Google Chrome vulnerability allows Websites to Eavesdrop on You

Source: National Cyber Security – Produced By Gregory Evans

Just imagine, you are sitting in front of your laptop and your laptop is listening to your nearby conversations. What if the recorded audio from the system’s microphone is being instantly uploaded to a malicious website?Google has created a speech-recognition Application Programming Interface (API) that allows websites to interact with Google Chrome and the computer’s microphone allows you to speak instead of typing into any text box, to make hands-free web searches, quick conversions, and audio translator also work with them.In January, a flaw was discovered in Google Chrome that enabled malicious websites with speech recognition software to eavesdrop on users’ conversations from background without their knowledge using an outdated Google speech API.A new similar vulnerability in Google Chrome has been discovered by Israeli security researcher, Guy Aharonovsky, claimed that the Chrome’s speech-recognition API has a vulnerability that allows attackers to turn victim’s machine into a listening port without asking for any permission, even if your microphone is completely disabled. “Even blocking any access to the microphone under chrome://settings/content will not remedy this flaw.” he said in a blog post. Reported vulnerability exploits the “-x-webkit-speech” feature of Chrome’s speech-recognition API and allows a malicious web application to eavesdrop in the background […]

For more information go to, http://www., or

The post Google Chrome vulnerability allows Websites to Eavesdrop on You appeared first on National Cyber Security.

View full post on National Cyber Security