SHAZAM is a godsend when wanting to instantly identify that unknown song playing in the background, but it has a very creepy secret.
When looking at Shazam on Apple computers, a security researcher discovered the microphone remains on in the background even when the application is turned off.
Patrick Wardle discovered the issue after reverse engineering the Shazam app after receiving an email from a source.
“I’m conflicted on whether or not this is a big deal. On one hand, even when you click ‘OFF’ Shazam continues to consume audio off the internal microphone. On the other hand, they don’t appear to process or use this data in any way,” he wrote in a blog.
Vice president of global communications for Shazam James Pearson admitted the company knew of the bug, but claim it has been designed to make the user experience run much smoother.
“Shazam takes user privacy very seriously. Shazam does not save or send audio samples; only digital fingerprint summaries of the audio are sent to Shazam’s servers to identify media content in Shazam’s databases,” he told Motherboard.
“If the mic wasn’t left on, it would take the app longer to both initialise the mic and then start buffering audio, and this is more likely to result in a poor user experience where users ‘miss out’ on a song they were trying to identify.
“Since there is no bug and no privacy issue associated with the current functionality, we do not have reasons to change the existing behaviour.”
While claiming this configuration of the Mac app gives users the best experience and doesn’t pose a security risk, Mr Wardle tells a different story.
“Due to their actions, we could get creative and easily design a piece of malware that steals this recording without having to initiate a recording itself,” he said.
So with Shazam saying it is not going to change the existing behaviour, it might be worth removing the app if you are concerned.
Do you think this is a privacy issue. Continue the conversation on Twitter @mattydunn11.