Chrome browser becomes eavesdropping tool

Forum Moderators: open

Message Too Old, No Replies

Chrome browser becomes eavesdropping tool

Lame_Wolf

12:22 pm on Jan 23, 2014 (gmt 0)

Any computer running the Chrome browser can be subverted to eavesdrop on conversations happening around it, claims a developer.

[bbc.co.uk...]

And people have a go at me because I won't install it. :/

graeme_p

12:40 pm on Jan 23, 2014 (gmt 0)

Its got a security flaw. So does everything else.

It also needs a pop under Window open. I would notice that.

I prefer Firefox, but this is not a reason not to us Chrome/Chromium.

Mackin_USA

4:41 pm on Jan 23, 2014 (gmt 0)

Firefox is preferred for so many reasons.

tangor

5:47 pm on Jan 23, 2014 (gmt 0)

Ater, on the other hand, maintains that the Web Speech API requires browsers to abort speech input sessions whenever the user changes windows or tabs, to prevent the kind of abuse he describes. But the language that mandates that behavior was removed from the spec in a later errata, so that no longer appears to be the case.

And yet something seems to be fishy, because when we tried out some Web Speech API demos here at Vulture Annex in San Francisco � including Ater's exploit code and even Google's own demo � no persistent icon appeared in the system trays of our Windows machines or the status menu of our OS X computers while Chrome was listening, contrary to Google's online documentation.

[theregister.co.uk...]
Includes a security workaround...