Google's in hot water after dropping binary code in Chromium for Linux
A Debian bug report indicated on Tuesday that the most recent version of the Chromium browser downloaded a "Chrome Hotword Shared Module" extension as a binary without source code.
Further investigation revealed that the extension was linked to "Ok Google", a voice search and actions service that uses the computer's microphone to run commands when the user speaks a command followed by instructions.
The company used the feature on Android and other mobile devices for some time already but has moved it to the Chrome web browser as well in the meantime.
The main idea behind the feature is to give users options to use their voice to run commands instead on devices supporting the feature.
Google is criticized for dropping the code for several reasons:
- Users don't get a choice. The code is downloaded to the system automatically.
- There is no switch to disable it.
- Only a binary is provided, no source code.
- The extension is enabled by default.
- The extension listens to the microphone.
- The extension is not listed on chrome://extensions.
You can check the chrome://voicesearch page in Chrome or Chromium to find out whether the feature is enabled on your end.
The most important values on the page are "audio capture allowed", "hotword search enabled", "always-on hotword search enabled" and "hotword audio logging enabled".
Google provides two options to disable OK Google currently. The first is to pass the parameter enable_hotwording=0 when Chrome is build, the second to make sure the feature is disabled on chrome://settings.
There you need to find Search and make sure that "Enable "Ok Google" to start a voice search" is not checked.
A Google employee responded to several of the complaints that users made about the dropping of the binary.
Hotword activates and records without asking for user permission
Google states that the extension, while installed by default without option to opt out or uninstall it, won't run by default as it needs to be enabled explicitly by the user first.
First and foremost, while we do download the hotword module on startup, we *do not* activate it unless you opt in to hotwording. If you go into "chrome://settings", you will see a checkbox "Enable "Ok Google" to start a voice search". This should be unchecked by default, and if you do not check it, the hotword module will not be started.
It also mentions that it does not see a difference between downloading the module (without running it) and not download it.
Providing an extra step to install the module would be unnecessary friction for our users. There is literally no difference between downloading the module (without running it), and not downloading it, except a tiny amount of bandwidth saved. There is no difference from a privacy or security standpoint, because unless we run it, it can't do anything, no matter what behaviour it might contain within.
That's actually something where the employee errs. What the employee fails to take into account is the trust factor. While it may very well be the case that there is no difference from a privacy or security standpoint, we only have Google's confirmation that this is the case but no option to verify that claim due to the binary nature of the code.
Dropping the code automatically may be the user-friendly way of deploying OK Google on user systems but it is at the same time invasive, suspicious and a trust issue.
Not showing the extension in the extension list
We call extensions that are built into or automatically downloaded by Chrome "component extensions" and we do not show them in the extension list by design. This is because as I was saying above, we consider component extensions to be part of the basic Chrome experience (it is an implementation detail that they are separate extensions). The chrome://extensions UI is a place for users to manage the extensions that they have installed themselves; it would be confusing if that list was pre-populated with bits and pieces that are a core part of the browser.
Now You: What's your take on this?
what i dont understand here is why drop the blob into chromium which is supposedly “open-source”,surely google knew that the module would be detected.
I think if google were trying anything devious then chrome would be the browser to choose as its closed source..
this has certainly put a dent in my trust in google or indeed chromium.
Quick update here: the guardian is suggesting that the add-on is much more problematic than just being closed source: it’s also a privacy concern:
http://www.theguardian.com/technology/2015/jun/23/google-eavesdropping-tool-installed-computers-without-permission
I’m done with Chrome.
P.S. I’m sick of the occasional imbecile who’s always trying to tell us we shouldn’t care about potentially being spied on.
Don’t value your privacy or freedom? Fine. Don’t dictate to me how I should value mine.
As always, Google is creepy, entitled, and overreaching, and sometimes oblivious
Google will never be in “hot water”. They’re bigger than the government at this point. They’re above the law, they’re going to do whatever they want, whenever they want, and no one is going to stop them. We live in an era where laws don’t matter anymore…
I’m pretty sure the US Department of Justice Antitrust Division, the Federal Trade Commission, and the European Commission Directorate-General for Competition have the power to reign in Google significantly, but whether that actually happens depends on who controls their purse strings and whom they’re taking their marching orders from. I wouldn’t look to any US federal authorities to step up to the plate.
I really hope so, but I’m not holding my breath!
I’m not a hacker (or even a techie, really), so this might be a dumb question, but does this built-in code make it easier for an uninvited third party (including Google) to remotely activate your computer’s microphone and monitor the feed, or is that already trivial? In the future, are laptops, tablets, all-in-ones, and monitors going to need hardware switches to physically disable built-in microphones and webcams? (I can put electrical tape over my webcam, and I can make a
tin-foil hat for my head, but what can I do to physically mute my built-in microphone? Put chewing gum on it?)
I never understood the enthusiasm for Google Chrome. Was it the initial simplicity? The initial apparent speed with no extensions installed and only one open tab? Do its biggest fans have cutting-edge gaming rigs? It was convenient that Flash Player was built in — updating Flash plugins for Internet Explorer x64, Firefox x86, and Pale Moon x64 is tedious — but compared to Firefox and (especially) Pale Moon, the user had much less control over the user interface and how the browser works. When I had only 4GB of RAM, Google Chrome with only three or four extensions and a few open tabs took forever to load and ran significantly more slowly than Firefox or Pale Moon with fifty extensions and fifty-plus open tabs. (In fairness, though, I have unpinned tabs in Firefox and all tabs in Pale Moon set to “load on demand,” and I hadn’t installed FooTab in Chrome.) It seemed to be a bigger memory hog than Firefox when Firefox still had serious memory leaks. And then, there was the issue of covert telemetry, tracking, and data-mining — privacy. For all those reasons, I uninstalled it, and even though I have since upgraded to 8GB of RAM, I still haven’t reinstalled it. I recall really “needing” it only once, for a Costco customer-service page that would not run in Firefox, Pale Moon, or plain-vanilla Internet Explorer. If I need it again for that reason, I’ll reinstall it with no extensions and then uninstall it when I’m finished, as I can do without its automatically scheduled background tasks.
@MarkB: “The greatest trick Google ever pulled was convincing the world they weren’t evil.” Nice reference to Keyser Söse and Charles Baudelaire!
It is never in a functional law abiding adults best interest to be monitored. It is certainly not in our best interests to be monitored by complete strangers. So how is it that this employee could claim installing even non activated monitoring software is a good for us? If everything stays on LAN or on Device it could be a useful product. But we all know to Google WE are the product. — To answer in the same amount of crazy as that employee. Google is evil, 666 evil. w w w d o t – g o o g l e – d o t c o m is 6 6 6 — seriously though, I never liked chrome and delete it as I find it. I make use of some Google products but take care not to store items I do not want them to use for any purpose like photos and documents.
Pitiful damage control there google!
I’ll continue to not use and heavily distrust google and chrome.
physically removing mics and any sensors seems the only way to keep them out.
I’ll stick with Lynx and Konqueror.
that’s why use palemoon,
In terms of openness I’m not clear on Pale Moon’s status. Check out the odd redistribution guidelines linked to at the bottom of their home page. Their insistence on non-standard licensing calls into question their code’s ability to play nice with other open projects.
I’ve heard over time a lot of people include Chrome in open source conversations but I’ve always responded:
1. Only *part* of the browser is open
2. It’s BSD so they can go a close-source route at any time
3. It’s open insofar as it works with Google’s objectives
I’ve never had specific example of #3 until I read this in the response Martin linked to above:
“The key here is that Chromium is not a Google product (we do not directly distribute it, or make any guarantees with respect to compliance with various open source policies). Our primary focus is getting code ready for Google Chrome.” [ https://code.google.com/p/chromium/issues/detail?id=500922#c6 ]
As Google Android has run into similar issues of being only semi-open, I’m not surprised to see this and I expect to see more of this in the future. I’ll only consider using a browser with a share-and-share alike license like the MPL or GPL (Firefox, SeaMonkey, QupZilla). It’s not a perfect solution but legal frameworks like these are a strong step toward enforcing open coding and protocols.
” I’ll only consider using a browser with a share-and-share alike license like the MPL or GPL (Firefox, SeaMonkey, QupZilla). It’s not a perfect solution but legal frameworks like these are a strong step toward enforcing open coding and protocols.”
At least you are taking a logical and principled approach. It never ceases to amaze me how many people seem forget that Google is a commercial organisation and seem to think that Google somehow “owes them” something.
PS Mozilla is not perfect either see http://jeremy.linuxquestions.org/2015/06/12/my-frustration-with-mozilla/
… “owes them” something …
Agreed. This is a weird tendency inside freeware as a whole: that users expect their needs and goals to align with the folks creating the software, weather for fun or profit.
I want to add that licensing is actually only a means to affect change as a last resort: it’s the ability to fork the project if things *really* go sideways. You increasingly cannot do that in any meaningful way with Android and — with moves like this — on Chrome because the closed features become too important to the userbase. Forking something that can’t do anything meaningful is pointless. It’s why FreeBSD doesn’t really compete with Mac OS (which was build from FreeBSD): the closed source bits are what everyone wants.
its good to stick with Palemoon instead of chrome.
Has anyone watched Tom Clancy’s NetForce? If not go take a watch…. You will see where this is going. Chrome Browser = Janice Browser
So is the microphone turned on by default in windows versions? How would you turn it off?
I read about this the other day and started looking for a chrome replacement just like I looked for (and found) a firefox replacement. Opera 30 is actually pretty good. With a few add-ons it’s 100% usable. I’m still getting use to the huge bookmarks/speed dial, but everything else run fast and nothing’s crashed, nothing runs after I shut it down, and nothing is recording everything I do without telling me.
My voice search on Windows 8.1 is enabled but I don’t have the settings checkbox to disable it. Version 43.0.2357.124 m
I don’t see the problem here. Everyone knows phone company employees listen in on phone calls for entertainment. No one is complaining about that. Millions worldwide listen to your cellphone calls, karaoke machines, wireless mics, and many other things that have antennas with an altered police scanner. No one seems to be upset about any of that. So why do you care if Google employees listen to your searches?
There is even a magazine for that http://www.monitoringtimes.com/ that recently ceased publication. Radio Shack sells frequency guides.
I learned all of this when I was into Amateur Radio in the 1980s.
I thought that Radio Shack
had (sadly) closed all their stores
in 2014?…
I care because it is not their business to listen to me and because I believe in privacy. And I talk both about Google and any other part that might be inclined to monitor my communications.
You may not care about the privacy but what about the resorce drain?
Do you really want your mic running all the time? in the future would you really like your mic and webcam running all the time steaming to an unknown server? Sure you don’t care about the privacy, but will you care when your internet speeds start lagging for no good reason? Will you care when your cellphone data is used up at 2-3x the normal rate, will you care when your ISP sends your threating letters about hiking your rates when you cross the often invisable 250GB a month limit? Will you care when your frame rate in games goes down because of all the BS crap google dose in the background? Will you care when your cellphone batterlife gose down even faster? (Recently I switched from Chrome to FireFox on my phone and gained 12~24 hours of battery life per charge cycle. Everything is the same except for I removed chrome and installed firefox.)
privacy is not the major issues here, it’s just a minor side gripe.
If anyone says they don’t care about privacy their lying to you, everyone has lock on their doors, curtains on windows, and wear cloths when they leave the house, use password on email accounts, if they didn’t care about privacy then why in their everyday life do they take action to keep things private.
All the examples Dwight Stegall raised are either illegal, being performed in a public space, or lack the ability to link an individual to the data over a protracted time.
Because a bunch of creeps choose to listen in to people’s communications means we shouldn’t care when somebody else gets in on the game? What abysmal logic.
So if your computer had a webcam and it was “always” video recording/streaming you and sent to some other server, even when you weren’t using it, you wouldn’t mind? Essentially the same concept. The phones, wireless mics, etc weren’t transmitting audio while it wasn’t being used.
Fully agree with you ! Chrome is and will be the only one for me.
Hmmm…..I agree that there is a lack of transparency but is anybody really suggesting that Google might eavesdrop on conversations going on in the vicinity of the computer/device ?
Yes. Both Google and whomever might compel them to do so. Why wouldn’t they, when they do it with every other form of data they can get?
Maybe not today, but if the possibility exists I wouldn’t rule it out in the future… So it boils down to the simple question: “Do you trust Google?”
I’ve had trouble with the idea of trusting them since this was reported a few years ago: http://www.theguardian.com/technology/2010/may/15/google-admits-storing-private-data
Of course I didn’t buy it was an accident of using legacy code.
No matter what Mozilla do, it will never be as nefarious as Google. I’ll be sticking with Firefox for better or worse until a non-profit competitor comes up with something better. The greatest trick Google ever pulled was convincing the world they weren’t evil.
This is the Debian version. I checked my Windows desktop Chromium at chrome://voicesearch and here are the results –
About Voice Search
Chromium 42.0.2279.0 ()
OS Windows 7 or Server 2008 R2 SP1
NaCl Enabled Yes
Microphone Yes
Audio Capture Allowed Yes
Current Language en-US
Hotword Previous Language
Hotword Search Enabled No
Always-on Hotword Search Enabled No
Hotword Audio Logging Enabled No
Field trial
New Hotwording Enabled Yes
Start Page State No Start Page Service
Extension Id undefined
Extension Version undefined
Extension Path undefined
Extension State undefined
Shared Module Id undefined
Shared Module Version undefined
Shared Module Path undefined
Shared Module State undefined
The code landed in Chromium 43 as far as I know.
Thanks for the info. Is there a link to some reference pages to detail what all Chrome and/or Chromium have like this in their Windows versions? I’d like to know what all there is as many people just assume Chrome is safer because of the sandbox info from the past.
…. I may not like palemoon but it’s my main browser now. Google, MS, and Zilla have all lost my faith in them to do the right things. Personally I wished Opera was still running presto than we would still have a real viable 4th option.
This type of thing is why I refuse to use any browser based on Google’s Chrome, it’s well known that Google’s up there with the NSA & GCHQ when it comes to collecting peoples private data.
Completely deleted Google Chrome, clean Temp file, junk file, registry and stick with Palemoon.
+1, my friend…
just did EXACTLY that.
Thanks for making us aware, Martin.
– Pale Moon 25.5.0 and FF 37.0.2
– Ubuntu Linux 12.04 (32-bit)
– Samsung Tablet Galaxy Tab3 / Android 4.2.2