Defcon, the annual hackers conference, has turned up a new security concern in smart speakers like the Amazon Echo.
Two presenters at the conference, Tencent’s Wu HuiYu and Qian Wenxiang, offered a presentation called Breaking Smart Speakers: We Are Listening to You, which detailed how they had both hacked into an Echo and turned it into a bugging device that could be used to spy on its users.
The attack, in fairness, did not involve an out-of-the-box Amazon speaker: The hack itself involved modifying the device with new parts. Some of those extensions, according to the hackers themselves, actually had to be soldered onto the device. But using that modified Echo, the attackers were then able to turn their attention to an unmodified device, and then use it to break in by connecting the two devices on the same LAN.
Once that connection was made, the modded Echo essentially became a listening bug that relayed any audio from the other speaker. The transmitting speaker, however, showed no signs that it was broadcasting anywhere but within the home it was working in.
Wired explained that the hack works because once the two devices are on the same LAN, hackers can take advantage of the Whole Home Audio Daemon, a software component of Amazon’s speaker. The proper use of that component is to allow Echo devices to communicate with other Echoes across the same network.
That daemon houses a vulnerability that the attackers were able to exploit, using their Echo to gain full control over the target speaker, including the ability to make the Echo play any sound they chose, or to record and transmit audio to a faraway spy.
It is not, admittedly, an easy hack to do, as it requires a hardware reconstruction project and a rather close proximity to the device one is trying to hack.
Still, watchers are concerned, because the Echo is getting more popular by the day, which means it will continue to attract more and more attention from hackers and crackers who will have time and reason to refine their techniques.
Amazon was warned about the security hole before the two programmers presented at Defcon, and there is already a patch in place for the security hole, according to reports in Wired.
Amazon has responded to the vulnerability, noting that “customers do not need to take any action, as their devices have been automatically updated with security fixes,” adding that “this issue would have required a malicious actor to have physical access to a device and the ability to modify the device hardware.”
Still, the hack comes only a month or two since Amazon (as well as Google and Apple) devices were accused of listening to and monitoring their owners, something all the companies that manufacture them have vehemently denied.
Nor is this the first worrying security flaw that has been pointed out in recent memory.
In late May, the techniques known as “voice squatting” and “voice masquerading” were discovered and disclosed in a paper by researchers from Indiana University at Bloomington, the University of Virginia and the Chinese Academy of Sciences.
The hack relies on getting users to interact with malicious apps with names that sound very similar to legitimate apps, and counts on the fact that voice AI still has some difficulty understanding human speech, and can be tricked with homophones.
“One may say, ‘Alexa, open Capital One, please,’ which normally opens the skill Capital One, but can trigger a malicious skill ‘Capital One, Please’ once it is uploaded to the skill market,” the paper stated. Sneaking the skill name “Capital Won” into the market was also a successful way of getting users to unwittingly enter another app entirely, according to researchers.
Both Google and Amazon responded that they are working on their natural language processing, which would make it harder to trick the AI with those kinds of exercises. They also noted that forming the requirements for onboarding a skill into the Alexa marketplace was an ongoing and evolving process.
The good news, so far, is that the hacks and weaknesses, big and small, of smart speakers have thus far been found – and pointed out – by white-hat hackers.
The concern, of course, is that less nobly motivated hackers are out there as well. And as more consumers – and consumer data – become available through online speakers, the black-hats will probably be much less eager to share their discoveries with the world.
To be clear, the actor would only need physical access to their own Echo to execute the hack.
While Amazon has dismissed concerns that its voice-activated devices are monitoring users, hackers at this year’s Defcon proved that they can.