Shazam has become quite a popular app for those who want to find the name of a song in a second, but it turns out that Mac users are getting some extra features that they didn’t necessarily ask for.
Mac security expert Patrick Wardle has discovered that Shazam keeps the microphone enabled even after the user manually turns it off, which is undoubtedly worrying for users aiming for uncompromised privacy.
The company, however, claims that the simple fact that the microphone stays on is a feature and not a bug, pointing out that the app needs to do that because, otherwise, it would take longer to load and users could miss a song they want to scan.
Shazam’s vice president of global communications James Pearson explains that there are no security risks that come with this bug, as the application does nothing more than to create what he called a “fingerprint” of the song and then match it to other fingerprints that are stored in its database. Nothing is saved, nothing is recorded, he says.
No security risks as of now
Wardle, on the other hand, thinks otherwise and says that developing malware that could take advantage of this “feature” is not that hard.
“We could get creative and easily design a piece of malware that steals this recording without having to initiate a recording itself (which would likely generate an alert),” Wardle stated.
Although it emphases that there’s no security risk involved, Shazam says that an update will be released in the coming days for the Mac version in order to improve the experience. There is no telling if Shazam wants to let users disable the microphone completely or not.
“We are always sensitive to what our users experience and we respect these concerns and take them very seriously,” Pearson explained. “Even though we don’t recognise a meaningful risk, the company will be updating its Mac app within the next few days. Shazam has always learned from and listened to our global community. More importantly, we want our fans to always feel secure about using Shazam on a Mac Desktop.”
Until this update arrives, the company guarantees that there’s no security risk associated with the app and you can continue using it safely because no one is going to record you.
Latest posts by Unallocated Author (see all)
- The Myth Of Coding Bootcamp Job Guarantees - August 9, 2019
- Wifi Pumpkin – WiFi MITM Attack and Audit Framework - August 9, 2019
- TheFatRat – A Convenient Exploitation Tool - August 7, 2019