Google Chrome WARNING – Browser could be covertly filming YOU, here’s why
Google Chrome could enable sites to record audio and video without its users being aware, it has been claimed.
However, the California-based technology company confirmed it would look to find ways to “improve the situation” with future releases.
“This isn’t really a security vulnerability – for example, WebRTC on a mobile device shows no indicator at all in the browser,” a Chromium member replied to the researcher’s report.
“The dot is a best-first effort that only works on the desktop when we have chrome UI space available. That being said, we are looking at ways to improve this situation.”
To protect users’ privacy, web browsers will check with the user whether a certain website has permission to use WebRTC to access the device’s camera and microphone.
Once permission is granted, that site will always be able to access your camera and microphone until you manually revoke WebRTC permissions.
It’s the reason you don’t have to constantly grant Facebook permission to use your camera and microphone each time you login to the website and make a video call.
This is convenient, but could in theory allow previously authorised sites to covertly access your device’s camera and microphone.
To prevent this – web browser have a visual indication whenever audio or video is being recorded.
For example, Google Chrome uses a small red dot icon within the tab to alert users whenever audio or video streaming is live.
Chrome provides visual indicators whenever approved sites are accessing audio or video
This works because Google Chrome has not been designed to display a red-dot indication on headless windows.
This enables website developers to “exploit small UX manipulation to activate the MediaRecorder API without alerting the users,” Bar-Zik writes.
In order to stay safe, it is possible to simply disable WebRTC.
However those who require the feature should only ever granted permissions to trusted websites – and always look for any other windows spawned by a site that you might not be expecting when using WebRTC features.
Facebook CEO Mark Zuckerberg and former FBI director James Comey have previously admitted they put tape over laptops’ webcams to stop this type of attack.
Granted, tape will not stop hackers or governments recording your voice – it will prevent them watching live video feeds.