Here's How Easy It Is For Google Chrome To Eavesdrop On Your PC Microphone
http://www.forbes.com/sites/marcwebertobias/2014/01/26/heres-how-easy-it-is-for-google-chrome-to-eavesdrop-on-your-pc-microphone/
1/26/2014
What if the laptop on your desk is listening to everything that is being said during your telephone calls and conversation or from others near your computer? Then imagine that the audio from the internal microphone is being instantly uploaded to Google where it is transcribed and broadcast on a real-time basis to a malicious web site, Twitter, or to a competitor. Sound like a high-tech novel?
This scenario is not only possible (and easily accomplished) but I had a researcher in Israel do this last Saturday with my laptop to confirm the information that appeared in the New York Times and many other publications last week. Anyone that uses voice recognition built into Google Chrome browsers (and soon others) should pay attention because of the potential for eavesdropping and interception of conversations within several feet of any computer running this browser.
Tal Ater is a voice recognition specialist living near Tel Aviv. In September, 2013 he notified Google about a bug he discovered in Chrome that could allow your computer to act as an open microphone and send the digital audio to Google for them to process through their highly efficient speech recognition software.
This is done on a real-time basis and Google returns the text translation back to their Chrome browser for use by whatever website it is logged into. The problem that Tal Ater found was that you could leave the site but audio processing could under certain conditions continue to occur unless you closed the pop-up window that was present during the session.
Before Ater notified Google engineers, the pop-up that showed microphone status was in the background and could easily be missed by a user. Since the notification, they changed that so that the window is now in the foreground. But it really does not matter unless you are paying attention and understand the vulnerability. Once you give permission to open your microphone it may stay connected and the permission can remain active.
..more..