If you think this is an excusable and responsible statement, raise your hand now.Now, it should be noted that this was Chromium, the open-source version of Chrome.Additionally, he has a tech entrepreneur background and loves good whisky and fast motorcycles."Rules don't apply to her," Fromm said of her mother-in-law.Chromium, the open-source version of Google Chrome, had abused its position as trusted upstream to insert lines of source code that this audit-then-build process, and which downloaded and installed a black box of unverifiable executable code directly onto computers, essentially rendering them compromised.We don’t know and can’t know what this black box does.You can look at the code as it looks right now to see that the code doesn’t do this right now.
This was supposedly to enable the “Ok, Google” behavior – that when you say certain words, a search function is activated. Certainly something that enables eavesdropping of every conversation in the entire room, too. The first was to introduce a practically-undocumented switch to opt out of this behavior, which is not a fix: the default install will still wiretap your room without your consent, unless you opt out, and more importantly, know that you to opt out, which is nowhere a reasonable requirement.In Google Chrome, this is all included from the start.This episode highlights the need for hard, not soft, switches to all devices – webcams, microphones – that can be used for surveillance.Obviously, your own computer isn’t the one to analyze the actual search command. Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… But the second was more of an official statement following technical discussions on Hacker News and other places.That official statement amounted to three parts (paraphrased, of course): 1) Yes, we’re downloading and installing a wiretapping black-box to your computer. We did take advantage of our position as trusted upstream to stealth-insert code into open-source software that installed this black box onto millions of computers, but we would never abuse the same trust in the same way to insert code that the eavesdropping-blackbox we already downloaded and installed onto your computer without your consent or knowledge.