A New Trick Can Spoof a Speech Recognition AI Every Time
Given an audio waveform, researchers can now produce a virtually identical version that makes speech-recognition software transcribe something else entirely.
Backstory: Adversarial examples have fooled plenty of computer-vision algorithms. While all neural networks are susceptible to such attacks, researchers have had less success with audio. Previous attacks were only able to make subtle tweaks to what the software hears.
What’s new: Berkeley researchers showed that they can take a waveform and add a layer of noise that fools DeepSpeech, a state-of-the-art speech-to-text AI, every time. The technique can make music sound like arbitrary speech to the AI, or obscure voices so they aren’t transcribed.
Brace for annoyance: Imagine playing a music video from YouTube on your speakers and having Alexa “hear” an order for two tons of creamed corn. Welcome to AI attack hell.
Deep Dive
Artificial intelligence
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
The viral AI avatar app Lensa undressed me—without my consent
My avatars were cartoonishly pornified, while my male colleagues got to be astronauts, explorers, and inventors.
Roomba testers feel misled after intimate images ended up on Facebook
An MIT Technology Review investigation recently revealed how images of a minor and a tester on the toilet ended up on social media. iRobot said it had consent to collect this kind of data from inside homes—but participants say otherwise.
How to spot AI-generated text
The internet is increasingly awash with text written by AI software. We need new tools to detect it.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.