A bug in Google Chrome allows malicious websites to turn users’ computers into clandestine listening devices, a programmer discovered.

Tal Atler, a web developer in Israel, discovered that once you give a website permission to access your microphone on Chrome, it becomes vulnerable to malicious eavesdropping. As Alter explained in a blog post later picked up by BBC and other outlets, the site can continue to “record anything said in your office or your home, as long as Chrome is still running.”

How does it work? Once you give permission for a site to access your microphone, Google Chrome displays a red icon to notify you when it is being used.

However, there is a bug Atler discovered whereby these sites, even after you leave them, can deploy a pop-under window in your browser that continues to record everything in earshot of your computer.

That means, as long as you are using Chrome, it is possible that every noise in range of your computer is sent to Google to be analyzed and then potentially passed on to a malicious site.

According to Atler, after notifying Google, the Chrome team promptly created a fix for the bug but has yet to implement it.

"The security of our users is a top priority, and this feature was designed with security and privacy in mind," a Google spokesperson told BBC. "We've re-investigated and still believe there is no immediate threat, since a user must first enable speech recognition for each site that requests it."

Load Comments...

Send this Article to a Friend

Separate multiple emails with a comma (,); limit 5 recipients

Your email has been sent successfully!

Manage this Video in Your Playlists

notify when someone comments

This website uses cookies.

This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our Privacy Policy.

I agree
Learn More