Google criticised for ‘opaque’ audio-listening binary in Debian’s Chromium browser
Fri 19 Jun 2015
Controversy has stirred in the Linux community since a bug report about Google’s Chromium browser was logged on Tuesday at Debian. Yoshino Yoshihito said in the report ‘After upgrading chromium to 43, I noticed that when it is running and immediately after the machine is on-line it silently starts downloading “Chrome Hotword Shared Module” extension, which contains a binary without source code,’
The module in question is related to the ‘hotword’ functionality that Google has developed for Chrome, wherein Chrome monitors the user’s microphone for the phrase ‘Ok, Google’, and thereafter attempts to convert the user’s speech into a search query. Though Google have described the functionality as passive until the key phrase is spoken – presumably by discarding any input audio waveform which doesn’t have enough points-of-agreement with one generated by saying ‘OK, Google’ (see below) – users have suggested that this still constitutes continuous monitoring on the same kind of scale that has brought the similar audio-listening functionality in Microsoft’s Kinect into disrepute over the last few years.
The binary in question is a native Chrome extension which enables the audio-recognition ‘hotword’ module that facilitates ‘OK, Google’ audio searches. Commenters protested not only that ‘black box’ code was included in a Linux distro repository, but that the module is not listed when browsing Chromium’s extensions.
Matt Giuca from the Chromium development team responded to criticisms at a Google codebase forum
“Since a lot of the discussion is centered around Chromium on Linux, I want to address the concern that Chromium is entirely open source and yet it downloads a proprietary module. The key here is that Chromium is not a Google product (we do not directly distribute it, or make any guarantees with respect to compliance with various open source policies). Our primary focus is getting code ready for Google Chrome. If a third party (such as Debian) destributes it, it is their responsibility to enforce their own policy. And I see that they have now done that (as of 43.0.2357.81-1) by disabling the hotword module. We have also made changes from Chromium 45 onwards to make it easier for third party distributors to disable hotwording,”
Google uses the audio-recognition feature on its Android OS system, but wherever audio-recognition is enabled by the user, ‘audio search history’ is uploaded to Google’s servers, and the waveforms analysed to help Google improve speech-recognition from an individual user. Users can discover what audio information Google has retained from them by going to this URL in any browser where they are logged into their Google account.
To discover if the hotword feature is switched on – and, therefore, if Google is constantly listening to you via Chrome – type chrome://voicesearch/ into Chrome’s URL bar.
At Google’s product forums users of Chrome have expressed concern about the lack of any API access to disable the audio recording capability, though Google maintain that the functionality is dormant until the user hits the microphone icon in a Google search box in Chrome.
Chromium is the open source project from which Google derives its Chrome browser, and widely available through Linux repositories. Including binaries, which represent compiled and non-auditable code, in avowedly open-source software breaks the ethos of OS, since neither developers nor compilers can account for how it will behave within the build – as well as for ethical considerations regarding the end-user’s relationship with the software.
The more opaque Chrome product has a number of differences to open source Chromium – it includes a sandboxed implementation of the Adobe Flash player via the Pepper Plugin API (PPAPI); its Security Sandbox feature cannot be disabled; it contains licensed codecs for AAC, H.264, and MP3; and it provides updates via the Google Update feature, which in Chromium is handled manually via the user’s standard interaction with repositories. Additionally Chrome has crash reporting features not included in Chromium, and tracks users (optionally).
The Opera web browser switched to Chromium as its core in 2013.
