SoylentNews is people
SoylentNews
Ran Bar-Zik, a web developer at AOL, has discovered and reported a bug in Google Chrome that allows websites to record audio and video without showing a visual indicator.
The bug is not as bad as it sounds, as the malicious website still needs to get the user's permission to access audio and video components, but there are various ways in which this issue could be weaponized to record audio or video without the user's knowledge.
[...] In a private conversation, Bar-Zik told Bleeping Computer he discovered the bug at work while dealing with a website that ran WebRTC code.
[...] When a website receives this permission, it can run JavaScript code that records audio or video content, before sending it over the Internet to the other participants of an WebRTC stream. This recording process is done via the JavaScript-based MediaRecorder API.
[...] Because the permission to access audio and video data was granted for an entire domain, the Israeli developer realized he could start a headless Chrome window (popup) where he could run the code to record audio and video.
Because Chrome shows the red circle and dot icon in a window's tab, the icon doesn't appear for the popup because this headless window doesn't have a tab bar.
Source: BleepingComputer
(Score: 2) by edIII on Thursday June 01 2017, @11:18PM
Nope. Still have audio. Solving it permanently would involve a physical bypass, LED indicator, and the ability to connect to the honey pot [youtube.com] when it is turned off. That way anybody trying to surreptitiously record you gets fake audio and video.
Technically, lunchtime is at any moment. It's just a wave function.