Google has been stealth downloading audio listeners onto every computer that runs Chrome

[Kurt Buff]

That's pretty easy. Fire up wireshark, look for packets heading to
google-owned addresses.

Kill off processes one by one until you see those packets stop.

You have found your culprit.

Kurt

On Sun, Jun 21, 2015 at 2:28 PM, Tim Beelen <tim at diffalt.com> wrote:
> How do I find out what program is listening to my microphone?
>
>
> On 6/21/2015 4:55 PM, Shelley wrote:
>>
>> ----------
>> On June 21, 2015 1:14:32 PM Seth <list at sysfu.com> wrote:
>>
>>>  from
>>>
>>> https://www.privateinternetaccess.com/blog/2015/06/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/
>>>
>>>
>>> Posted on June 18, 2015 by Rick Falkvinge
>>>
>>> Google Chrome Listening In To Your Room Shows The Importance Of Privacy
>>> Defense In Depth
>>
>>
>>
>> Wow, this is exactly the kind of bullshit- and bullshit response- I'd
>> expect from this duplicitous NSA asset.
>>
>> I keep a seldom-used, older version of chromium on one of my debian
>> laptops so I'll check for this.  My webcam and microphone are physically
>> disconnected anyway, but I still want to see if their spyware has infected
>> my system.  Fuckers.
>>
>> Thanks for posting this; I've been out of the news loop for a couple of
>> days.
>>
>> -S
>>
>>
>>>
>>> Yesterday, news broke that Google has been stealth downloading audio
>>> listeners onto every computer that runs Chrome, and transmits audio data
>>> back to Google. Effectively, this means that Google had taken itself the
>>> right to listen to every conversation in every room that runs Chrome
>>> somewhere, without any kind of consent from the people eavesdropped on.
>>> In
>>> official statements, Google shrugged off the practice with what amounts
>>> to
>>> “we can do that”.
>>>
>>> It looked like just another bug report. "When I start Chromium, it
>>> downloads something." Followed by strange status information that notably
>>> included the lines "Microphone: Yes" and "Audio Capture Allowed: Yes".
>>>
>>> chrome-voicesearch
>>>
>>> Without consent, Google’s code had downloaded a black box of code that –
>>> according to itself – had turned on the microphone and was actively
>>> listening to your room.
>>>
>>> A brief explanation of the Open-source / Free-software philosophy is
>>> needed here. When you’re installing a version of GNU/Linux like Debian or
>>> Ubuntu onto a fresh computer, thousands of really smart people have
>>> analyzed every line of human-readable source code before that operating
>>> system was built into computer-executable binary code, to make it common
>>> and open knowledge what the machine actually does instead of trusting
>>> corporate statements on what it’s supposed to be doing. Therefore, you
>>> don’t install black boxes onto a Debian or Ubuntu system; you use
>>> software
>>> repositories that have gone through this source-code audit-then-build
>>> process. Maintainers of operating systems like Debian and Ubuntu use many
>>> so-called “upstreams” of source code to build the final product.
>>>
>>> Chromium, the open-source version of Google Chrome, had abused its
>>> position as trusted upstream to insert lines of source code that bypassed
>>> this audit-then-build process, and which downloaded and installed a black
>>> box of unverifiable executable code directly onto computers, essentially
>>> rendering them compromised. We don’t know and can’t know what this black
>>> box does. But we see reports that the microphone has been activated, and
>>> that Chromium considers audio capture permitted.
>>>
>>> This was supposedly to enable the “Ok, Google” behavior – that when you
>>> say certain words, a search function is activated. Certainly a useful
>>> feature. Certainly something that enables eavesdropping of every
>>> conversation in the entire room, too.
>>>
>>> Obviously, your own computer isn’t the one to analyze the actual search
>>> command. Google’s servers do. Which means that your computer had been
>>> stealth configured to send what was being said in your room to somebody
>>> else, to a private company in another country, without your consent or
>>> knowledge, an audio transmission triggered by… an unknown and
>>> unverifiable
>>> set of conditions.
>>>
>>> Google had two responses to this. The first was to introduce a
>>> practically-undocumented switch to opt out of this behavior, which is not
>>> a fix: the default install will still wiretap your room without your
>>> consent, unless you opt out, and more importantly, know that you need to
>>> opt out, which is nowhere a reasonable requirement. But the second was
>>> more of an official statement following technical discussions on Hacker
>>> News and other places. That official statement amounted to three parts
>>> (paraphrased, of course):
>>>
>>> 1) Yes, we’re downloading and installing a wiretapping black-box to your
>>> computer. But we’re not actually activating it. We did take advantage of
>>> our position as trusted upstream to stealth-insert code into open-source
>>> software that installed this black box onto millions of computers, but we
>>> would never abuse the same trust in the same way to insert code that
>>> activates the eavesdropping-blackbox we already downloaded and installed
>>> onto your computer without your consent or knowledge. You can look at the
>>> code as it looks right now to see that the code doesn’t do this right
>>> now.
>>>
>>> 2) Yes, Chromium is bypassing the entire source code auditing process by
>>> downloading a pre-built black box onto people’s computers. But that’s not
>>> something we care about, really. We’re concerned with building Google
>>> Chrome, the product from Google. As part of that, we provide the source
>>> code for others to package if they like. Anybody who uses our code for
>>> their own purpose takes responsibility for it. When this happens in a
>>> Debian installation, it is not Google Chrome’s behavior, this is Debian
>>> Chromium’s behavior. It’s Debian’s responsibility entirely.
>>>
>>> 3) Yes, we deliberately hid this listening module from the users, but
>>> that’s because we consider this behavior to be part of the basic Google
>>> Chrome experience. We don’t want to show all modules that we install
>>> ourselves.
>>>
>>> If you think this is an excusable and responsible statement, raise your
>>> hand now.
>>>
>>> Now, it should be noted that this was Chromium, the open-source version
>>> of
>>> Chrome. If somebody downloads the Google product Google Chrome, as in the
>>> prepackaged binary, you don’t even get a theoretical choice. You’re
>>> already downloading a black box from a vendor. In Google Chrome, this is
>>> all included from the start.
>>>
>>> This episode highlights the need for hard, not soft, switches to all
>>> devices – webcams, microphones – that can be used for surveillance. A
>>> software on/off switch for a webcam is no longer enough, a hard shield in
>>> front of the lens is required. A software on/off switch for a microphone
>>> is no longer enough, a physical switch that breaks its electrical
>>> connection is required. That’s how you defend against this in depth.
>>>
>>> Of course, people were quick to downplay the alarm. “It only listens when
>>> you say ‘Ok, Google’.” (Ok, so how does it know to start listening just
>>> before I’m about to say ‘Ok, Google?’) “It’s no big deal.” (A company
>>> stealth installs an audio listener that listens to every room in the
>>> world
>>> it can, and transmits audio data to the mothership when it encounters an
>>> unknown, possibly individually tailored, list of keywords – and it’s no
>>> big deal!?) “You can opt out. It’s in the Terms of Service.” (No. Just
>>> no.
>>> This is not something that is the slightest amount of permissible just
>>> because it’s hidden in legalese.) “It’s opt-in. It won’t really listen
>>> unless you check that box.” (Perhaps. We don’t know, Google just
>>> downloaded a black box onto my computer. And it may not be the same black
>>> box as was downloaded onto yours. )
>>>
>>> Early last decade, privacy activists practically yelled and screamed that
>>> the NSA’s taps of various points of the Internet and telecom networks had
>>> the technical potential for enormous abuse against privacy. Everybody
>>> else
>>> dismissed those points as basically tinfoilhattery – until the Snowden
>>> files came out, and it was revealed that precisely everybody involved had
>>> abused their technical capability for invasion of privacy as far as was
>>> possible.
>>>
>>> Perhaps it would be wise to not repeat that exact mistake. Nobody, and I
>>> really mean nobody, is to be trusted with a technical capability to
>>> listen
>>> to every room in the world, with listening profiles customizable at the
>>> identified-individual level, on the mere basis of “trust us”.
>>>
>>> Privacy remains your own responsibility.
>>>
>>> Rick Falkvinge
>>> ABOUT RICK FALKVINGE
>>> Rick is the founder of the first Pirate Party and is a political
>>> evangelist, traveling around Europe and the world to talk and write about
>>> ideas of a sensible information policy. He has a tech entrepreneur
>>> background and loves whisky. Read more of his articles on his website.
>>>
>>> Twitter |More Posts (91)
>>>
>>
>>
>