Google Chrome Bug Could Allow Websites To Snoop On Conversations

Source: International Business Times

A security flaw in Google Chrome, the world's most popular Web browser, could allow a hacker to turn on a user's computer microphone and secretly obtain a Chrome-generated transcript of the user's conversations, according to an Israel-based software developer who highlighted the flaw in a blog post this week.

The developer, Guy Aharonovsky, told International Business Times he found the defect in Chrome while experimenting with a voice recognition feature in the browser. He said he reported the problem to Google through its Chromium bug tracker, but the company’s developers designated it “low-severity,” which meant they didn't view it as a top priority and offered no immediate fix. Google did investigate the problem, he said, but only after he submitted a blog post about it to Reddit, a popular socially driven news site.

... A Google spokesperson confirmed the existence of the vulnerability on Wednesday. “Our security team is actively investigating this issue,” Google said in an email to IBTimes.

... While there's no evidence of any Chrome user harmed by the vulnerability, the security flaw's potential damage is significant. Chrome serves more than half of the world's Web traffic, and with just one click on a malicious Web page, a user could unwittingly allow that website to obtain a text transcript of any conversation near the computer, via the user's computer microphone.

Read more: http://www.ibtimes.com/google-chrome-bug-could-allow-websites-snoop-conversations-1569646