Chrome for the desktop has a flaw that allows sites to keep your microphone on all the time

BY Stefan Constantinescu

Published 22 Jan 2014

Tal Ater is a developer that discovered a “bug” in Google Chrome several months ago whereby any website could open a window in the background and begin recording audio. Now for this to work, you as a user will first have to grant permission to a website to enable the use of your microphone. After you click accept, then it’s game over.

Instead of selling knowledge of this hack to the black market, Tal did the right thing and reported it to Google. The thing is, he did that back in September, yet it still hasn’t been fixed. Google’s response to The Verge regarding Tal’s discovery is: “We’ve re-investigated and still believe there is no immediate threat.” Again, you as the user need to grant permission to a website before it can access your microphone. What Tal worries about, and what Google should worry about as well, is websites masquerading as legitimate services in a bid to record secret background conversations.

How important is this in the grand scheme of things? In the future, you’ll be able to do most of your computing tasks using just your voice. If I look at my usage of technology, I’ll dictate any text message that’s longer than a couple of words. And I perform at least one Google search a day just by talking.

So wise up, Google. This might not be a problem today, but what about tomorrow?