that’s what voice-recognition apps developer Tal Ater thought until he noticed sometime strange hidden in the background.

Chrome users listen up! Any site that’s enabled for voice-recognition has the ability to use a pop-up window to record your voice almost indefinitely without you even knowing. Ater demonstrated this by closing a tab in Chrome, yet he continued talking. He then revealed a pop-up behind the main Chrome window that was transcribing everything he was saying.

Scary? I’d say, especially if it’s a malicious site using Chrome to listen to people’s offline conversations. Just think of all the details the “bad guys” could learn about you!

So, what’s the deal with Chrome? Once you’ve given an HTTPS-enabled site permission to use your mic in Chrome, you’ve just given the whole site, even pop-ups in the background, permission. And, with the code running in a different window, none of Chrome’s recording icons will initiate, so it looks like nothing is accessing your computer at all.

What should you do? Manually revoke the microphone permissions, which most of us, me included, would never even think to do.

This bug was first reported to Google in September 2013, and while their engineers have isolated the problem, the “fix” still hasn’t made it to user computers.

And, a future warning? There is a new class of apps being developed that require even more invasive permissions. Think in-browser services, like Google Hangouts, even though more convenient because you don’t have to reauthorize your mic for each session, blanked permissions can create a privacy issue.

(Photo credit: antb /

About the Author

Ginger Hill is Group Social Media Manager.


Featured Cybersecurity


New Products

  • ALTO Neoxx Electronic Padlock

    ALTO Neoxx Electronic Padlock

    Built to withstand all access control needs, the tough new SALTO Neoxx electronic padlock takes security beyond your expectations. 3

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3

  • LiftMaster Garage Door Opener

    LiftMaster Garage Door Opener

    LiftMaster Transforms the Garage Door Opener Into a Sleek Smart Home Device That Does More Than Open and Close the Garage Door 3