Much to the chagrin of Chrome browser users, Google was accused of eavesdropping on customers this week with a new browser feature that turns on a computer’s microphone and carries out commands that begin with the so-called hotword “OK, Google.” Is this a business concern? Only if your company allows the web browser Chrome.
Millions of U.S. corporations do.
The software is able to send audio data back to Google, which means that when your computer is running Chrome, Google can secretly listen into conversations occurring in the room. According to Rick Falkvinge, founder of Sweden’s Pirate Party, the secret downloading of audio listeners onto every computer that runs Chrome was discovered via a simple bug report. The report pointed out that when one starts Chrome, “it downloads something,” followed by a status report that says “Microphone: Yes” and “Audio Capture Allowed: Yes.”
And it appears Google began doing this without the permission of the user.
Google’s response to the ensuing outrage was two-fold. They emphasized that the hotword module is not activated until a user opts in to the “hotwording” feature. And they countered that the open-source Chromium, the codebase from which Google Chrome is drawn, is not actually a Google product and they don’t directly distribute it.
But neither of these defenses left users feeling any more comfortable. I mean, why would anyone ever suspect Google of enabling an eavesdropping code they already secretly downloaded onto your computer without your permission and knowledge?
Google still insists that concerns over its hotword module being used for eavesdropping are off target, but it has bowed to pressure and removed the module from the Chromium browser.
“We’re sure you’ll be relieved to learn we’re not listening to your conversations—nor do we want to,” a Google spokeswoman said in a statement to eWEEK. “We’re simply giving Chrome users the ability to search hands-free at their computers by saying “OK Google” while on the Google homepage—and only if they choose to opt in to the feature.”
It’s hard out there for a network admin. There are more things to worry about than hours in the week. We have a team of security professionals who can do the worrying (and the mitigating) for you. Contact us to learn more.
Categories: Data Security, Internet Security
blog.slpowers.com 
Leave a Reply