Google Believes Unauthorized Audio and Video Recording Not a Flaw
After a bug was discovered on Google Chrome that records audio and video of the web user without permission, developers have claimed that the bug should not be considered as a problem.
The team behind the web browser released a statement regarding the privacy-invading bug that was discovered by AOL web developer Ran Bar-Zik.
Bar-Zik learned that a "red circle and dot" icon would show up when recording an audio or a video stream just like when using the WebRTC protocol. He also discovered that the code that runs the recording does not necessarily need to run on its original tab location where permission should be given before it can be activated. This means that the permission to record audio and video data has been granted to the entire domain even without the knowledge of the user.
Get Our Latest News for FREE
After the web developer reported the bug to Chrome, the web browser released a statement acknowledging the situation.
The post said, "This isn't really a security vulnerability — for example, WebRTC on a mobile device shows no indicator at all in the browser. The dot is a best-first effort that only works on desktop when we have chrome UI space available. That being said, we are looking at ways to improve this situation. I'll put this in our general permissions indicator pool."
This means that the web browser will not receive an immediate fix since Google's developers not recognize it as an alarming security issue.
However, Bar-Zik still mentioned in an interview with Bleeping Computer that the bug can cause more complicated attacks if it is not addressed correctly.
"Real attacks will not be very obvious," the Israeli web developer stated.
To avoid such attacks, it would be advisable for web users to constantly check all the permissions that they grant to websites.
