ibusinesslines.com October 21, 2018

Are secret Alexa, Siri and Assistant commands hiding within music?

12 May 2018, 06:00 | Justin Tyler

Are secret Alexa, Siri and Assistant commands hiding within music?

Are secret Alexa, Siri and Assistant commands hiding within music?

For many people, digital assistants have become a party of daily life-you might have Siri set a reminder for an upcoming appointment on your iPhone, or tell Alexa to order more laundry detergent from Amazon. Researchers have stumbled upon the fact that digital assistants can be manipulated using white noise and commands that the human ear doesn't register.

Hackers might not care about your shopping list, but considering 41.4 percent of smart speakers are in the kitchen, it's important to consider whether they could be used to turn on an oven while you're out, or secretly start up a video call. In doing so, they've been able to make these systems dial phone numbers, open websites, and more. The researchers said they were able to send malicious commands to Amazon's Alexa, Apple's Siri, and Google Assistant that were hidden in recorded music or an innocuous-sounding speech.

The researcher added that he's confident he and his colleagues will eventually be able to attack any smart device.

According to Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley, it is only a matter of time before this is exploited. However, he figures "that the malicious people already employ people to do" what he does. Speech-recognition systems typically translate each sound to a letter, and compile these into words and phrases.

I can remember when speech recognition was so poor it was comical, and now only a decade or so later machines can recognize speech as well, if not better, than humans. Makers of these devices have not ruled out the possibility of attacks such as this happening in future, but Apple, Amazon and Google have responded to the research, noting their respective security risk mitigation strategies in place.

They used a technique called DolphinAttack, which translates voice commands into ultrasonic frequencies that are too high for the human ear to recognize.

Music can be transcribed as arbitrary speech, and human beings cannot hear the targeted attacks play out.

Apple said its smart speaker, HomePod, is created to prevent commands from doing things like unlocking doors, and it noted that iPhones and iPads must be unlocked before Siri will act on commands that access sensitive data or open apps and websites, among other measures. During the Urabana-Champaign, they showed that though commands couldn't yet penetrate walls, they still had the potential to control smart devices through open windows in buildings.

Carlini went on to note that: "We want to demonstrate that it's possible, and then hope that other people will say, 'Okay this is possible, now let's try and fix it'".

Other News

Trending Now

Did Gwyneth Paltrow Just Ruin The End Of Avengers 4?!
Seeing Black Widow and Hawkeye once again team-up certainly makes sense, so perhaps there's something to the Avengers 4 rumor. With a number of characters gone, the original Avengers will get the spotlight-likely meaning some of their days are numbered.

RaGa speaks about Sonia's Italian roots, 'she is more Indian than many'
She has suffered for this country. "Atrocities against women is absolutely a political and a national issue". He added that the BJP does not understand the meaning of the term Hindu. "It's a perspective.

Pandora Is No Longer Actively Promoting R. Kelly Music
Universal Music , which oversees XXXTentacion's distributor, Caroline, did not immediately respond to a request for comment. The new public hate content and hateful conduct policy is still fairly new to Spotify .

Lawyer: Trump knew about Schneiderman allegations years ago
That process is being overseen by special master Barbara Jones, who was appointed by Wood late last month. Michael Cohen , President Donald Trump's personal attorney, leaves federal court in NY on April 16, 2018.

Cincinnati Reds taking chance on former Mets ace Matt Harvey
Harvey is taking the rotation spot of a struggling Brandon Finnegan , who has been optioned to Triple-A Louisville. Cincinnati has recorded 20.6 Runs + Hits + Errors per game over its last 10 contests and 19.2 over its last five.

Theresa May told ministers to get 'hands on' over customs dispute
The Foreign Secretary notes how customs policy "is yet to be decided" after launching an attack on one of the PM's options. The cabinet is split over how to manage customs arrangements with the EU.

Dragon float in Disney's Festival of Fantasy Parade catches fire
A Disney spokeswoman says no injuries were reported , and park officials were still trying to determine what went wrong. The guest attached a picture of the fiery aftermath, showing the toasted and still-smoking parade float.