NAME THAT TUNE firm Shazam has defended complaints that its software has an always-on feature that listens to everything and anything via a Mac computer's microphone.
The feature was revealed by security researcher Patrick Wardle, who created some software called OverSight that checks for this kind of thing.
He was appalled to discover that an app has been earwigging on everything that he does, and took his complaint to Shazam and the internet.
"Once installed, Shazam automatically begins listening for music ‘ready to name that tune at a moment's notice'. This song identification, or ‘auto tagging' in Shazam's parlance, is, of course, the main functionality of the tool," Wardle said in a blog post.
"Most (security-conscious) users probably don't want Shazam listening all the time. Shazam appears to oblige, seemingly providing an option to disable this listening. However, sliding the selector to 'OFF' did not generate the expected ‘Mic was deactivated' OverSight alert.
"Odd, although this did match what the OverSight user reported to me. My first thought was perhaps OverSight had 'missed' the mic deactivation, or contained some other bug or limitation. However, testing seemed to confirm that OverSight works as expected."
"There is no ‘recording' bug. Shazam takes user privacy very seriously. Shazam does not save or send audio samples," said James Pearson, VP for global communications at Shazam.
"Only digital fingerprint summaries of the audio are sent to Shazam's servers to identify media content in Shazam's databases. As always, for user privacy, the original audio cannot be reconstructed from Shazam audio fingerprints.
"For the Mac, the mic is left on for technical reasons but no audio is processed, so the user's decision not to leverage our app's functionality is fully respected. As such, there is no privacy issue since the audio is not processed unless the user actively turns the app to 'ON'.
"If the mic wasn't left on, it would take the app longer to initialise the mic and then start buffering audio, and this is more likely to result in a poor user experience where users ‘miss out' on a song they were trying to identify."
Wardle had a slightly different response from the firm's support people, who promised that the issue will be considered for future updates. µ
Changes ownership of crucial Linux system folders without users' permission
Could also make them waterproof, well.. kinda
Also, desperate space filling in the pre-MWC lull
Xperia XZ2 and XZ Compact leak in full just days before official launch