Google security risks

Closely related to self-defense, this Board focuses in other aspects such as Communications, and Financial.
Post Reply
prophecy
Posts: 99
Joined: Wed Feb 27, 2013 1:59 am

Re: Big Brother

Post by prophecy » Tue Jan 28, 2014 12:40 pm

Given the following information would recommend you remove Google Chrome and other Google products from your PC ( Personally I have never used and will not use Google products )

Google Chrome can be deliberately compromised by a new exploit which lets malicious sites turn Google Chrome into a listening device, one that can record anything said in your office or your home, as long as Chrome is still running.

How it Works

A user visits a site, that uses speech recognition to offer some cool new functionality. The site asks the user for permission to use his mic, the user accepts, and can now control the site with his voice. Chrome shows a clear indication in the browser that speech recognition is on, and once the user turns it off, or leaves that site, Chrome stops listening. So far, so good.

But what if that site is run by someone with malicious intentions?

Most sites using Speech Recognition, choose to use secure HTTPS connections. This doesn’t mean the site is safe, just that the owner bought a $5 security certificate. When you grant an HTTPS site permission to use your mic, Chrome will remember your choice, and allow the site to start listening in the future, without asking for permission again. This is perfectly fine, as long as Chrome gives you clear indication that you are being listened to, and that the site can’t start listening to you in background windows that are hidden to you.

When you click the button to start or stop the speech recognition on the site, what you won’t notice is that the site may have also opened another hidden popunder window. This window can wait until the main site is closed, and then start listening in without asking for permission. This can be done in a window that you never saw, never interacted with, and probably didn’t even know was there.

Full link to article : http://talater.com/chrome-is-listening/

To make matters worse, even if you do notice that window (which can be disguised as a common banner), Chrome does not show any visual indication that Speech Recognition is turned on in such windows - only in regular Chrome tabs.
User avatar
editor
Site Admin
Posts: 689
Joined: Thu Feb 21, 2013 9:24 am
Contact:

Google security risks

Post by editor » Tue Jan 28, 2014 8:11 pm

Thanks, Prophesy, for your post on Google Chrome. I've moved it to Security, since this seems more appropriate.
--
Editor
Lawfulpath.com
Eowyn O Rohan
Posts: 2
Joined: Mon Oct 01, 2018 3:13 pm

Re: Google security risks

Post by Eowyn O Rohan » Mon Oct 01, 2018 3:31 pm

Is there a Linux alternative to Android for "SmartPhones" and tablets?
User avatar
editor
Site Admin
Posts: 689
Joined: Thu Feb 21, 2013 9:24 am
Contact:

Re: Google security risks

Post by editor » Mon Oct 01, 2018 7:47 pm

Eowyn O Rohan wrote:
Is there a Linux alternative to Android for "SmartPhones" and tablets?
Yes, there are alternatives.

Depending on the device, there are some upon which you can install a full GNU/Linux distro. But this rare, and not always desirable. It's still all fairly new; telephony specific apps are not very well supported, and a lot of functionality is experimental. In other words, not really ready for prime time.

However, there is a rich environment of open source and custom Android distros which can be installed to replace the stock Android that comes with many Android-based smartphones and tablets. Some manufacturers are more customization friendly than others. You'll want to check your specific device for compatibility. Some manufacturers, such as LG, habitually lock their bootloaders, so it's impossible to install a custom OS.

The originators of these alternate Android distros was a group that produced CyanogenMod, and which now is called LineageOS. This is still the most mainstream group, and many other custom ROMs (a ROM is the file containing the new OS which gets "flashed" or copied over top of the stock OS) are based on LineageOS.

If your device isn't supported by LineageOS (or even if it is) you might check out the forum at XDA-Developers. You can do a search there for your particular device, and that's where all the developers and modders hang out.
--
Editor
Lawfulpath.com
Post Reply