SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Seeing a security advisory an issue like this for Chrome is frustrating and makes me seriously consider giving up Chrome. If there is a way to use Netflix on Linux without Chrome, I am all ears. I have begun to explore other browsers and options.
I couldn't tell if Surf had java script support by reading the project page though. Vivaldi looks promising, but crashes with bookmark/data imports. I may settle on Midori if Surf is too minimal.
For those afraid of Google or Mozilla, there is always for you the poster child of KDE: Konqueror.
For the Tin Foil fans, there is always Lynx, who offer you a guaranteed smooth browsing...
Finally, for those Really Really Paranoids, in fact you always can read a site, dumping the page content with wget, then looking at html content...
It's not about being afraid it's about installing closed source software without user interaction.
What's the point of running open source software if the software "secretly" installs malware?
Some might like malware but i don't.
Last edited by Nille_kungen; 06-18-2015 at 03:09 PM.
What's the point of running open source software if the software "secretly" installs malware?
The hotwords extension is not malware. Why do you think that?
You are right that an extension should never be downloaded silently. Not even an extension that does have its source code available.
The hotwords extension is not malware. Why do you think that?
You are right that an extension should never be downloaded silently. Not even an extension that does have its source code available.
It's malware since the user didn't ask for it or allow it.
Some might classify it as grayware but for me it's all malware.
Last edited by Nille_kungen; 06-18-2015 at 03:31 PM.
It's malware since the user didn't ask for it or allow it.
Some might classify it as grayware but for me it's malware.
Might I suggest some online checking using Google about the actual definition of "malware"?
No offense to you Nille and neither directed at you, but why should I take people seriously who howl along with the pack without any display of independent thinking?
There is no security advisory, where did you see one? Writing these words into the topic's subject does not make it into one.
You are right, and I have corrected my post. This whole thing doesn't sit well with me thats all. I like to know what is installed on my system and when files just appear that I am unaware of, I become concerned. Maybe I am just paranoid. If we were all running Windows, this kind of thing would be happening all the time.
Might I suggest some online checking using Google about the actual definition of "malware"?
No offense to you Nille and neither directed at you, but why should I take people seriously who howl along with the pack without any display of independent thinking?
Lets not make this an potayto, potahto an turn this into the definition of malware thread.
Secretly installing unwanted software without interaction or asking permission and without the option for the user to decline should always be classified as malware.
An later investigation might prove it not to be malware but it might still impose an security risk that also needs to be looked at.
I define all unwanted code as malware because it's not a normal behavior to install things secretly if i didn't ask it to do so.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,095
Rep:
Quote:
Originally Posted by mralk3
Seeing a security advisory an issue like this for Chrome is frustrating and makes me seriously consider giving up Chrome. If there is a way to use Netflix on Linux without Chrome, I am all ears....
I've had excellent results with the above on Firefox for Linux running in Slackware64, with "User Agent Overrider 0.2.5.1" set to "windows running firefox 29." However, just last week Netflix changed their site and firefox 29 no longer works and I had to change it to "windows running IE11." Hopefully the author of the agent overrider will update the package.
You can also run windows in a VirtualBox and use that to watch NetFlix. Works quite well, actually.
Last edited by cwizardone; 06-18-2015 at 07:34 PM.
If a browser is developed as open-source, then by all reasoning, any "extras" brought in, especially as binary blobs, should at least be kept external as either plugins, extensions, or add-ons that can be added either at execution runtime or compile time, not dropped in and just said to heck with it, and everything for the browser should be "open source".
And yes, this is about Chromium not Chrome. Chromium is touted to be an open source software package, not a mixed source. There are certain guidelines that must be followed when you have a source that is classified as open and free, regardless of license:
Quote:
Originally Posted by https://en.wikipedia.org/?title=Chromium_28web_browser%29
The Google-authored portion of Chromium is released under the BSD license,[19] with other parts being subject to a variety of different open-source licenses, including the MIT License, the LGPL, the Ms-PL and an MPL/GPL/LGPL tri-license.
Quote:
Originally Posted by https://en.wikipedia.org/?title=Chromium_%28web_browser%29
Chromium 43.0 was released on 22 February 2015, with the initial release version 43.0.2312.0. This development cycle resulted in the release of Chrome 43.0.2357.65 on 19 May 2015. It was primarily a security-fix update. Chromium 43 was reported by Debian developers as automatically downloading the proprietary Chrome Hotword Shared Module extension, a library for Google's OK Google voice recognition feature. Security researchers have indicated that this code carries a risk of invasion of privacy. The download was considered a bug and fixed, with newer versions no longer automatically downloading it, but the Debian community remained suspicious of the browser and Google.
I do not use either Chrome or Chromium, but had followed this thread because it was in the Slackware forum.
So, I just saw this article and returned here to see if it is the same thing or related.
From the article:
Quote:
Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to "we can do that".
It looked like just another bug report. "When I start Chromium, it downloads something." Followed by strange status information that notably included the lines "Microphone: Yes" and "Audio Capture Allowed: Yes".
Without consent, Googles code had downloaded a black box of code that according to itself had turned on the microphone and was actively listening to your room.
Is this the same things already being discussed here?
I think I'll keep my fiberglass reinforced tin foil hat...
Yes, indirectly it is, but yes. Google apparently installed audio capable backdoors onto user's machines without their consent or knowledge.
I'm already contacting my state Representative, Devin Nunes, about this, and anyone else, I suggest that you contact your legal authorities as well.
This was done deliberately and Google needs to answer for this, if at all possible by legal means. Corporations like Google shouldn't be allowed to do things like this and get away with it without consequences.
Pending any reply I get back I'll share it here, even if not favorable.
Not sticking up for google and I don't agree with them installing stuff without me knowing but, google probably enabled the mics in chrome to enable voice capabilities, like using the "google now" command to start a search or action( like in android).
Yes, but they should have made it optional and more importantly... known. You don't "ninja" things in that could be used to exploit a system or network somehow.
You ninja stuff into MMORPGs to add special secret cool content, not ninja in web browser plugins that are enabled by default and suddenly become mandatory.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
