Click to Skip Ad
Closing in...

Developer uncovers the scariest Chrome exploit yet

Published Jan 22nd, 2014 12:00PM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

In case you haven’t already figured it out, you probably shouldn’t give permission for websites to flip on your computer’s microphone unless you really trust them. Per The Verge, developer Tal Ater has discovered a way for hackers to keep recording your voice through Google’s Chrome browser even if you’ve closed the tab that you gave permission to flip on your computer’s microphone. Essentially, hackers can create pop-up windows for websites that ask for your permission to flip on your microphone and that can keep recording you even after you’ve left the original webpage.

The Verge notes that this exploit is possible because “once you’ve given an HTTPS-enabled site permission to use your microphone in Chrome, every instance of the site has permission, even windows that pop up unnoticed in the background.” Google tells The Verge that it is aware of the exploit but says that it poses “no immediate threat, since a user must first enable speech recognition for each site that requests it.” The company does say that it’s working on ways to make Chrome’s microphone permissions policy more secure, however.

Brad Reed
Brad Reed Staff Writer

Brad Reed has written about technology for over eight years at BGR.com and Network World. Prior to that, he wrote freelance stories for political publications such as AlterNet and the American Prospect. He has a Master's Degree in Business and Economics Journalism from Boston University.