Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to “we can do that”.
Remember how everyone used to make fun of people like Richard Stallman? Way back in 2012, we already reached the point where we had to acknolwedge Richard Stallman was right all along (useless sidenote: this is one of the three most popular OSNews articles of all time). In recent years, people have been putting stickers and tape on their laptops to cover up built-in webcams. The next step is, apparently, to rip out the built-in microphones, too. That’s what you get when you entrust a major technology company with automatic updates.
If it runs software from any of the major companies, your computer isn’t yours. Handle it accordingly.
There is a complete detachment from awareness about how any sane person would react to this.
The data spigot generated at their end could be stupendously huge depending on the audio quality and number of machines involved.
Perhaps it is a law enforcement plan to listen in on selected people and voice print them – but frankly they’ve been a bit unsubtle for that.
Perhaps it is a first step towards voice guided browsing on the desktop.
Frankly:
– “Just trust us” cuts no ice.
– “opt out available” is a disingenuous default when it should not be on in the first place.
and just like that, all google software has been removed from my system. back to firefox i go….
— eliyahu
Ugh, I don’t want to go back to Firefox. Chrome still has much better performance and much better developer tools. Is there an audited Chromium version without that crap?
This WAS the audited Chromium browser.
You can get out of it using toolkit based on the Chromium backend but not the Chromium browser itself. For instance
I am proud to say that QtWebEngine does not do this. It is part of the code we delete, and neither ship nor compile.
What kind of weird browsing habits do you have, that can only be satisfied with a browser that scores, at best, 5% better in benchmarks, while using more power (and suffers from broken HiDPI support, again)?
Power usage is not very relevant (I use a proper computer, i.e. a desktop PC). Yes, less power consumption is good for being green. Chrome just feels a lot snappier. Yes, Firefox did manage to catch up a lot, but it still isn’t quite there. Back when I switched the difference was enormously huge! (Firefox 3.5 to whatever Chrome version it was. Firefox with 30 tabs was completely and utterly unusable. Chrome on the same PC was totally fine.)
And while it has a lot of problems, the user interface of Chrome is also a lot better. Proper searchable settings (I always need hours to find what I need in Firefox while I exactly know how the setting is called. Just give me a full text search!), tabs that behave nicely, and the UI of Firefox’s developer tools is just a pain. Why cant I resize this column? Why cant I sort that? Why is the console so crappy? Why can’t you explore objects inline? etc. Only the exception messages/traces and font preview is better in Firefox.
I still use Thunderbird, though.
I see this a lot and I absolutely don’t get it. The actual real speed difference between firefox and chrome is in the single percent range, and it’s very much debatable which one of them is currently on top. Droves of people still think that feeling of ‘using the fastest browser in the world’ is more important than their own privacy!!! Ok, they get what they deserve then, I suppose. Sheesh, stealth uploading of audio samples from your own home to a foreign country traded for a couple of milliseconds gained (or lost) every page load…
As a Firefox user, I can honestly say that Firefox has much poorer scalability than Chrome in the face of heavy extension loads and many tabs.
It’s the design.
Chrome’s multi-process design is heavy on the RAM but allows the OS to pre-emptively multitask things.
Firefox lumps everything together into one big cooperative multitasking loop (Think Windows 3.1 and MacOS 9 and below) and one garbage collector.
That’s why I’ll be very glad when Mozilla finishes the laborious process of retrofitting multi-process architecture into Firefox without breaking the existing extension ecosystem.
Edited 2015-06-23 08:32 UTC
I’m more interested in Servo actually replacing Gecko in Firefox. That would improve performance dramatically. Huge memory bloat of multiprocess approach is not necessarily a good thing.
It won’t… among other reasons, because of how difficult it is to maintain extension compatibility just when retrofitting the SAME Firefox codebase for multiprocess.
Their intent is to merge pieces of Servo in piecemeal.
Now, a competing Servo-based browser… that’s more likely… especially given that it exposes a CEF-compatible API.
Firefox is moving to a multiprocessor branch soon. You can test it in the current nighties. Granted it increased my processor load four fold so I turned it off.
So aside from the developer tools, the speed is mainly a kind of feelgood aspect. The delight of not having to wait an extra millisecond for a tab to reopen. You don’t actually get things done any faster.
More like near constant pegging of one processor core and frequent multi-second GC pauses because of how my massive pile of (mostly lazily reloaded after restart) “task sessions in progress” tabs interact with my large pile of extensions in Firefox.
How about Opera. Uses the same engine as chrome without the tracking code.
There’s one specific site I use[1] that is only fully accelerated under Chrome and Chromium, and the latter only if you whitelist unsupported operating systems (Linux/BSD). On Firefox it appears to be accelerated, but if you move your mouse across the canvas it begins to stutter badly, so either something’s broken or it’s not truly accelerated.
Granted, that one site is so niche it’s not really a reason to stay with Chrome/Chromium over anything else, it’s just one example of better performance between the two browsers.
[1] http://earth.nullschool.net/#current/wind/surface/level/orthographi…
If there is some specific site that don’t work with my main browser I have developed a very complicated trick to access it anyway: I open it in another browser… Like the stupid timetracking sw at work that still requires IE8 for example. Of course I could use only IE8 because of that site which I’m required to use, but for some reason I think it’s quite ok to use more than one program to do my work, having a multitasking OS on the computer and all…
Well in my example I just deal with the broken acceleration in Firefox, as it’s a cosmetic issue. I also have to use multiple browsers at work; some of our software only works with IE in compatibility mode, I use Firefox for pretty much everything else, and our shipping department has to use Chrome because the web-based shipping software only works properly in that browser.
That’s to say nothing of web developers who must test in multiple browsers to make sure nothing is broken for their users.
Firefox outperforms Chrome easily for quite a while already. Not sure how old your data is, but it can’t be recent.
Edited 2015-06-23 03:03 UTC
Not 100% sure since I don’t use Chrome/Chromium, but if this issue is mainly to do with the “Chrome Hotword Shared Module” extension which contains a binary withoiut source code, then it seems to be “fixed” (using quotes because it seems like an ugly patch to me) in Debian’s Unstable branch. Not sure about other distros or operating systems.
Edited 2015-06-23 17:02 UTC
This is why we need a Firefox.
To make sure there is always an open source alternative.
For us to use.
And whose existence keeps the proprietary browsers from taking the mickey* too much.
* mickey, micturation, n.
The sad thing is, the bug report was filed against Chromium. Chromium is an open source web browser. That’s why people were surprised (and upset) to discover extra binary-only extensions being snuck in after chromium was installed.
… I’m pretty sure most of the wiretapping laws on the books make no distinction between a telephone line, and a computer network.
Certainly, police departments have tried to claim that recording a conversation constitutes a wiretapping violation, and if I recall, the courts shut those cases down not on the ground that it wasn’t wiretapping, but that the police were in a public place and had no expectation of privacy.
This sounds like a major legal landmine for Google.
The consent is in the EULA.
Chromium has no EULA.
I’m pretty sure that you can’t agree to illegal activity, especially in an EULA that you don’t have to click “Agree” to.
That might count as consent for the person who owns the computer under some specific circumstances, but what about a person that just happens to be in the same room? That is definitely not legal in many states. You cannot record someone in many states without their consent. Unless Chrome detects specific voice patterns and some how asks the voices individually if they consent to be recorded, then its not legal ( IMHO, IANAL, FJALFA).
I think it might be legal in some countries, if the data is processed anonymously. But again, if we think that Google’s plan was malicious, than we think that the company is so stupid, that It made such a backdoor that can harm their reputation deeply, while they were aware that the feature is easily detectable. Hanlon’s razor says otherwise imho.
It’s an extension of Google Now’s voice commands. Google is distributing it to all of their platforms outside of Android.
Ah yes, the glass is half empty vs the glass is half not poison argument.
It depends. Some laws are written so that only one party needs to consent for the conversation to be recorded. In those cases, Google could consent, and they would be fine recording whatever.
What about Chromium (e.g. on Debian GNU/Linux)?
The bug report was against Chromium.
The linked article is all up in arms because it was discovered via a bug report about Debian/Ubuntu Chromium having downloaded and activated this component without asking.
The issue is that Google exploited the sheer volume of changes to be audited to quietly circumvent the Debian auditing process with an innocuous-looking change that downloads un-audited code.
If you’ve got Chromium installed, visit “chrome://voicesearch” and look at the “Microphone” and “Audio Capture Allowed” lines.
(It’s a NaCl-based extension that is hidden from the normal extensions panel)
Edited 2015-06-22 18:07 UTC
Mine was “No” on the former and “Yes” on the latter. Does that mean the ‘feature’ has been present on this PC?
Mine too:
About Voice Search
Google Chrome 43.0.2357.125 ()
OS Linux
NaCl Enabled Yes
Microphone No
Audio Capture Allowed Yes
Good thing, my desktop does not have a microphone.
About Voice Search
Google Chrome 43.0.2357.125 ()
OS Linux
NaCl Enabled No
Microphone No
Audio Capture Allowed Yes
Current Language en-US
Hotword Previous Language en-US
Hotword Search Enabled No
Always-on Hotword Search Enabled No
Hotword Audio Logging Enabled No
Field trial Install
Start Page State No Start Page Service
Extension Id nbpagnldghgfoolbancepceaanlmhfmd
Extension Version 0.0.1.4
Extension Path /opt/google/chrome/resources/hotword
Extension State ENABLED
Shared Module Id lccekmodgklaepjeofjdjpbminllajkg
Shared Module Version 0.3.0.5
Shared Module Path /home/administrator/.config/google-chrome/Default/Extensions/lccekmodg klaepjeofjdjpbminllajkg/0.3.0.5_0
Shared Module State ENABLED
Shared Module Platforms x86-64_
Not available on Opera, even though it uses the Blink engine as Chrome does.
We get upset when Google does this because we expect better of them, and usually Google doesn’t disappoint us. However, when Microsoft does this (XBone has done this same thing since shipping), we shrug our shoulders and say “Hey, it’s MS being MS.” We don’t expect any better from MS, so it’s not a contraversy.
Xbox has done this since shipping.
Google snuck this in.
Do you really not see the difference?
Of course, but it shouldn’t matter. We treat them differently because one we think should know better, while the other we never trusted from the start. It’s disillusionment, but maybe we need to be disillusioned on these things. Google won’t handle everything perfectly, and if we expect them to goof up now and then, it’ll be easier on us than the reverse.
I guess the quote “expect the best, but plan for the worst” would apply here.
Who is this ‘we’ you speak of? The only thing I ever expected from Google was for them to do whatever makes them the most amount of money. Same/same with any other publicly traded, for-profit corporation. I really don’t hold any of them in higher regard than the others.
Yes, some folks are well and truly jaded of all businesses by this point. However, there is a rather large percentage that still wishes to believe in Google’s “Don’t be Evil” slogan. Each incident adds a bit more tarnish to their image, but it’s not nearly as bad (yet) as many other companies.
Perhaps the company with the most disillusioned (former) customers in the last couple decades is Hewlett Packard: back in the early 90’s, HP products were TANKS that you’d put up against anything else out, and now they’re giving Dell a run for the bottom.
For months I’ve experienced situations where I go to search on google after having chrome open and it autocompletes after typing only one letter.
For example after having a conversation with someone about unix epoch time, I then typed the letter “u” into the search bar and it immediately autocompleted to “unix epoch time” which I definitely had not searched for in a long time.
There have been several such examples.
Haven’t you also noticed that google chrome’s auto complete search feature is weird?
For example, try searching in google(Via address bar or at google.com search textbox). Then after google searched the keyword and list the results, the keyword that you typed in lastly was no longer at the “search textbox” but was filled with a different keyword you previously searched.
Isn’t this a weird thing?
Don’t be evil
love,
google
Nah… if they really wanted to be creepy, they would have a default that uploads the entire browser history and bookmarks to google-controlled serve… oh yeah… they call it “sync”.
I hope all the FOSSies learned their lesson. They rooted and rooted for Android, because they thought the Market, Maps and Gmail would be the only proprietary blobs for the foreseeable future.
Now Google gets to own 85+% of mobile users and install any blob they want via PlayServices, while all the FOSS community got is a crappy OS with audio stuttering issues, and with a moronic VM that delays execution (android 4.x) or installation (5.x) of apps.
This is why I never trusted ABMers. “Anyone” but Microsoft? What if that “anyone” is even worse?
Absolutely seconded!!
“Don’t Be Evil. Be F*****g Evil!” >-D
Nah, seriously – as Mr. Holwerda wrote, you really can’t put yourself in the arms of a single company this huge and powerful. Personally, I have been using Firefox with DuckDuckGo for a lot of time now, and I like to diversify on OSes and platforms (i.e. WinPhone / Linux / GMail…).
https://www.abiresearch.com/press/2q-2014-smartphone-results-forked-… by the way that 85+ percent is bull crap.
65% is Android with Google Play-services. 20 percent of Android out there is AOSP without Google Play-services. Yes it possible to opt out of Google play. So its not 85 percent of users at all.
Yes almost 1/4 of the Android market is not controlled by Google at all and AOSP is growing faster than PlayServices installed Android. Wonder who has been using those that is right the FOSS people kurkosdr has complained about and people in china and other places with country firewalls that connecting to Google play services is problematic.
This is why I never trusted ABMers. “Anyone” but Microsoft? What if that “anyone” is even worse?
Really no one should trust kurkosdr. Its not like Microsoft does not have a history of updates containing spy-ware.
Both IOS and Windows phone voice recognition uses on-line services and is basically spying device with no means to audit source code.
So Microsoft and Apple does it first market accepts it then Google thinks they can do it. Come on people learn to stand up for your privacy.
That’s why I’m an AABM (Almost Anyone But Microsoft)
I’m not quite so sure of all this. According to this:
https://code.google.com/p/chromium/issues/detail?id=491435#c10
> This is not “opt-in default”. If you do not explicitly opt in (using the “Enable Ok Google” setting in chrome://settings), then this module will not run.
Additionally, it would take some fairly hefty bandwidth to upload voice data. I keep a pretty close eye on my bandwidth with a bandwidth monitor running at all times, and my computer idles at basically 0 kbps up/down.
That is absolutely false, voice can travel with 3KB/s (24kbps) which is insignificant on all but the slowest (think 56k modem, 20 years ago) connection.
It looks like there are already people who jump on the evil corporate bandwagon, however I suppose it is just the common screwed up feature introduction from a tech company.
I am quite new in the IT industry, only 5 years so far and had a few jobs already, but I am quite amazed that even when developing a relatively simple software what kind of chaotic requirements and retarded solutions can rise, and the firms I worked for are more on the quality size. I think I have seen things like this a few times, and believe me you don’t want to be in the place of the person who was responsible for this.
I am these kind of things are terribly easy to catch by end users, and for corporates a few issues like these can seriously damage the brand. I agree in that the outrage is totally right, but it is not evil from Google, just inherent stupid.
Btw. I would suggest monitoring network traffic regularly instead of ripping the computer apart
this wasn’t even the first time i commented on it – but can’t be aR$%d to search elsewhere..
http://www.osnews.com/permalink?611587
There is a setting to listen for a hot-word and it is off by default. I don’t know the code details, but I almost sure that recognizing of “Ok Google” is done locally, not remotely. It would be crazy and not efficient and expensive to stream all the surrounding sound just for that. And then, yes, probably, the actual phrase after hot-word is sent to Google. But if I disable hot-word does it stream anything at all? I doubt it.
It seems like all the screaming is about almost nothing, as usual, unless we have a proof from the code, which we don’t. At least there is no one in the article.
I can only speak for me, but I’m less worried about the fact that they can listen to us (because let’s face it, it’s Google, of course they are), and more worried about this ability being set to default on during an update, without any documentation or announcement. Normally when a change is made upstream in an open source project, it’s documented in a changelog somewhere, and if it’s not an acceptable change the downstream packagers can patch it before release. In this case, Google never publicized the change, and it wasn’t until a code audit was done by the Debian packagers that it was found.
That’s what has me up in arms about it, anyway.
There is a plugin – sure. Plugin has rights to listen microphone – it should. But is any proof, that it is listening by default? This is what I see on my system:
About Voice Search
Google Chrome 43.0.2357.124 ()
OS Mac OS X
NaCl Enabled Yes
Microphone Yes
Audio Capture Allowed Yes
Current Language en-US
Hotword Previous Language en-US
Hotword Search Enabled No
Always-on Hotword Search Enabled No
Hotword Audio Logging Enabled No
I don’t think you understand the real issue. A fully open source browser (Chromium), when compiled and packaged, proceeds to download a closed source binary plugin without the user’s knowledge or permission, and if that isn’t bad enough, this change in behavior was not documented or publicized. The main reason people using GNU/Linux choose to run Chromium instead of Chrome is so they can maintain a completely open source operating system while still using Google’s browser, and this behavior destroys that possibility.
That is the issue people are having (myself included). If it had been a documented change, the downstream packagers could have patched it before putting in their repos. As it stands, this unwanted functionality was snuck in under the radar.
In other words, people aren’t upset that the plugin exists, they are upset about how it was surreptitiously shipped in what is supposed to be a fully open source project. It doesn’t matter what the plugin is or what it does or doesn’t do, it matters that it’s closed source and installed without the user’s knowledge or permission.
Edited 2015-06-23 14:05 UTC
Ok, I see. This is a different issue, comparing with what cited in the post. My complain was that the statements in the post of “listening conversations in every room” and “transmitting audio data to Google” are likely to be false, article does not present any proof of that statement.
So the issue is downloading of a native client blob, which is not an open source. Just curious, what license does it have? Can’t we see it in the Chromium code, at least a command to download it should be there? If we are saying “we trusted Google”, then open source does not help much, if it goes to trust anyway.
Don’t get me wrong, I’m not saying a plugin listening to your every word isn’t an issue in and of itself. My point was that we already know Google listens to and watches everything we do, say, and type; however, they are being extremely sneaky with this particular plugin and I have to wonder why.
I think, as far as the listening itself, that it’s so ambiguous at this point it’s better to be secure from the get-go. In other words, whether Google actually listens right now, with this plugin they can listen if they choose to, so I say don’t run the plugin (or Chrome itself) to avoid the possibility.
When I had an Android phone and Google Now was turned on by default the first time the phone was powered up with KitKat installed (a Nexus 4 btw, so not a carrier decision), I was extremely pissed about it. Any monitoring service, no matter how innocent its intentions, should be opt-in, not opt-out. This is for more than just tinfoil hat reasons; it can be considered a security breach especially given all the things we talk about in front of our devices without even a second thought. Just today I verbally recited one of our bank passwords to my wife so she could log in; her phone could very well have been listening since she uses Google Now. Do I think Google stole our password? Of course not! Do I think some man in the middle attack could potentially have stolen it? You’re damn right.
I understand that. The best way to avoid an issue is to avoid its very possibility.
From another hand, there is a law of our universe that any conspiracy can be explained by a chaos and sloppiness. And vice versa. So there is a freedom to choose the explanation you like.
We really need someone (with a lot more time and kernel coding knowledge than I have) to retrofit things in desktop Linux like audio access with Android/iOS-style per-process OS-enforced permissioning.
Then, if Chrome suddenly started trying to open the microphone without asking first, people would get an unexpected (scary) “Chrome is trying to access your microphone. Allow/Deny” dialog, the tech media would jump on “Chrome downloads mysterious spyware” hype, and Google would experience a PR nightmare for not respecting their users properly.
The permissions already exist, they’re just not enforced. On desktop Linux any user or process is expected to have access to audio devices without issue, but you could change that manually.
Your “smart” tv may be spying on you.
Your “smart” phone may be spying on you.
Your gaming console(s) may be spying on you.
Your harddrives firmware is shipped pre-hacked.
Your webcam may be spying on you.
Your web browser may be spying on you.
Forget it… I don’t have all night to keep typing out the list. So tell me again, who actually believes they have any real privacy anymore?
A few more…
Your teachers are spying on you.
Your spouse is spying on you.
Your parents are spying on you.
Your boss is spying on you.
All the spying has gotten truly outrageous.
I wouldn’t presume to comment about the rest, but as a teacher I can assure that, apart from assignments (in the sense done/not done), I haven’t the slightest interest whatsoever about what my student do outside of class.
But it is a question of principle, not practicality. You expose a security threat for our children, so you should stay away from them in the breaks.
I do my best!
I even live in the next town over from that of my school in the hope of never meeting a student outside of school.
You forgot smartwatches. Both Android Wear and the Apple Watch are listening all the time too.
To be fair, some of us are naturally VERY far from being low-hanging fruit.
Upstream maintainer explained that if you did not check the = “Enable “OK Google” at chrome://settings, the extension will not run.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786909#66
I stopped using Chrome because of the privacy issue and the increasing number of errors of “frequent updates”. I think Google is going to fail hard in 2-3 years.
More like 20-25 years from now. 2-3 years is nothing for a company which litteraly is the smart phone and search market.
If you’re paranoid, rip out the speaker too.
It’s a membrane and if your bios is trojaned it can be repurposed as a mic, no? 😉
A hardwired, verifiable mechanical switch that I personally install on the wires leading to all microphones and speakers might suffice. Anything less really wouldn’t. And I would personally purchase old, off-brand switches.
And if your computer has a socket for an external microphone, consider installing a hand-built shorting plug when not in use.
No, I don’t do these things. Yet.
I just use one of those cheap $3 USB hubs from China where you can open them up and see that, not only is it too cheap for quality assembly, the switches operate by being pure physical cut-offs on the USB power leads.
Anything beyond that is far too excessive at this point in time.
Look, I’d like to believe that if we can audit the software source code, we’re safe. It sounds like a great plan.
But it’s just not sufficient, because of The Ken Thompson Hack.
Here’s a hint from http://c2.com/cgi/wiki?TheKenThompsonHack (emphasis added):
Hardware is coded, too. It’s turtles all the way down, so unless you can audit your complete hardware stack, including the processes used to manufacture your hardware design, you’re vulnerable.
Support free hardware.
Some people in the industry get it:
http://lwn.net/Articles/647636/
https://en.wikipedia.org/wiki/Novena_(computing_platform)
https://cryptech.is/
Even Google needs parts they can trust:
https://www.youtube.com/watch?v=mpbWQbkl8_g&t=47m31s
Or at least try to create things they can trust.
Edited 2015-06-23 15:06 UTC
I should add, building secure systems is impossible in practice:
https://www.youtube.com/watch?v=ca0DWaV9uNc
http://arstechnica.com/security/2015/06/not-ok-google-chromium-voic…