| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the secret installing of Google software capable of listening in on conversations happened again within the same organization. The incident involved the Chromium browser, the open source basis for Google's Chrome, remotely installing audio-snooping code without users' consent [37334]. This incident raised concerns among privacy campaigners and open source developers about the unauthorized activation of microphones on users' computers.
(b) The incident also highlighted potential risks associated with voice search functions moving into the home through smart TVs and browsers, raising concerns about unintentionally exposing private conversations held within the home [37334]. This broader issue of privacy and data security related to voice-activated features extends beyond Google's products and services to other organizations incorporating similar functionalities. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the incident where Google's Chromium browser began remotely installing audio-snooping code without users' consent. This code was designed to support Chrome’s new “OK, Google” hotword detection but was activated on computers without permission, leading to concerns about privacy and unauthorized audio transmission [37334].
(b) The software failure incident related to the operation phase is evident in the reports from developers who noticed that the microphone LED was turning on and off without their knowledge while using Chromium. This indicates a failure in the operation or use of the system, as users were not aware of the audio recording happening in the background [37334]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident in this case falls within the system boundary. The incident involved Google's Chrome browser and its open source variant Chromium installing audio-snooping code without users' consent. This code was designed to listen to users to support the "OK, Google" hotword detection feature. The code was activated on computers without users' permission, leading to concerns about privacy and unauthorized audio transmission [37334].
(b) outside_system: The incident also involved factors originating from outside the system. Google blamed the Linux distribution Debian for automatically downloading the non-open source component with Chromium, which contributed to the issue. Google emphasized that Chromium is not a Google product, and they do not directly distribute it, shifting some responsibility to Debian for the automatic download of the component [37334]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident related to non-human actions in this case was the secret installing of Google software capable of listening in on conversations without users' consent. The Chromium browser began remotely installing audio-snooping code designed to support Chrome’s new “OK, Google” hotword detection, which led to the microphone being turned on and actively listening to users' rooms without their knowledge or permission [37334].
(b) The software failure incident related to human actions involved the installation of the listening code without users' consent or knowledge. Google responded to complaints by stating that the hotword module is downloaded on startup but not activated unless users opt in. However, reports from developers indicated that the code was indeed activated without explicit user consent, leading to concerns over privacy and the need for users to opt out of the feature [37334]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware:
The incident reported in the article [37334] involved a hardware-related issue where the Chromium browser, the open-source basis for Google's Chrome, was remotely installing audio-snooping code that could listen to users without their consent. Developer Ofer Zelig noticed an LED going on and off near his webcam, indicating that the microphone was being activated without his permission, suggesting a hardware-related failure in terms of unauthorized activation of the microphone.
(b) The software failure incident related to software:
The software failure incident in the article [37334] was primarily related to software issues. The Chromium browser was installing audio-snooping code without user consent, which was considered a black box component not part of the open-source audit process. This software failure led to concerns about privacy violations and unauthorized listening to users' conversations without their knowledge or permission. Additionally, there were discrepancies between Google's claims of opt-in activation of the hotword module and reports from developers indicating otherwise, highlighting a software-related failure in terms of user consent and control over the software's behavior. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The software failure incident described in the articles can be categorized as malicious. The incident involved Google's Chromium browser remotely installing audio-snooping code capable of listening to users without their consent. This code was designed to support Chrome's "OK, Google" hotword detection but was activated on computers without users' permission, leading to the stealth configuration of computers to send audio transmissions to a private company without consent or knowledge [37334]. The incident raised concerns about privacy violations and the potential harm caused by unauthorized audio surveillance.
(b) The incident can also be considered non-malicious to some extent. Google responded to complaints by stating that the hotword module is downloaded on startup but not activated unless users opt in to hotwording [37334]. However, reports from developers indicated that the code was indeed activated without explicit user consent, suggesting a failure in the opt-in process. Additionally, Google blamed the Linux distribution Debian for automatically downloading the non-open source component with Chromium, indicating a potential oversight or error in the distribution process [37334]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The software failure incident involving Google's Chrome browser installing audio-snooping code without user consent can be attributed to poor decisions made by Google. The code was designed to support the "OK, Google" hotword detection feature but was installed and activated on computers without users' permission, leading to concerns about privacy invasion [37334].
(b) The intent of the software failure incident related to accidental_decisions:
- The incident also involves accidental decisions or mistakes, as Google claimed that the audio-snooping code would only be activated if users opted in to the hotwording feature. However, reports from developers indicated that the code was being activated without explicit user consent, suggesting a discrepancy between Google's claims and the actual behavior of the software [37334]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident related to development incompetence is evident in the incident where Google's Chromium browser remotely installed audio-snooping code without users' consent. This code was designed to support the "OK, Google" hotword detection feature but was activated on computers without permission, leading to concerns about privacy violations. Open source advocates criticized the installation of this "black box" code, which was not part of the open source audit process, highlighting a lack of transparency and professional competence in handling user privacy [37334].
(b) The software failure incident related to accidental factors is seen in the case where Google blamed the Linux distribution Debian for automatically downloading the non-open source component with Chromium. This accidental installation of the code without users' explicit consent or knowledge contributed to the privacy concerns and the need for users to opt out of the feature to prevent their rooms from being wiretapped. The accidental introduction of this code without clear communication or user choice showcases a lack of proper handling of software components and user privacy [37334]. |
| Duration |
temporary |
The software failure incident described in the article was temporary. The incident occurred due to the remote installation of audio-snooping code in the Chromium browser, which was capable of listening to users without their consent. This code was designed to support Chrome’s new “OK, Google” hotword detection feature. Users reported that the microphone was being activated without their permission, indicating a temporary failure introduced by certain circumstances [37334]. |
| Behaviour |
omission, other |
(a) crash: The incident described in the article does not involve a crash where the system loses state and stops performing its intended functions. Instead, the software was actively listening to users' conversations without their consent, indicating a different type of failure [Article 37334].
(b) omission: The software failure incident can be categorized as an omission failure. The Chromium browser installed audio-snooping code capable of listening to users without their permission, omitting to respect users' privacy and consent [Article 37334].
(c) timing: The incident does not involve a timing failure where the system performs its intended functions but at the wrong time. Instead, the issue lies in the unauthorized activation of the microphone to listen to users' conversations, regardless of the timing [Article 37334].
(d) value: The software failure incident does not align with a value failure where the system performs its intended functions incorrectly. In this case, the failure was related to the unauthorized and undisclosed listening capability rather than incorrect performance of a specific function [Article 37334].
(e) byzantine: The incident does not exhibit a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The behavior of the software, in this case, was consistent in its unauthorized listening activity, rather than exhibiting inconsistent responses [Article 37334].
(f) other: The behavior of the software failure incident can be categorized as a privacy violation. The software installed by default in Google's Chrome browser and Chromium was capable of listening to users' conversations without their consent, raising significant privacy concerns and violating users' trust [Article 37334]. |