The OpenBSD people implemented an interesting insight recently. Now a microphone attached to a OpenBSD system does not work by default. You need to actively turn on a sysctl as root to activate the microphone. So to get eavesdropping access on a default OpenBSD system you need to root the system, which makes that access somewhat harder to obtain.

The moral here is that microphone access should be treated differently than access to the rest of the audio system. You can get more protection through software than we normally get.

Any software switches can be subverted by malware. But not physical ones. Physical switches and a light (like video cameras used to have when recording) are simple, cheap, and effective. I don't understand why companies don't add them to allay their customers' fears.