Users of Google’s Chrome browser are vulnerable to attacks that allow malicious websites to use a computer microphone to surreptitiously eavesdrop on private conversations for extended periods of time, an expert in speech recognition said. The attack requires an end user to click on a button giving the website permission to access the microphone. Most of the time, Chrome will respond by placing a blinking red light in the corresponding browser tab and putting a camera icon in the address bar—both indicating that the website is receiving a live audio feed from the visitor. The privacy risk, according to a blog post published Tuesday, stems from what happens once a user leaves the site. The red light and camera icon disappear even though the website has the ability to continue listening in.