On Debian it apparently was only in the version 43 of chrome..the "spy activity" was not noticed before version 43..and Google now say that on Debian at least "the module" is no longer in the binary..
Article with more detail on el reg a week ago..
[theregister.co.uk...]

You don't mention your OS..nor your Chrome version number..

Firefox source has not been flagged by anyone ( and the open source code it is built from is inspected by a great many people ) as containing anything similar..

Google's "backing" for Firefox would not allow Google to hide things in Firefox..
Obviously Google did not think that anyone at Debian would notice..
Which no-one did, for a while..

The Firefox builds for all platforms come under a great deal more scrutiny..

edited to add..
All versions of chrome that I have tested "phone home" a great deal to Google, as I have mentioned here in the past ( wireshark shows Chrome to be very communicative with the mothership )..Hotword merely ramps up Google's spying another notch..

I've tested Chrome to see if it has has stopped "phoning home" to Google, and so far, all versions still do, so I remove it each time after testing..

I don't understand. Where is the recorded material stored, and for how long? Are we talking about "Yuk, they shouldn't be doing that" or about "Vast potential for abuse"?

Where is the recorded material stored, and for how long?

Stored on Google servers, ( and probabaly those of the N.S.A too ) could be stored for years..

Are we talking about "Yuk, they shouldn't be doing that" or about "Vast potential for abuse"?

Both..
And as a ( until now ) trusted by many, ( not I ) contributor to Debian..Google really have crossed way over the creepy and dishonest line..
You don't set a "Browser"* to silently download a spy module which is set to "default" to, "listen to conversations mode" ( without notifying the user of this behaviour ) by accident , nor do you forget to include the source code for that action and "module" , nor excuse it ( as they have done in the past ) by the actions of a distracted engineer who did not get the approval of his superiors..

*Chrome fits all the definitions of Spyware / Malware..Google's actions here were sleazy..

Stored on {third party} servers

WebmasterWorld forums software interferes with every response I could possibly make.

Hey guys, you're missing the big picture! Hotwording is research for voice activated devices. G just needs a large sampling to make sure the tech will work with any voice, language, or device in natural speaking. It's just research! (Sheesh, get on board!) We all know that folks get self-conscious and speak differently if they know there is a microphone on, changing voice stress and cadence. G needs is as natural as possible.

(Note, for the humor impaired, the above is satire)

I was gonna say Tangor, lol, until you added that last line I wanted to volunteer you for their testing and kindly ask to be left out. Honest research usually involves being honest about your practices and intentions, they actually hid this and didn't warn anyone.

I've read up a bit more on it and Google's primary reasoning seems to be that this is not their doing, it's the same on the software which they do not own(Chrome is based on Chromium code which they do not own) BUT, and it's a big but, the code in Chromium IS Google's proprietary technology and they (apparently) knowingly hid it and used it without people's knowledge or permission.

I'm creeped out, there's no excuse to have avoided disclosure. Google also claims they have your permission because your settings give them permission but does that count when they secretly update your permissions to be on by default? I don't think so. A simple litmus test, how many computers out there are recording ambient sounds and voices without the owners knowing? Put into context, this same company is wanting everyone to install NEST in their homes and has had a few rough patches with privacy issues recently, trust should be their top priority but they sure played fast and loose with this, or so it would seem.

I'm still hoping that someone can point out some facts that confirm my worries are unfounded, I'd love to hear that there is zero chance I was being recorded by this without my knowledge.

I'm not quite sure what you peeps are talking about however I use Chrome for accessing my AdSense acount, absolutely nothing else other than testing new website pages, as soon as I have finished doing "whichever" I close the browser clearing the cache and history.

Can I assume that I am safe from the snooping porkers?

UPDATE:

New Chromium builds will no longer download/install the Hotword Shared Module and will automatically remove the module on startup if it was previously installed.

A closed-source and binary-only kernel module caused a fair fuss when it was found inveigling its way into the very much open-source Chromium.

Thanking the community for their attention and input on the issue, one of the project developers told the issues ticket thread that "as of the newly-landed r335874, Chromium builds, by default, will not download this module at all."

[theregister.co.uk...]

If the privacy problem is not bad enough, there is another issue: Chromium is supposed to be open source, and this is a work around that installs closed source with no warning.

Google cannot be regarded as a trusted upstream provider, as @Leosghost says

There are plenty of other webkit browsers around. Just in case keep your microphones off (unplug if possible, otherwise turn off in the OS) when not in use

My Android tablet often listens on purpose as I have an assistant enabled that engages when I say it's name.

If I'm not mistaken, the latest Android version does the same thing when on certain pages you say "OK Google" and it then responds to an audible query, perhaps that's what ended up in the desktop version of Chrome.

I'd get used to it because the only way technology can respond to oral commands is to listen, which my tablet does. :)

This is what many devices will be doing soon, including phones, tablets, computers, game, perhaps TV and even appliances.

Always on the bleeding edge...

IMO the simple solution is to just use Firefox which I do as well.

and then they tell me CIA =/= Google - yeah, right..

Idle query: do people want their Internet-connected devices to respond to voice input? It would drive me stark staring bonkers.
:: pause here for inevitable wisecrack ::
I'll talk to the cats, to the rats, occasionally even to the fish, but an inanimate object? Nuh-uh. When I get one of those telephone menus where you have to speak your question, I dial 0 and continue doing so until they give up and transfer me to a human.

Decades in the future, someone will brilliantly invent a way that you can tell the computer what you want with no possibility of anyone else overhearing. It will be called ... drumroll ... The Keyboard.

Nah... soon we'll all be hooked up like that wise-acre flunky in the Andromeda series. It will be called ....

Plug and Play

This is pretty insane. Was this included in the open-source Chromium version or just the binary?

If I mute my internal mic in Linux, can a browser unmute it? Hopefully this can be "firewalled" that way.