In the last days it has been claimed that the popular Chrome browser could allow third party websites to access your microphone and webcam without your consent. While Google itself stated that this is not a bug nor a design flaw, many debates started to rapidly surface around the web after Ran Bar-Zik a senior web developer at America Online stumbled upon a website that was running WebRTC code.

Usually whenever a website or app tries to access your webcam and microphone a small red ball indicates the streaming is live on your current tab. Bar-Zik soon was capable of launching a new pop-up that could receive video and audio data without any indicator. In other words, when an user gives permission to a website to use the computer webcam and microphone in a certain tab, that website or hacker can launch other channels that could end up with privacy violations.

After reporting the threat to Google, the response was that it is not a valid browser flaw and there are not future updates going to be released to patch it. On the other hand Google confirmed that the Chrome deparment will look into the problem and will come with better ways to handle this situation with future releases. “This isn’t really a security vulnerability – for example, WebRTC on a mobile device shows no indicator at all in the browser,” according to a Chromium member . “The dot is a best-first effort that only works on the desktop when we have chrome UI space available. That being said, we are looking at ways to improve this situation.”

The actual bug report that Ran Bar-Zink sent to Google can be found here. A general example of a website that asks for permission to access your camera and microphone then launches a popup to gather data and provides a download link here.

Finally considering that Google is not considering this a design flaw nor a bug users can only stay safe taking really good care what permissions they grant to specific websites.