Google Chrome Flaw Sets Your PC's Mic Live

First time accepted submitter AllTheTinfoilHats (3612007) writes "A security flaw in Google Chrome allows any website you visit with the browser to listen in on nearby conversations. It doesn't allow sites to access your microphone's audio, but provides them with a transcript of the browser's speech-to-text transcriptions of anything in range. It was found by a programmer in Israel, who says Google issued a low-priority label to the bug when he reported it, until he wrote about it on his blog and the post started picking up steam on social media. The website has to keep you clicking for eight seconds to keep the microphone on, and Google says it has no timeline for a fix." However, as discoverer Guy Aharonovsky is quoted, "It seems like they started to look for a way to quickly mitigate this flaw."

Flaw?

[GodfatherofSoul]

Yeah right.

Re:Flaw?

[fustakrakich]

Yeah, the flaw is that it wasn't hidden well enough..

How conveeeenient!

[plover]

This flaw, plus heartbleed, makes it sound like all the conspiracy theorists got together for a secret cabal to convince the world that the NSA really is out to get everyone.

He only gave Google 2 days before going public?

[Dahan]

So, no thanks to TFA, I found the actual bug report, and it turns out the guy went public less than 2 days after reporting the bug to Google. Talk about impatient. And it's not true that "Google issued a low-priority label to the bug when he reported it, until he wrote about it on his blog and the post started picking up steam on social media". It's true that it was originally given a low-severity label at first, it was bumped to medium a day-and-a-half later, then up to high a few hours after that--around the same time that he went to reddit about it. Not exactly sure if it was before or after, since I don't know the timezone of the times reported on Chrome's issue tracker, but one of the comments from Google says that they had already bumped the severity rating before they knew about him going public.