为什么新的Chrome更新希望许可使用我的相机和音频录制？ -- permissions 领域 和 privacy 领域 和 chrome-for-android 领域 android 相关 的问题

Seriously, it specifically states that it can use the camera and audio recording any time it wants, whether or not I wish it to. Why is Chrome on Android requesting those permissions?

Should I be concerned?

(Emphasis my own.)

The Chrome page in the app store says this about the new permissions:

This version requests two new permissions, Camera and Modify Audio Settings, to support WebRTC, an experimental feature under development.

WebRTC itself is designed to expose your camera and mic to the browser, so that web-apps can implement video-conferencing and other multimedia solutions in-browser.

The WebRTC people have at least nominally considered the privacy implications, by adding an info-bar to Chrome:

Chrome on Windows is said to have access to your camera and mic. So if you use Chrome on Windows (and soon Firefox too) then you are implicitly trusting the vendor of those programs to not take pictures of you when you don't authorize it. The same is true for Android. One hopes that they don't introduce security flaws that allow unauthorized access to the camera/mic by malicious websites.

As to what you can do about it, on a rooted phone you can uninstall Chrome or install a permissions-control app that denies permissions to installed apps. You can switch to a different browser that doesn't support WebRTC. Otherwise you're stuck with what Android provides. If you decide that you trust Microsoft or Apple more than Google, you can switch. Or maybe you trust an open-source Android variant like Cyanogenmod. For myself I consider the fact that Google already has a bunch of apps on my phone which have access to my camera and mic, so if Google wanted to spy on me they already can. Heck, they could build that right into the OS and just not tell anyone.

Google Apps that can access the camera/mic:

• Search
• Voice Search
• Plus
• Translate
• Drive
• Shopper
• Goggles
• Youtube Remote
• Youtube

Not to mention the camera app which is built-in to the phone.

Edit: The question was updated with a screenshot of what the phone shows when you are prompted to update the app. Unfortunately at this time there doesn't seem to be a way for app developers to document why they need particular permissions, except in external sources. For example, this Chrome update states why it needs the permission in the "What's New" page. However, if you don't look there and just see the scary warning, you are left wondering what is going on. As an app developer I wish we could add help text to the permissions page to explain to the user why we need the permissions and how the privacy policy protects the user. Google could certainly make this more usable and less scary.