Google Chrome is eavesdropping on you, developer says

While Google has known of the problem for months and has a fix ready, they are waiting for direction from the W3C about how to deal with the bug.
Posted By Ananth Baliga   |   Jan. 23, 2014 at 3:56 PM   |   0 comments

| License Photo
Jan. 23 (UPI) -- Israeli software developer Tal Ater has found a bug in Google Chrome that allows the browser to eavesdrop on users' conversations.

The bug was brought to Google's attention last year, and the tech giant has a fix ready for the possible security breach. But according to Ater, Google is waiting for direction from World Wide Web consortium (W3C), an organization that directs web development, about what should be done before issuing the update.

"We've re-investigated and still believe there is no immediate threat, since a user must first enable speech recognition for each site that requests it," said a Google spokesperson.

Ater stumbled across the bug, while trying to develop his own voice recognition system. Typically people must allow a website to access to their computer's microphone. One permission is granted, Chrome lets the user know that the microphone is switched on by providing a blinking red dot on the tab for that site.

A video on Ater's site shows how a hacker could use malicious code to start a "pop-under" window and launch the speech recognition system, allowing an unsuspecting user's conversation to be heard by the hacker.

"The malicious site you visited can continue listening in on you long after you have left it," said Ater. "As long as Chrome is still running nothing said next to your computer is private."


[talater.com]
[BBC]

Follow @antbaliga and @UPI on Twitter.
Topics: Google
© 2014 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Trending News
Join the conversation
Most Popular
Photos
Video
x
Feedback