In case you haven’t already figured it out, you probably shouldn’t give permission for websites to flip on your computer’s microphone unless you really trust them. Per The Verge, developer Tal Ater has discovered a way for hackers to keep recording your voice through Google’s Chrome browser even if you’ve closed the tab that you gave permission to flip on your computer’s microphone. Essentially, hackers can create pop-up windows for websites that ask for your permission to flip on your microphone and that can keep recording you even after you’ve left the original webpage.
The Verge notes that this exploit is possible because “once you’ve given an HTTPS-enabled site permission to use your microphone in Chrome, every instance of the site has permission, even windows that pop up unnoticed in the background.” Google tells The Verge that it is aware of the exploit but says that it poses “no immediate threat, since a user must first enable speech recognition for each site that requests it.” The company does say that it’s working on ways to make Chrome’s microphone permissions policy more secure, however.