Voice assistants potentially susceptible to inaudible commands

Can you hear me now? No? that’s OK – your Amazon Alexa, Google Home, and Apple HomePod voice assistants probably did loud and clear, and might have executed a command that you never heard.

This is an article about what might happen, not what is happening. As such don’t read as fear mongering, read as “maybe that’s why this seemingly simple feature doesn’t work yet”. That said, if fear mongering will get us more readers, please read it as fear mongering. We’re all going to die from rogue voice assistants.

This is a scenario researchers at U.C. Berkley and Georgetown demonstrated two years ago and over the past couple of years they’ve been working on proof of concept enhancements to hiding the wakeup triggers for various assistants in YouTube videos, music, etc. The goal being to see if they can inaudibly purchase items, unlock doors, or do nefarious deeds. In the name of security you know, not just because they’re bored and want Amazon gift cards shipped to them.

The exploit works by mimicking a wakeup signal using other sounds, or in a pitch that we can’t hear. While I’m sure we’ve all discovered “ok poophole” works if you’ve got a five-year-old in the house, the wakeup calls don’t actually have to be words we can understand. I’ve had a bass line on TV unlock Google Home before. It’s doable.

Google claims they have features to detect undetectable (to our ears,) audio commands, Amazon and Apple claim to have security measures in place to prevent abuse, but the question is whether they’re ready for a full scale test of this and what that might look like when someone gets a set of inaudible commands embedded into Westworld or something.

<inaudible>
OK Google set volume to mute
OK Google, unlock front door…. yes
OK Google, send [email protected] $437.13….yes
OK Google, order my favorite pizza
OK Google, volume 50%
</end>

While the send money feature isn’t there yet as far as I know, that’s yet.

Imagine walking into a store and when you walk out you find your Siri texted a pay for text service, signed you up for an opt-in email list, or emailed off a badly written threat to the President of the United States to Homeland Security and the FBI.

For voice assistants on your phone generally this will only work when unlocked. For the smart speakers in your home, maybe now we know the reason Google Home can’t text, and can only make phone calls when it recognizes a voice.

Scary? A little bit. World shattering? Probably not. Seems fairly easy (in comparison to some of the things manufacturers of smart assistants have done,) to fix. That is, unless I can get you to share by scaring you, in which case we’re all doomed, share with your friends.

[WRAL Tech Wire]
Liked it? Take a second to support Pocketables on Patreon!

Paul E King

Paul King started with GoodAndEVO in 2011, which merged with Pocketables, and as of 2018 he's evidently the owner. He lives in Nashville, works at a film production company, is married with two kids. Facebook | Google+ | Twitter | Donate | More posts by Paul | Subscribe to Paul's posts