73 comments

[ 2.4 ms ] story [ 142 ms ] thread
Not OK: Annoying pop-ups begging me to join a newsletter, interrupting my ability to read your blog post. Stop that.
My first thought too! The fact that it happened not once but twice really is inexcusable. Does this sort of nagging really work on anyone?!
(comment deleted)
I've always wondered this. Who would subscribe to a newsletter BEFORE they've read an article on the site?
You are absolutely right guys, I tried to communicate with the popup provider to fix the issue that causes it to display twice, they failed to do that, and I'll replace the provider soon. Thank you.
I got 2 popups, plus there are 2 forms on the page already.
Will be fixed soon. Thank you.
Agree with this sentiment. A popup asking me to subscribe before I read the article, and another when my mouse left focus towards the top of the page (headed to the back button).

Definitely not OK, especially for a tech blog.

I think a very positive change for HN would be to vote down meta-comments about article design/ads/fonts/pop-ups.

I don't see how they add any substance to the discussion. We all got the same pop-up, we all find it annoying. Voting it up to the top of every HN discussion is not likely to change it. Who even knows if the author will ever see this thread.

The topic of this post is whether Google can listen to, and presumably record, our conversations with little to no warning. To me that seems more worth a discussion than yet another pop-up email form.

HN mod dang agrees. Here's his post:

https://news.ycombinator.com/item?id=9238739

> A reader emailed to complain about how this and other HN discussions often become derailed by off-topic carping about blog design. I agree completely. Could there be a more classic form of bikeshedding? It would seem parodic if it weren't sadly real. This has become more of a thing on HN lately. It needs to become less of a thing.

> I don't mean to pick on you personally, or just on this one comment. (Your second sentence alone, by the way, would have been a helpful contribution.) The problem is the tedious stampedes such comments spawn.

I agree. I used to make those comments. I've tried to cut it down.

I generally agree with you. My comment did not add to the discussion meaningfully, and I apologize for that.

I chose to comment because the author of the linked post and the HN submitter are the same person; my reaction came directly from this association. All the same, the remark doesn't belong on HN.

At least as far back as 2011 or so, I noticed that Chrome was causing my computer to behave differently when something was said.

My setup at the time: a mac pro with 3 30" cinema displays.

The first time I noticed it I was several feet away from the computer talking on the phone -- actually about something the NSA probably would have had a keen interest in (the NDAA allowing for indefinite detention was about to be passed and I had just booked a flight to Stockholm) -- when my screens flashed and redrew slowly enough to be noticeable.

It happened more than once during that phone call.

And after I quit Chrome it didn't happen again.

Even during the phone call.

Everybody I mentioned it to seemed to think I was batshit insane. So I stopped mentioning it years ago.

And now that I see this, I'm willing to bet that there's more: a screen-grab capability that never accounted for grabbing 12,288,000 pixels at once.

The Ministry of Privacy (Minipriv) it seems, has had telescreens in our homes for years.

> Everybody I mentioned it to seemed to think I was batshit insane.
This made my day, thank you for such a wonderful bit of satire in the morning!
As this blog post shows, certain system privileges like microphone and webcam access are hard to sneak into black box binaries that are bundled with open source software.
Why was this downvoted, you don't believe stray?
How do I disable this?

chrome://settings/search#voice doesn't show anything

chrome://voicesearch/ shows

Google Chrome 43.0.2357.124 () OS Mac OS X NaCl Enabled Yes Microphone Yes Audio Capture Allowed Yes Current Language en-US Hotword Previous Language en-US Hotword Search Enabled No Always-on Hotword Search Enabled No Hotword Audio Logging Enabled No Field trial Install

Drag Chrome into the trash and empty trash.
Are you trying to unistall a shortcut/link/symlink?
On my computer it's a directory:

$ ls -l | grep Chrome

drwxrwxr-x@ 3 stray admin 102 Jun 19 21:41 Google Chrome.app

> Hotword Search Enabled No

> Always-on Hotword Search Enabled No

It's already disabled.

I don't understand the outrage here. I remember chrome asking me if I want it listening all the time for "Ok Google", I thought "Obviously not" and said no, and that was the end of it.

I've been confused for the whole week about this. Everyone is saying it's enabled by default but it's disabled on my chrome 44 and I don't remember ever disabling it explicitly in settings.
It SAYS it is disabled, but do you know if it can be remotely enabled at will or if they mean it is disabled only to send your search terms and open a google.com page but still enabled for spying?
How do you know that firefox binary can't do that?
Theoretically you could build firefox from source..

But yes, it's still an issue. Does anyone have a solution to trusting GPG keys on company websites? If their website gets hacked, the key could be replaced, the source-control could be replaced and you'd never know..

A bit of analysis of how it actually operates:

On my windows pc chrome only reacts to ok google when you have a new, empty tab, or the google search page open and active as the main tab. Additionally i checked with procmon what network activity chrome was making, and while it starts sending stuff AFTER "ok google" is activated, it doesn't send any between me saying it and chrome confirming it.

The theory that it's a small local plugin is also affirmed by the fact that my cellphone can do "ok google" without any sort of network, and is sometimes tricked into activating by audiobooks that make noises completely unlike "ok google".

I found the plugin installed, but deactivated by default. So, for the story of this dude to make sense, he'd have to have someone at his computer activate it (or if he's using a linux distro, the maintainers might've activated it by default), and would see the light blinking on new tabs and google search pages.

Is your phone tricked by audiobooks playing from the phone itself, or another source? I'd be really surprised if the phone's audio could trigger itself.
My iPhone regularly reacts to words that sounds like "Hey Siri" when I'm listening to audiobooks using the in-built speaker.
Wow, surprising. You'd think they would have that filtered out, just like they have to when taking a call on speaker phone.
This is pure speculation and I'm nowhere near qualified to speak with any accuracy, but perhaps it's the case that the processing requirements would reduce battery life too quickly. Although, having said that, "Hey Siri" only works when the phone is plugged into a power source, unless you use a jailbreak tweak to turn it on all the time.
I first saw this, when i was watching an ad about this feature in the youtube app
Ha, that's great! Shocking whoever came up with that ad idea didn't consider the possibility.
Maybe someone should create a privacy-conscious Chromium fork.

Call it Duck-Duck-Chrome

Whereas Iceweasel is the "free as in freedom" version of Firefox, perhaps the Chromium fork should be a called Dullium.
BlackPolishedChrome.
Black Chrome would actually be a pretty good name.
Finally, a feature that helps me transition back to Firefox or safari.
Okay, so it sends data after you've said the trigger phrase, but not before, that much we've all agreed on. Has anyone determined what it's sending? Hear me out here...

For the trigger to work, which doesn't require key presses or other physical input, the microphone must be active and keeping a buffer of live speech, right? Okay, let's step aside for a moment to examine another piece of technology that keeps a live buffer of streaming media...

I have a TiVo. I love that thing. One of the coolest features is this: TiVo keeps a buffer of live shows on each of its tuners so that, if you opt to record a show that's been on for ten minutes, it can save it from the beginning, literally "capturing and digitally storing the past", once I press "record".

Back to Chrome/Chromium: Until someone determines what it's sending, and their black box makes it difficult to see the source of what audio is encoded and how it's encoded, and given that the technology to keep a rolling buffer of 30 minutes of streaming audio and video has been around in TiVo since, well, the first TiVo... Is it really so hard to believe that Google could be sending packets containing audio spoken in the room before the trigger phrase was captured?

It wouldn't take much for Google to assuage this privacy concern.

1) Opt-in, not opt out

And

2) Show us what's in the black box (or at least publish tcpdump-verifiable specs on what you're transmitting). If there was a debug option to transmit in clear text, and a statement of the audio codec used, that would give me some sense of understanding, even though that still leaves steganography as an option. I don't have enough tin foil for that hat right now.

How would you prove everyone's black box behaves the same way and in certain geographic areas or when it detects certain NSA software or certain keywords on websites it goes into whole room bug-mode?
I couldn't. I didn't say it would make me feel secure, just that it would give me some sense of understanding. It would, at least, prove a modicum of sincerity and authenticity to the otherwise opaque, "just trust us, okay?" position they're currently taking.
The feature is opt-in. What am I missing here?
What Goggle says is op-in to today often turns into op-out tomorrow.
So FUD? What basis is this on? And, more importantly, how is this situation any different than any other binary that have disabled features?

Are people just upset b/c chrome can access the mic and web cam? Browsers have done this for decades.

This is spinning out of control. Regardless of whether the hotword detection is enabled by default or not (it's not), arguing that loading a module may harm your privacy is just plain nonsense. Most of software is loaded as one big, binary blob. It may or may not contain harmful for privacy parts you know or don't know about. The issue is totally orthogonal to how it is loaded. Literally every binary you run may access your microphone and send whatever it wants, wherever it likes, at any time. Until you prove an unwanted transfer of recording you didn't ask for occurs, it is just ranting "binary blobs considered harmful".

The original issue - loading a binary into an supposedly open source browser (Chromium) does make sense and is valid. Making it something else than it is - an issue about Google Chrome and how it loads its modules, shows ignorance or purposeful bloating a news that is not a news.

Please rant on things in the right context. Otherwise you are hurting the case you think you are fighting for.

Are you referring to the article or the general discussion?

I would see your point in general closed-source software but in this case the way the module is loaded does indeed make a difference: it (silently) downloads and installs a closed-source blob with the ability to record audio into a piece of otherwise open source software. Specifically a browser, one of the biggest attack vectors anyway.

Quoting https://code.google.com/p/chromium/issues/detail?id=500922#c...

The significance of this depends on whether you're running Google Chrome (the official distribution) or Chromium. Now, you've reported in your "steps to reproduce" using Chrome on Mac.

If we're talking about Chrome: Google Chrome (as opposed to Chromium) is not open source. It contains various bits of proprietary binary code, and always has. Therefore, whether it downloads the hotword module from the web store, or includes it in the distribution, is irrelevant from a trust standpoint. From our standpoint, the fact that the hotword module is a separate extension (rather than built in to the browser) is an implementation detail.

Since a lot of the discussion is centered around Chromium on Linux, I want to address the concern that Chromium is entirely open source and yet it downloads a proprietary module. The key here is that Chromium is not a Google product (we do not directly distribute it, or make any guarantees with respect to compliance with various open source policies). Our primary focus is getting code ready for Google Chrome. If a third party (such as Debian) destributes it, it is their responsibility to enforce their own policy. And I see that they have now done that (as of 43.0.2357.81-1) by disabling the hotword module. We have also made changes from Chromium 45 onwards to make it easier for third party distributors to disable hotwording (see Issue 491435 ).

Another key point is that the binary blob is not a native executable or library. It is a NaCl module, and therefore subject to the full sandbox of the NaCl platform. The hotword module has the same privileges as any website (except that it automatically has access to the microphone).

-- EOQ --

Also I believe the binary blobs are downloaded from a static address and hopefully signed somehow. The security concern is something I would accept as a valid argument, but if Google domain and whatever certification they use is compromised user has much larger issues than his audio being recorded.

Anyway, I'm trying to fight privacy-wackos that are spawning lately. Privacy is about having a choice to not share. In such meaning you can take almost an arbitrary definition of what you consider private and ask for a way to protect this idea of privacy. It should however not hinder the innovation and prevent developers from building great software. It's ok if I choose to trade some information in exchange for an interesting feature.

There seem to be many people fighting for not giving up their extended vision of freedom, not paying for software in any way, not even ads, and expecting high quality results. "Expecting" is a keyword here. Everybody is very much free to use Firefox, which is considered better for achieving the above results, yet the talk about Chrome shows how many people want to have the cake and eat it (and do it in private so nobody knows, because we all care so much about your f-ing cake).

AFAIK it is a opt-in at least here in France. However ,disabling it should be made easier than going to the params menu.
Are there any countries/jurisdictions/states where this style of Google eavesdropping is or might be illegal? France maybe?
What eavesdropping?
I mean the activating an audio recorder when someone expects privacy. Some European countries are big on that, right? or it might come under wiretapping laws?
First it has to be an activation of an audio recording, isn't?

What audio recording has been activated?

Isn't that what this is? google activating the mic on his webcam to listen for "ok google" without his permission?
Then he has to show that this is the case, isn't?
> While I was working I thought I’m noticing that an LED goes on and off, on the corner of my eyesight.

I'm sorry, this is bullshit. Even if Ok Google is activated it only listen in a new tab.

> Even if Ok Google is activated it only listen in a new tab.

So whenever the author opens a new tab—a thing that I do constantly when I work—the LED goes on and off. What's bullshit about that? Maybe their story is, but I'm not sure why you have a problem with that part.

> So whenever the author opens a new tab

From the blog:

> While I was working I thought I’m noticing that an LED goes on and off, on the corner of my eyesight. And after a few times when it just seemed weird, I sat to watch for it and saw it happening. Every few seconds or so.

Can you tel me when it is stated when a tab is opened.

He claims that Chrome is listening in the background. I repeat, bullshit until he can provide any proof of that.

(comment deleted)
The fact that device manufacturers do not generally provide a PHYSICAL switch to toggle microphone (or camera) connectivity, irrespective of what any software blob might attempt to do, says a lot about the state of respect for user control in this industry.
The fact that device manufacturers do not generally provide a PHYSICAL switch to toggle microphone (or camera) connectivity, irrespective of what any software blob might attempt to do, says a lot about the state of respect for user control in this industry.
SUBSCRIBE TO MY MAILING LIST!!!!!!!! AAAA!!!

how the hell i hate such popups