Skip to Content
Artificial intelligence

A New Trick Can Spoof a Speech Recognition AI Every Time

January 10, 2018

Given an audio waveform, researchers can now produce a virtually identical version that makes speech-recognition software transcribe something else entirely.

Backstory: Adversarial examples have fooled plenty of computer-vision algorithms. While all neural networks are susceptible to such attacks, researchers have had less success with audio. Previous attacks were only able to make subtle tweaks to what the software hears.

What’s new: Berkeley researchers showed that they can take a waveform and add a layer of noise that fools DeepSpeech, a state-of-the-art speech-to-text AI, every time. The technique can make music sound like arbitrary speech to the AI, or obscure voices so they aren’t transcribed.

Brace for annoyance: Imagine playing a music video from YouTube on your speakers and having Alexa “hear” an order for two tons of creamed corn. Welcome to AI attack hell.

Deep Dive

Artificial intelligence

Geoffrey Hinton tells us why he’s now scared of the tech he helped build

“I have suddenly switched my views on whether these things are going to be more intelligent than us.”

Deep learning pioneer Geoffrey Hinton has quit Google

Hinton will be speaking at EmTech Digital on Wednesday.

The future of generative AI is niche, not generalized

ChatGPT has sparked speculation about artificial general intelligence. But the next real phase of AI will be in specific domains and contexts.

Video: Geoffrey Hinton talks about the “existential threat” of AI

Watch Hinton speak with Will Douglas Heaven, MIT Technology Review’s senior editor for AI, at EmTech Digital.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.