ibusinesslines.com August 18, 2018

Are secret Alexa, Siri and Assistant commands hiding within music?

12 May 2018, 06:00 | Justin Tyler

This is my viewing history and I'm not ashamed. Screenshot Netflix

A viewing history on Netflix shows that someone has been watching many many episodes of'Friends

For many people, digital assistants have become a party of daily life-you might have Siri set a reminder for an upcoming appointment on your iPhone, or tell Alexa to order more laundry detergent from Amazon. Researchers have stumbled upon the fact that digital assistants can be manipulated using white noise and commands that the human ear doesn't register.

Hackers might not care about your shopping list, but considering 41.4 percent of smart speakers are in the kitchen, it's important to consider whether they could be used to turn on an oven while you're out, or secretly start up a video call. In doing so, they've been able to make these systems dial phone numbers, open websites, and more. The researchers said they were able to send malicious commands to Amazon's Alexa, Apple's Siri, and Google Assistant that were hidden in recorded music or an innocuous-sounding speech.

The researcher added that he's confident he and his colleagues will eventually be able to attack any smart device.

According to Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley, it is only a matter of time before this is exploited. However, he figures "that the malicious people already employ people to do" what he does. Speech-recognition systems typically translate each sound to a letter, and compile these into words and phrases.

I can remember when speech recognition was so poor it was comical, and now only a decade or so later machines can recognize speech as well, if not better, than humans. Makers of these devices have not ruled out the possibility of attacks such as this happening in future, but Apple, Amazon and Google have responded to the research, noting their respective security risk mitigation strategies in place.

They used a technique called DolphinAttack, which translates voice commands into ultrasonic frequencies that are too high for the human ear to recognize.

Music can be transcribed as arbitrary speech, and human beings cannot hear the targeted attacks play out.

Apple said its smart speaker, HomePod, is created to prevent commands from doing things like unlocking doors, and it noted that iPhones and iPads must be unlocked before Siri will act on commands that access sensitive data or open apps and websites, among other measures. During the Urabana-Champaign, they showed that though commands couldn't yet penetrate walls, they still had the potential to control smart devices through open windows in buildings.

Carlini went on to note that: "We want to demonstrate that it's possible, and then hope that other people will say, 'Okay this is possible, now let's try and fix it'".

Other News

Trending Now

Dragon float in Disney's Festival of Fantasy Parade catches fire
A Disney spokeswoman says no injuries were reported , and park officials were still trying to determine what went wrong. The guest attached a picture of the fiery aftermath, showing the toasted and still-smoking parade float.

Former NY Assembly Speaker Silver Found Guilty in 2nd Corruption Trial
Silver was found guilty of all seven counts against him, including honest services fraud and extortion. His first conviction came in 2015 but it was reversed in 2017 after the U.S.

Katy Perry's feud with Taylor Swift ends with an olive branch!
Taylor Swift performs in Glendale, Ariz., on Tuesday as part of her Reputation Stadium Tour. Later on, Kim Kardashian West tweeted something seemingly directed at Taylor Swift .

Lightning, Capitals open Eastern Conference Final at Amalie Arena
Nor do coaches or teammates. "I'm happy maybe I had a lite bit of foresight to conserve a little bit before I needed to start". It's part of a league-wide trend, too: The 50 rookie skaters in these playoffs are the most since teams used 54 in 2005-06.

Kyle Dubas Named Maple Leafs GM After Lou Lamoriello's Firing
Lou's son, Chris, is the assistant general manager with the Islanders, so there's an obvious connection there. In 2015, Forbes named Dubas among the sports industry's young stars in its annual Top 30 Under 30 in Sports.

Npower to increase energy bills for 1million customers by £64 a year
Simon Stacey, managing director domestic markets, said: "Announcing this price change today isn't a decision we've taken lightly". The company blamed "wholesale and policy costs" which are "largely outside its control".

NASA Just Unveiled This Awesome, Tiny Helicopter That Will Cruise Over Mars
NASA's Launch Services Program, based at the agency's Kennedy Space Center in Florida, is responsible for launch management. NASA talked about the proposed mission add-on back in 2015 and it's been in development since 2013.