There’s a Very Obvious Voice Assistant Hack: Ultrasound
Siri and Alexa can hear more than you can—and that's a problem.
You may have thought that you'd be able to hear any rogue attempts to control your increasingly powerful voice assistant. But it turns out that the hardware and algorithms used to control devices like Amazon's Echo speaker or Apple's Siri can actually hear commands issued via ultrasound, which is above the range of human hearing.
Researchers at Zhejiang University in China have shown that they can encode commands in high frequency sound that are still recognized by voice assistants. They take a regular human voice and use it to modulate an ultrasound signal—much like the way music can be encoded onto radio waves. Turns out, the mic on devices like an iPhone or Amazon Echo speaker can still detect the sound, and their signal-processing software also picks up the voice signals encoded on the wave.
The researchers say that they have been able to activate Siri to initiate a FaceTime call on an iPhone, command Google Now to switch a phone to airplane mode, and even control the navigation system of an Audi. The same trick also works on Cortana and Alexa, too.
It's worth pointing out that this isn't the most surprising of attacks. Researchers have already shown that microphones and speakers on smartphones can be repurposed to send and receive ultrasound. So really it was just a case of finding out if the software responded to signals hidden on high-frequency sound. Clearly, they do.
It's easy enough for manufacturers to safeguard against such attacks by making tweaks to either hardware or software. But given that a sound source needs to be just a couple of meters away from your device for the hack to work in practice, there might not be much need. You either have an intruder in your property or another hacked device in your home playing rogue sound—so you likely have larger concerns than what Alexa is doing right now.
Deep Dive
Computing
How Rust went from a side project to the world’s most-loved programming language
For decades, coders wrote critical systems in C and C++. Now they turn to Rust.
Welcome to the oldest part of the metaverse
Ultima Online, which just turned 25, offers a lesson in the challenges of building virtual worlds.
A new paradigm for managing data
Open data lakehouse architectures speed insights and deliver self-service analytics capabilities.
Three ways networking services simplify network management
The right networking services orchestrate note-perfect network performance.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.