Chromium adds a closed source binary in its latest update

We all know and are aware of the importance of privacy in today's world, companies such as Google, Facebook, Microsoft, among others, are always in the spotlight for these reasons. The important thing is not whether or not we use a product from any of these companies, the important thing is to know at all times what information we are offering.

In the case of Google, many users know that when using Google Chrome we are exposed to our privacy being violated in various ways, and the solution that is normally used is to use Chromium, the browser that serves as the basis for Chrome and is supposed to respect a little more our privacy.

However, according to gHacks.net, an error report in the list of Debian highlighted that in the latest version of Chromium (45.0…), an extension called Chrome Hotword Shared Module, which is updated together with the browser without notifying the user, and which also cannot be deactivated.

This extension apparently aims to use the service «Ok Google»Voice search, and this is where one of the problems lies: the microphone stays on all the time waiting for the user to order a command. I mean, literally Google won't be listening all the time.

Beyond conspiracy theories that if Google as a company listens to us or not, or records what we speak, we are facing a very big problem if a third party manages to violate our browser and intercept everything that is broadcast via microphone.

The community, of course, has not been silent, for the following reasons:

  • No hay un interruptor para desactivar la extensión.
  • Sólo se proporciona un binario, no hay código fuente.
  • La extensión está activada por defecto.
  • La extensión escucha el micrófono.
  • La extensión no aparece en chrome://extensions.

Regardless, there appear to be only two ways to disable (apparently) "Ok Google" in Chromium:

  1. Compile it using the parameter enable_hotwording = 0.
  2. Do not check the "Enable Ok Google to start voice searches" option in Chromium Preferences.

We would have to wait to see what happens with this and I repeat, it is not that now they stop using Chromium if it is their default browser, but keep in mind that if this is implemented, they will have the microphone open, so be careful what they talk 😀


40 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   gilbert said

    how to stop being spied on by google? , use FireFox as browser and Duckduckgo as search engine end.

    1.    diazepam said

      First firefox with its integration with pocket and now this …….

      1.    gilbert said

        that is something optional unlike ok google which is activated by default and endangers your privacy, pocket as long as you do not register and activate it remains as just one more icon, hide it if it hinders you so much: 3

      2.    eliotime3000 said

        Pocket is practically embedded in Firefox, and you have to go to the flags menu to deactivate it, something that already annoys many Firefox users in case the Pocket blob itself is not enough.

        It is possible that later the source code of the speech recognition system came out in the same way that the source code of the Chromium PDF reading system came out, which Opera already lightened it as much as possible.

    2.    jmponce said

      Duckduckgo sucks

      1.    Sli said

        At least respect your privacy, if you don't like it, don't insult and despise the work of others like this and without arguing. If you don't like it, use bing, google, yahoo and keep enriching companies and give them your data, stay in ignorance and stay on your win2

      2.    eliotime3000 said

        DuckDuckGo is a wonder when it comes to searching for bootlegs (it doesn't get in the way of the DMCA like Google does).

      3.    Hello cat said

        Well, use Startpage (startpage.com) if you like Google so much.

      4.    eliotime3000 said

        @Hello_Cat:

        Startpage and IXQuick are essentially two metasearch engines that share the same search engine. DuckDuckGo is also a metasearch engine that collects data from Google, Bing, and Ask Jeeves, so the dependence on Google is in itself concerning.

        And just in case, have you tried Yandex or Baidu?

    3.    MrSister said

      and openmailbox instead of gmail. although the chances of ending up sending an email to someone who does use gmail are like how much? 100%? : (

    4.    pepper said

      I uninstalled Chromium because webRTC cannot be disabled and that is against privacy because it delivers the IP even if a VPN is used, and identifies the browser with a hardware ID, and that cannot be fixed in Chrome.

      You can see the privacy test in the link:

      http://www.browserleaks.com/webrtc

  2.   zagur said

    There is another way to disable "ok google" and that is to install Firefox.

    1.    eliotime3000 said

      Firefox is already more Netscape than Firefox (Pocket Blob, freeware H.264 codecs from CISCO, DRM MSE enabled). At the moment I am happy with Iceweasel.

      1.    elav said

        Pocket can be disabled ¬_¬

      2.    eliotime3000 said

        @Elav:

        At the very least, my Firefox account is synced with Windows Firefox and Iceweasel on my Debian partition, so I immediately disabled it.

  3.   Raul P. said

    They are bombarding free software.

    1.    eliotime3000 said
  4.   Sergio S. said

    In Chrome you can also disable all tracking options, including the one discussed in the note.
    FF stopped serving me for the use that I give the browser for something like 1 year. It really got me a lot slower than Chrome with similar usage. So I stopped using FF completely (I used it for years, but nowadays it's not useful to me).
    I used Chromium for several months, but some issues with video playback and a couple of apps led me to install Chrome to see if the problem would be fixed. I did it and everything went well. I disabled a couple of tidbits to prevent tracking, and added to DuckduckGo plus a couple of extensions (uBlock and Privacy Badger) I think I'm "covered."

    1.    yukiteru said

      Being "covered" is a simple ostrich syndrome that you are suffering from. Chrome spies on you in the most surprising ways, and just to give you a pearl, Chrome sends statistics to Google about everything you do with it, and now it's even able to hear everything you say if you use a microphone.

      1.    Sergio S. said

        Well, that's why I put "covered" with "", so that it is understood that they can always spy on us.
        Likewise, as I said, in Chrome tmb you can disable the option so that they do not hear you as in Chromium. But it is still the Google browser, therefore ... it is up to each one. I try to make him spy on me as little as possible.

      2.    eliotime3000 said

        The monitoring of Google, YouTube and other search activity through ECMAScripts, personal logistics at the level of synchronization of the links visited in each session, refining Google bubble searches ... Everything would have been terrifying if Google had refused to give you all the tracking history that luckily has freed its users (it also allowed me to discover some things that I had given up for lost).

        Good thing the blob was once again exclusive to Google Chrome, so there is no longer so much concern (total, I use Chrome more to watch Netflix than anything else).

  5.   Gregory Swords said

    Yesterday I mentioned on Twitter that this matter had been rectified by the developers » https://code.google.com/p/chromium/issues/detail?id=500922#c30

    1.    diazepam said

      In light of this issue, we have decided to remove the hotwording component entirely from Chromium. As it is not open source, it does not belong in the open source browser.

      Chromium builds from r335874 (version 45) onwards will have hotwording disabled by default and will not download the module. There is no way to enable this feature at runtime. Google Chrome users will be unaffected (although, as always, they will have to opt in using settings before the hotword module will activate).

      If you want a version of Chromium with hotwording, you have to build it from source, with the GYP define "enable_hotwording = 1" (or equivalently, the GN arg "enable_hotwording = true"). This will produce a custom build of Chromium that downloads the proprietary hotword component.

      I have also added a field in the chrome: // voicesearch page (in 45 onwards) to show you whether the hotword module is installable. If that says "No", then it is not possible to opt in to hotwording (either because the language is unsupported, or because it is a Chromium build).

      1.    eliotime3000 said

        In short: take a deep breath, because the speech recognition blob has been removed and will be exclusive to Google Chrome for now. Thanks, Google.

      2.    pepper said

        thanks for installing things behind and if they catch them just act?

        maybe what other surprises does it have

    2.    eliotime3000 said

      And as of version 45, Chromium will no longer accept NPAPI plugins on Windows in the same way as on GNU / Linux.

  6.   snolo said

    What you have to read, these browsers (spyware) do not satiate their efforts to follow them and spy on everything they do, thank goodness that there are browsers like Midori and search engines like DuckDuckGo, for me excellent, they respect privacy and are safe. How to disable Pocket in Firefox? .

  7.   Charles G. said

    What option can I use if I want to have my history and bookmarks synchronized on my devices? I have an ipad, an android and my linux; I use chrome and chromium to keep this in sync and to be able to switch between my devices, what options are there for all these devices if it is not chrome / chromium? I want a browser that works for all 3 ...

    Regards!

    1.    koprotk said

      If it didn't bother you before, it won't bother you now, keep using Chrome / Chromium, plus with the hardware you mentioned I don't think privacy was an issue for you before.

      PS: I also use an Android cell and I use Chrome on the cell.

      regards

  8.   zetaka01 said

    Nobody has thought about mobiles?
    As they say in Star Trek The Wrath of Khan, two-dimensional thinking.

    1.    zetaka01 said

      I too, how to say it without swearing, scared.

    2.    zetaka01 said

      Now we know the reason that while the philosophy of operating systems is to save memory (it is called Linux), or to exceed it so that you increase the hardware (it is called programmed obsolescence), in Android all the available memory is used to start all the applications even if you don't use them.
      Therefore, even if they tell you that Android kills useless processes, it is a lie, it throws them and they reboot themselves.
      That also consumes more battery. Now we know why, and let's not talk about the permissions that an application asks you to install it. A drawing program requires you permissions to access everything, as an example.

  9.   hang up1 said
  10.   linuXgirl said

    Well, I don't have that problem with Chrome / Chromium's "Ok Google", for the simple reason ... that I don't have a microphone. So Google… FKU !!! (Assuming he used it)

  11.   Feank black said

    Dear s,
    starting from the base, that the Linux Kernel itself from version 2.6 has a CODE from the NSA (national security agency) of sunken States ... and everything, including Linux is spying on us.
    Linus torvalds never denied this.
    Selinux, apparmor, etc ... they spy on us and they know what we write all the time.
    look and you will find ... NSA in the linux kernel.
    The worst thing is that these kernel modules cannot be disabled ...
    welcome to the Orwellian world !!
    to the new world order !!

    1.    KZKG ^ Gaara said

      But what are you talking about? … O_O… god…
      http://libuntu.net/2013/09/10/linus-torvalds-responde-que-el-kernel-linux-no-tiene-backdoors-de-la-nsa/

      Read that well, and then carefully draw your own conclusions.

      1.    koprotk said

        I read it and I did not understand anything hahahahaha, but I would not doubt the community, and I suppose that if there is a backdoor they will correct or correct it.

        regards

    2.    Sergio S. said

      Do you really think that in Linux there is a malicious code that spies on us all? And then the community couldn't find anything? Are the thousands of developers who can read the code all clumsy? Good old Richard Stallman doesn't know about this either?

    3.    emo said

      What do you say???.

      Linux has no backdoors.

      1.    elav said

        Do not be bad emo, let him believe it so that he is happy 😀