LWN.net is reporting on a Debian bug report complaining that Chromium, Google’s open source version of their Chrome Browser, was downloading a binary blob after it started. The responsible Debian maintainers did not have access to the code for the blob and had no way of knowing what it did. After a bit of investigation, it appears that the blob—called Chrome Hotword—turns on the computer’s microphone and enables audio capture.
Doubtless, this is to support Google’s OK Google feature that enables audio searching but its stealth installation and the initial absence of a way of disabling it raised serious questions. Even now, the function is enabled by default and the user has to find the—reportedly obscure—control for opting out of the system.
Google says that while the blob is installed and the microphone is turned on, no audio data is transmitted to Google unless the “OK Google” feature in explicitly turned on in the browser. That’s almost surely true too but consider: Google gets a secret warrant from some 3-letter agency and suddenly the government is listening to everything you say. Pre-Snowden that might have been considered paranoid but now we know better.
Falkvinge has a more muscular objection over at Private Internet Access. He explicitly makes the same point: after Snowden, we should trust no one with the ability to listen in on our conversations. Even if the organization providing the capability is completely trustworthy, there is no reason to believe that it won’t be coerced into spying for the government. Nor is there any guarantee that the capability won’t be exploited by criminal elements.
You’d think Google would understand all this and realize that audio searches just aren’t worth the danger to privacy that comes with them. Apparently not.