Has Google Been Eavesdropping On Chrome Users?

Open SourceSecuritySecurity ManagementSoftware
eavesdropping
1 1 No Comments

Privacy campaigners claim Google secretly installed voice recording service in Chromium browser, an accusation the search giant denies

Google has denied accusations of eavesdropping on millions of Chrome browser using a secret tool that lets the company listen in on conversations.

The search giant’s Chromium browser, the open-source version of Chrome, began remotely installing audio-snooping code that was capable of listening to conversations held in front of the computer, according to reports from developers and privacy campaigners.

The code appears to be a part of enabling the company’s ‘OK Google’ voice search function, but many users have claimed the service was installed without their permission.

Listening in?

Google chrome “Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room,” Rick Falkvinge, the Pirate party’s founder, said in a blog post.

“[This] means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by … an unknown and unverifiable set of conditions.”

Developers found that the feature is also installed by default as part of Google’s Chrome browser, meaning millions of users could have the feature enabled without knowing it.

The news has also irritated advocates of open-source advocates, who are angry that the questionable code is installed along with Chromium, despite it being ‘black box’ and not part of the open source audit process.

Google denial

Google has denied the accusations, claiming in a blog post that the service had to be opted into by users in order to operate.

“While we do download the hotword module on startup, we do not activate it unless you opt in to hotwording,” a member of the Chromium development team wrote.

The company also attempted to shift the blame towards the Linux distribution service Debian, which downloads the non-open source component with Chromium automatically, rather than Google Chrome.

“The key here is that Chromium is not a Google product. We do not directly distribute it, or make any guarantees with respect to compliance with various open source policies,” Google developer mgiuca said.

“We’re sure you’ll be relieved to learn we’re not listening to your conversations – nor do we want to,” a Google spokeswoman told The Guardian. “We’re simply giving Chrome users the ability to search hands free at their computers by saying “OK Google” while on the Google homepage – and only if they choose to opt in to the feature.”

The news is the latest in a series of worries surrounding Google’s browser, which has been affected by a wide range of malicious apps and extensions.

Earlier this year, a malicious Google Chrome extension masquerading as a screenshot application was found to be sending the browsing information of up to 1.2 million users to an IP address in the USA.

Are you a Google expert? Take our quiz!


Click to read the authors bio  Click to hide the authors bio