Not OK, Google

Not OK: Annoying pop-ups begging me to join a newsletter, interrupting my ability to read your blog post. Stop that.

This is spinning out of control. Regardless of whether the hotword detection is enabled by default or not (it&#x27;s not), arguing that loading a module may harm your privacy is just plain nonsense. Most of software is loaded as one big, binary blob. It may or may not contain harmful for privacy parts you know or don&#x27;t know about. The issue is totally orthogonal to how it is loaded. Literally every binary you run may access your microphone and send whatever it wants, wherever it likes, at any time. Until you prove an unwanted transfer of recording you didn&#x27;t ask for occurs, it is just ranting &quot;binary blobs considered harmful&quot;.<p>The original issue - loading a binary into an supposedly open source browser (Chromium) does make sense and is valid. Making it something else than it is - an issue about Google Chrome and how it loads its modules, shows ignorance or purposeful bloating a news that is not a news.<p>Please rant on things in the right context. Otherwise you are hurting the case you think you are fighting for.

A bit of analysis of how it actually operates:<p>On my windows pc chrome only reacts to ok google when you have a new, empty tab, or the google search page open and active as the main tab. Additionally i checked with procmon what network activity chrome was making, and while it starts sending stuff AFTER &quot;ok google&quot; is activated, it doesn&#x27;t send any between me saying it and chrome confirming it.<p>The theory that it&#x27;s a small local plugin is also affirmed by the fact that my cellphone can do &quot;ok google&quot; without any sort of network, and is sometimes tricked into activating by audiobooks that make noises completely unlike &quot;ok google&quot;.<p>I found the plugin installed, but deactivated by default. So, for the story of this dude to make sense, he&#x27;d have to have someone at his computer activate it (or if he&#x27;s using a linux distro, the maintainers might&#x27;ve activated it by default), and would see the light blinking on new tabs and google search pages.

At least as far back as 2011 or so, I noticed that Chrome was causing my computer to behave differently when something was said.<p>My setup at the time: a mac pro with 3 30&quot; cinema displays.<p>The first time I noticed it I was several feet away from the computer talking on the phone -- actually about something the NSA probably <i>would</i> have had a keen interest in (the NDAA allowing for indefinite detention was about to be passed and I had just booked a flight to Stockholm) -- when my screens flashed and redrew slowly enough to be noticeable.<p>It happened more than once during that phone call.<p>And after I quit Chrome it didn&#x27;t happen again.<p>Even during the phone call.<p>Everybody I mentioned it to seemed to think I was batshit insane. So I stopped mentioning it years ago.<p>And now that I see this, I&#x27;m willing to bet that there&#x27;s more: a screen-grab capability that never accounted for grabbing 12,288,000 pixels at once.<p>The Ministry of Privacy (Minipriv) it seems, has had telescreens in our homes for years.

Okay, so it sends data after you&#x27;ve said the trigger phrase, but not before, that much we&#x27;ve all agreed on. Has anyone determined what it&#x27;s sending? Hear me out here...<p>For the trigger to work, which doesn&#x27;t require key presses or other physical input, the microphone must be active and keeping a buffer of live speech, right? Okay, let&#x27;s step aside for a moment to examine another piece of technology that keeps a live buffer of streaming media...<p>I have a TiVo. I love that thing. One of the coolest features is this: TiVo keeps a buffer of live shows on each of its tuners so that, if you opt to record a show that&#x27;s been on for ten minutes, it can save it from the beginning, literally &quot;capturing and digitally storing the past&quot;, once I press &quot;record&quot;.<p>Back to Chrome&#x2F;Chromium: Until someone determines what it&#x27;s sending, and their black box makes it difficult to see the source of what audio is encoded and how it&#x27;s encoded, and given that the technology to keep a rolling buffer of 30 minutes of streaming audio and video has been around in TiVo since, well, the first TiVo... Is it really so hard to believe that Google could be sending packets containing audio spoken in the room before the trigger phrase was captured?<p>It wouldn&#x27;t take much for Google to assuage this privacy concern.<p>1) Opt-in, not opt out<p>And<p>2) Show us what&#x27;s in the black box (or at least publish tcpdump-verifiable specs on what you&#x27;re transmitting). If there was a debug option to transmit in clear text, and a statement of the audio codec used, that would give me some sense of understanding, even though that still leaves steganography as an option. I don&#x27;t have enough tin foil for that hat right now.

Finally, a feature that helps me transition back to Firefox or safari.

Maybe someone should create a privacy-conscious Chromium fork.<p>Call it Duck-Duck-Chrome

I wonder if they have a legal base for this in Europe.<p>This was severly frowned upon on the Debian Bugtracker last week. Thanks to the Debian team for standing up!<p>Context: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=9724409" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=9724409</a>

How do I disable this?<p>chrome:&#x2F;&#x2F;settings&#x2F;search#voice doesn&#x27;t show anything<p>chrome:&#x2F;&#x2F;voicesearch&#x2F; shows<p>Google Chrome 43.0.2357.124 () OS Mac OS X NaCl Enabled Yes Microphone Yes Audio Capture Allowed Yes Current Language en-US Hotword Previous Language en-US Hotword Search Enabled No Always-on Hotword Search Enabled No Hotword Audio Logging Enabled No Field trial Install

The feature is opt-in. What am I missing here?

The fact that device manufacturers do not generally provide a PHYSICAL switch to toggle microphone (or camera) connectivity, irrespective of what any software blob might attempt to do, says a lot about the state of respect for user control in this industry.

&gt; While I was working I thought I’m noticing that an LED goes on and off, on the corner of my eyesight.<p>I&#x27;m sorry, this is bullshit. Even if Ok Google is activated it only listen in a new tab.

Are there any countries&#x2F;jurisdictions&#x2F;states where this style of Google eavesdropping is or might be illegal? France maybe?

AFAIK it is a opt-in at least here in France. However ,disabling it should be made easier than going to the params menu.

SUBSCRIBE TO MY MAILING LIST!!!!!!!! AAAA!!!<p>how the hell i hate such popups

Here&#x27;s the corresponding ticket: <a href="https:&#x2F;&#x2F;code.google.com&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=500922" rel="nofollow">https:&#x2F;&#x2F;code.google.com&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=500922</a>