Sci-tech

Undetectable Commands for Apple's Siri and Amazon's Alexa Raise Serious Security Risks

Undetectable Commands for Apple's Siri and Amazon's Alexa Raise Serious Security Risks”

Even virtual assistants such as Alexa, Google Assistant and Siri are not safe from commands that slip by unheard to the human ear.

Worryingly, the students say the bad actors could use messages hidden within music to unlock doors, access accounts or add items to shopping lists.

This is according to researchers at Berkeley who recently published a paper on it dubbed the CommanderSong concept which shows how voice commands can be hidden inside of music.

Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley and one of the paper's authors, [said that] while there was no evidence that these techniques have left the lab, it may only be a matter of time before someone starts exploiting them.

What these research studies prove is that it's possible to manipulate speech recognition gadgets by making minute changes to speech or other audio files. Speech-recognition systems typically translate each sound to a letter, eventually compiling those into words and phrases.

Researchers at Berkeley said that they can modestly alter audio files "to cancel out the sound that the speech recognition system was supposed to hear and replace it with a sound that would be transcribed differently by machines while being almost undetectable to the human ear". Those same messages could issue commands to the digital assistants, having them perform tasks that their owner didn't intend, The New York Times reported. Last year, researchers at Princeton University and China's Zhejiang University demonstrated that voice-recognition systems could be activated by using frequencies inaudible to the human ear. And Apple noted an iPhone or iPad must be unlocked before Siri will open an app. The receiver must be close to the device, but a more powerful ultrasonic transmitter can help increase the effective range. And another team and the University of IL corroborated the findings and demonstrated that the commands could work as far as 25 feet away from a smart device. While the commands couldn't penetrate walls, they could control smart devices through open windows from outside a building.

It was also able to embed the same command within a four second segment of Verdi's Requiem.

"The song carrying the command could spread through radio, TV or even any media player installed in portable devices like smartphones, potentially impacting millions of users in long distance", the researchers wrote.

How device-makers respond will differ, especially as they balance security easily of use.

Nicholas Carlini, one of the most recent paper's authors, told the Times that he's "confident" his team would soon be able to deliver commands that could exploit any smart device now on the market.



Like this

loading...
loading...

Latest


11 May 2018
Events on tap for Mental Health Week
Research into mental health in construction is still in its infancy, but what we know is that it is a significant issue. Young helped raise awareness about the lack of mental illness help children actually receive.

11 May 2018
Setback for Modi after Trump's withdrawal from Iran nuclear deal
A muted reaction from Iran would paint the U.S.as the aggressor, allowing Iran to more latitude to skirt USA enforcement. It broke through the $60 barrier earlier this year, and now just a few months later, is knocking on the door of $70.

11 May 2018
Gaza tension as hundreds march towards fence with Israel
Indonesian President Joko Widodo (Jokowi) has denounced a unilateral plan by the United States to move its embassy from Tel Aviv to Jerusalem.

11 May 2018
Tripura Chief Minister's Latest: Tagore Returned Nobel Prize In Protest
Tagore had very much accepted the Nobel Prize that he was awarded in the field of literature in 1913 and also being knighted by the British government in 1915.

11 May 2018
Indonesia's Mount Merapi erupts on Java, sparking evacuations
The danger zone has been restricted to a 3km radius from the peak of Mount Merapi . "It was a sudden eruption", Sutopo underlined. Merapi phreatic eruption caused rumbling with medium to strong pressure and height of 5,500 meters from the top of the crater.

11 May 2018
IHH upset by Fortis choice for hospital deal, to seek shareholders' support
Fortis has set up an advisory committee to evaluate offers from suitors vying to acquire the company, or take a stake in it. Starting from first hospital at Mohali in 200, Fortis Healthcare has grown to be a leading healthcare provider in India.

11 May 2018
First Rolls-Royce SUV unveiled
The Rolls-Royce Cullinan has officially entered the unstoppable SUV market and it's the company's first all-wheel-drive vehicle. . The Cullinan stands 1,836 mm high, taller than the Bentayga (1,742 mm) but slightly short of a Range Rover (1,869 mm).

11 May 2018
Nigeria boasts of 19m tax payers
He said the nation had to understand how important the private sector was, "as entrepreneurs are necessary to grow the economy". She said, "By 2019, the growth will be stronger than the present level in 2018".

11 May 2018
Google I/O 2018: Android wants to cure your smartphone addiction
We can also look forward to a streamlined sign-in flow for users on iOS hardware or those connecting through PC browsers. From a list of sub-menus, choose Preferences and then open Assistant Voice and choose the voice you want.

11 May 2018
Minecraft Cross-Platform Patch, Physical Version For Switch Launch June 21
There isn't any further pricing info at present, but mark your calendar if you're interested in grabbing a physical version. If you already own a copy of Minecraft on Nintendo Switch, you'll receive this update for free when it releases on June 21.