Microphone privacy concern
-
Hello everyone,
I realized a privacy concern about microphone that concerned unsuspended whatsweb, and whatsnew, but that could possibly concern many other webapps, or even regular apps.
The concern is that when running those webapps with microphone permission allowed and unsuspended to get notifications, then the subjacent website (in that case whatsapp) can effectively spy on your microphone at any moment, while your phone is suspended and the screen turned off, without you even being notified about that.
I'm going to see what I can do, on the application side, but it's not easy as it seems chromium engine does not allow easily to switch on and off the microphone in the webview, whether we are using electron or on Qtwebengine. You can chose to give or not the permission for the microphone, but when it's given it's hard to revoke without reloading the whole application.
Here are some possible features that could be useful, on the side of the OS:
- Add an icon to the systray when an Application is recording the microphone as KDE does.
- Add an option to disable the microphone for all apps (except maybe the phone app) when the phone is suspended.
- Or Even add an option to automatically diable the microphone for apps that are not in foreground (maybe except if they have a background microphone authorization)
- Add some tools for the apps themself to be able to know wether or not they are recording, and enable/disable or mute/unmute the microphone for themself a the level of pulseaudio. This should be accessible even for a confined app, and through shell command so that is universal.
Any thought on that?
-
I really think that ideally there should be two distinct permissions for the apps:
-
Foreground Microphone: The app can only access the microphone when it is foreground, that would be sufficient for most apps.
-
Background Microphone: That would be usefull for only a small minority of very trusted apps , like phone apps that may need to maintain a call while the phone is suspended.
But it's very different to give the opportunity to spy on the microphone at any moment which is a critical permission, and to allow the app to use the microphone while on foreground which is what most app would need and is way less critical.
-
-
@pparent other then that i totally agree, it might also be a good idea to add like only permission when you need it, why give whatsnew permission to access my microphone all the time? i could also just give it permission when i access a microphone requiered token? even if it is in the forground i barely need it to use my microphone at all.
so that could look like app development:
Forground permission,
Background permission, which i would only need during rare phone calls? and i suposse not even then since it will activate to the forground?and user side:
once or trusted. -
@nbdynl before i continue, append this to camera / location and if possible networking as well.
we want a one time approval option, as well as foreground only. only system apps (like Phone app) should be eligable for background access for services microphone/camera by default, devision as follows:
only phone (the app) has background access to microphone by default
camera should not be accessible on background by default. (any app)
location should not be accessible on background by default (any app)
networking should not be accessible on background by default ,push notifications goes through a push server so not affected if im wrong this can be ammended (any non system app) -
I agree for microphone/camera/location, but for network I do not agree, as for many big services we cannot have official native apps developed specifically for UT and using UT push servers, we currently have to rely on applications running background network operations, in order to get notifications for services that for many are considered like essential ( like Whatsapp or Signal e.g )
-
only phone (the app) has background access to microphone by default
But some other apps may legitimately want to access the microphone when the phone is suspended to make calls. Like for example Signal, for example as Signal UT is based on an open-source app, and not a webapp, I trust it will not spy on the microphone, and calling with the phone screen off can be a nice feature as well.
-
@nbdynl before i continue, append this to camera / location and if possible networking as well.
we want a one time approval option, as well as foreground only. only system apps (like Phone app) should be eligable for background access for services microphone/camera by default, devision as follows:
only phone (the app) has background access to microphone by default
camera should not be accessible on background by default. (any app)
location should not be accessible on background by default (any app)
networking should not be accessible on background by default ,push notifications goes through a push server so not affected if im wrong this can be ammended (any non system app)It would be nice to have an explicit permission for apps that need to run in the background all the time, even if it's something that makes it require review. There are a number of apps that only work properly when unsuspended, or by using an unconfined background daemon. Would be good to converge on a single permission for them.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login