Under Chrome's security model, a website that gets your permission to access your mic and camera once keeps it forever, regardless of which page is loaded -- so you might authorize an app running on one page of Github to use your mic, and thereafter, every Github page you visit can listen in on you automatically, without you getting any indication that this is going on. Google maintains that this is the right way for Chrome to behave -- that it complies with the relevant W3C standard.
Google has created a fix for this, but have not pushed it to Chrome users. If you want to protect your camera and mic from sneaky or unintended remote operation and you use Chrome, you'll need to take some extraordinary measures, which are laid out in this Lifehacker post. The simplest thing is to disable camera/mic access in Chrome altogether, but that sucks if there are some instances in which you'd like to have them switched on.
So where does this leave you? In short, not too far from where you started. The issue with Chrome, and Ater—along with other security experts—insist that it could be exploited and you may never know. While the argument continues on that end, what you can do is review the sites you've allowed to access your microphone and camera in Chrome. It's not difficult. Here's how:
1. Open chrome, and type chrome://settings/contentExceptions#media-stream into the Omnibar.
2. You'll see the Media Exceptions screen, where you can see which hostnames have permissions to your microphone and camera, and which of those two each site has access to.
3. Highlight any site you want to remove, and click the "x" on the right side of the line.
4. Save your changed by clicking Done.
PCWorld also notes that if you prefer, you can just go to: chrome://settings/content Scroll down to Media, and instead of "Ask me when a site wants to use a plug-in to access my camera and microphone" (which is the default setting), select "Do not allow any sites to access my camera and microphone," which is kind of the nuclear option.
How to Stop Web Sites from Potentially Listening to Your Microphone
A new research report from Citizenlab painstaking traces the origins of a series of sophisticated hacking attacks launched at Rori Donaghy, a UK journalist for Middle East Eye who founded the Emirates Center for Human Rights, which reports critically on the autocratic regime that runs the UAE, and 27 other targets.
Big telcos and cable operators demand the right to impose data caps that punish their most enthusiastic customers for using too much Internet (with exceptions to the caps made for services that have paid bribes for “preferred carriage” of course), and they say that it’s simple economics: if you use up more of a service, […]
Many years ago, EFF co-founder John Gilmore and I were discussing the prevalence of botnets, which are commonly used to launch distributed denial of service (DDoS) attacks that overwhelm websites with floods of traffic; John said that if the botnets were really on the rise at the reported rate, we should expect to see a […]
We’d all love a 75-inch TV screen on which to view our favorite shows. But not all of us can drop the cash needed to get one of those broadcasting beauties (or even have the space needed to house them).Thankfully, there’s an alternative. With the SainSonic Mini LED Portable Projector (only $59.99 in the Boing Boing Store), you can project a picture […]
If you want to add some real firepower to your programming repertoire, learn Java–one of the most adaptable, widely-used programming platforms around. You can easily do that with this Ultimate Java bundle, now just $69 in the Boing Boing Store.Across 14 lectures and 117 hours of content, the educators at online academy eduCBA will walk you through […]
Every company wants to harness the power of social media, but few understand how to make that happen. Be one of those select few with this Social Media Marketing Course & Certification package, now just $29 in the Boing Boing Store.Over 12 modules of course material, you’ll learn what it takes to increase a brand’s […]