Malicious intent can turn Chrome speech recognition into spying device

A speech recognition expert contends malicious players can turn Google's Chrome web browser into a remote listening device.
Chrome microphone 1.jpg
Last year around this time, Google updated Chrome, adding a unique feature to the company’s web browser—Speech Recognition. Six months later, Tal Atar, a SME in this field, discovered what he considered a serious breach of security in the Chrome web browser, and the culprit—speech-recognition.

How Chrome’s speech recognition works

Google created a speech-recognition Application Programming Interface (API) that informs developers building websites how to interact with Google Chrome and the computer’s microphone. The whole purpose is to give visitors to the website the ability to control their experience using voice commands, rather than having to type or click.

What makes the feature interesting is that Google transcribes the voice command into text. After transcription, Chrome sends the text to the website; where the web server deciphers the command, then executes it. Visiting this link will demonstrate the speech-recognition API.

Ater’s contention

When visitors first arrive at a speech-recognition enabled website, they are offered a choice, interface with the website normally, or give the website permission to use the microphone.


Chrome microphone 2.jpg

There should be an indication similar to the slide seen above, notifying that the microphone is active. Ater’s security concern centers on how the web site can enable the microphone without advertising that it is active. One example was what he called a pop-under window:

“When you click the button to start or stop the speech recognition on the site, what you won’t notice is that the site may have also opened another hidden pop-under window. This window can wait until the main site is closed, and then start listening in without asking for permission. This can be done in a window that you never saw, never interacted with, and probably didn’t even know was there.”

This may be a bit difficult to visualize. To clarify the process, Ater created a YouTube video showing how the pop-under window works.

Bottom line, if Ater’s contention is valid, putting Chrome’s speech-recognition API in the hands of an ill-intentioned website developer could turn a remote computer’s Chrome web browser and built-in microphone into a listening device.

How the listening device works

Let’s say a bad guy created a malicious website that uses speech recognition. Upon viewing, the malicious website appears to be an exact duplicate of someone's favorite website. That user receives an email saying there is a gift waiting for him at his favorite website, just click the link. Unknown to this person, it’s a phishing email, and the link sends that person to the malicious website instead. That person is asked to try the new speech recognition feature. They say yes.

According to Ater, this computer is now a remote listening device. The malicious site will be able to monitor everything within range of the microphone, whether the user knows it or not.

Google or Ater, who is right?

Ater first reported his findings privately to Google in September 2013. Ater said Google engineers had a fix within weeks. Then a week ago, with no evidence of Google removing the bug from Chrome, Ater decided to go public:

“As of today, almost four months after learning about this issue, Google is still waiting for the standards group to agree on the best course of action, and your browser is still vulnerable.”

The standards group Ater referred to is the World Wide Web Consortium (W3C). And, Google believes their implementation of the speech-recognition API is in agreement with Section 4, Security and Privacy Considerations of the W3C report about speech recognition.

Ater disagrees:

“[T]he web’s standards organization, the W3C, has already defined the correct behavior which would’ve prevented this… This was done in their specification for the Web Speech API, back in October 2012.”

Options to prevent eavesdropping

I want to reiterate, for speech recognition to work, the visitor must initially give the website permission to use the computer’s microphone. If permission is not given, the exploit falls apart.

There are ways to prevent eavesdropping for those who want to use speech recognition. There are also ways to disable speech recognition completely. For example:

The default setting in Chrome is “Ask if a microphone requires access” (see slide below). One option is to trust that Chrome asking for permission, plus some kind of indication that the microphone is on will be enough security.

Users who visit sites that use speech recognition and want to use it, but do not trust the software indicator have the ability to toggle the microphone on and off as shown below.

Users who are concerned about eavesdropping more than using speech recognition can click on the setting circled in red (as seen below) and leave it.


Chrome microphone 3.jpg

One problem: all of the above options are software based. There is no hard-wired switch to shut the on-board microphone off. For those concerned about this, there are two additional options:

Visit the Web Speech API demonstration website I mentioned earlier. If the microphone is off, you will get verification similar to the slide below.

For those who want to be absolutely sure, physically disable the on-board microphone, and when a microphone is required, plug an auxiliary microphone into the appropriate socket.


Chrome microphone 4.jpg


Information is my field...Writing is my passion...Coupling the two is my mission.


The Other issue this would dovetail with is the "air-gap" transmission tool that allows signals from speaker to microphone. Should be a fun year in security.


According to the report of the  Audio vulnerability, once on, you can seem to turn it off, and if not totally shut down, the app keeps on recording, and the demo shows that key words will also cause reaction in the breach. If this was not a purpose built vulnerability then, it does seem odd that the key words seem to activate the apparently shut down audio application. This is very much a case of watch this space, since the app is very intriguing, even though somewhat nasty.


Once again a useless tool for hackers. Ok yes it might just be  possible to eavesdrop on a computer microphone but why? Who is going to bother? How many of us sit around the computer and list off our bank card or credit card numbers and passwords. Probability of financial gain is near zero. Given that I would suggest hackers have already examined the possible gains and moved on to bigger and better flaws.


Several flaws here IMO.

With 100th of millions of computer, there is a little chance 

somebody is using your microphone. Only if the person knows you

and like to do some damage to you, because of former events, then

it is a possibility. It is not like a virus spreading itself on web.

There will be no chance to have so much data space at all for

all the microphones around the world.

And a person listening just one second to each computer, will need more

the his entire lifetime to control all the computers around the world just what 

it is happen today... Tomorrow will come new data and another lifetime is needed 

for check all this data for one or two seconds each... It's an overwhelming amount

of data. But everybody feels he or she is the center of the world and center of the 

combined world's hacker attack's  

Making your network invisible for everybody outside is a good start. Nobody see your 

computer, nobody is able to find your microphone. On a Mac fully possible, on PC

perhaps not that easy. 



Just to add, the Media settings referenced in the article are currently (Chrome 32.0.1700.102m) found under Settings (chrome://settings), Show advanced settings (link), Privacy section - Content settings... button, then scroll down to the Media settings shown in the article.  Or you can just go to chrome://settings/content


You could also visit the Adobe Flash settings manager and set the permission to always deny or ask...

Michael Kassner
Michael Kassner


Good point, there is also acoustical snooping, where it is possible to tell which keys are pressed by their acoustical signature. 

Michael Kassner
Michael Kassner


You might be surprised. Pay attention to the conversation within sensing distance of work computers or those who are working from home. And researchers have developed acoustical snooping and can tell what keys are being pressed. 

Michael Kassner
Michael Kassner


I suspect you have it wrong. All you have to do is visit a website setup to eavesdrop and if you use Chrome with the default settings, you will setup as a listening site. It is that simple. 

Michael Kassner
Michael Kassner


Thank you, I oopsed and forgot to include the drill down to the actual settings.

Michael Kassner
Michael Kassner


Could you explain what you mean? I am not understanding how that would turn off the microphone off. 

HAL 9000
HAL 9000 moderator

If I understand what the poster was saying by turning off the ability to allow or "Always Deny" it would stop another party external to the device from turning on The Web Cam/Mic and effectively stop the breach.

Of course that would require the user to know what they where doing and how to use the Software which most simply do not.

Most breaches would be stopped in their tracks if the people knew what they where doing or how to use the software, but they all want easy to use hardware & software which they can just use and then expect it to be secure.

Like me on this iPad I just expect it to work and am way too lazy to look at how it works or how to set it up properly. Well not quite that bad but as this is used by several people locking it down isn't going to happen in my lifetime if ever.

Even the simple password that opens the desktop is way too hard for most people and with this I was just using the number 1. I kept getting complaints that others could just turn theirs on and do things why did I have to complicate things by requiring that a password of any type had to be entered?

Things went downhill from that point on and I eventually just gave up and set it to the way that they wanted it to work.

I'm sure if some outsider was of a mind to they could do a similar thing with this over the WiFi network in this house which too is set to the way it was delivered as it works that way so why change it?

The only good thing is that the password on the WiFi Access Point isn't PASSWORD but it's not any better.


Michael Kassner
Michael Kassner

@HAL 9000 

Thanks, Col. Do you think that is a better approach that shutting it off in the web browser?

Editor's Picks