Computers on Focus - Online Security Guide

04:50 午後
05 十一月 2024

Bug #786909 in Chromium 43.0.2357.65-1 Snoops You on Debian

Bug report #786909 related to Chromium version 43.0.2357.65-1 has been received in Debian bug tracking system on May 27th by a user of the Unix-like computer operating system. It has recently given rise to numerous controversies in the Linux community after uncovering the essence of the bug #786909.
chromium-logo

Bug #786909 Main Point

It comes to a bug that imperceptibly downloads a binary blob file that once downloaded turns on the user’s microphone and starts listening on discussions without asking for permission.

To make the issue more clear and easier to understand , we will introduce you a few additional details for Linux products’ work and Chromium relation with Google Chrome project.

All Linux package distributions are looked over by their programmers especially their source code before installed once. If there is suspicious presence available in the source code and hidden behavior they clear it and then release it for installing. The open sourced version of Google Chrom – Chromium has similar method of development. Programmers test features in Chromium before supplement them to Google’s Chrome main browser.

More Information for the Bug

Its action is caught out in Chromium version 43.0.2357.65-1 on Debian. The binary file mentioned upwards is an extension that is in charge of browser’s voice search feature, and it adds the popular “OK Google” functionality.

The kernel of the problem, in the eyes of Linux community, is the fact this module’s source of Chromium hasn’t been made available to them, and the module activates itself without asking for permission. さらに, “OK Google” module makes decisive changes to the browser’s settings by starting the function of the user’s microphone and snooping surrounding noise.

Google’s View

Google believes that the module will not work even if downloaded. The user has to turn on the ‘Enable “OK Google” to start a voice search’ setting.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.