Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday May 13 2018, @05:56AM   Printer-friendly
from the OK-Google-wire-all-funds-please dept.

Researchers have learned to send inaudible commands embedded in white noise, music, or even completely different speech, that can fool the ubiquitous voice-recognition phone-home spy devices that are all the rage lately. Inaudible to you, but indelible commands for the devices.

Per The New York Times:

Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple's Siri, Amazon's Alexa and Google's Assistant. Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio.

Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley...and his colleagues at Berkeley have incorporated commands into audio recognized by Mozilla's DeepSpeech voice-to-text translation software, an open-source platform. They were able to hide the command, "O.K. Google, browse to evil.com" in a recording of the spoken phrase, "Without the data set, the article is useless." Humans cannot discern the command. The Berkeley group also embedded the command in music files, including a four-second clip from Verdi's "Requiem."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by looorg on Sunday May 13 2018, @12:59PM (3 children)

    by looorg (578) on Sunday May 13 2018, @12:59PM (#679171)

    Great. Now they are, trying to, mindcontrol(ing) smartphones. This is going to be funny. They play some music and all of a sudden your phone has bought a few hundred bucks worth of stuff. I guess they are just building on that advertisement from Burger King that triggered Google last time.

    Amazon said that it doesn’t disclose specific security measures, but it has taken steps to ensure its Echo smart speaker is secure. Google said security is an ongoing focus and that its Assistant has features to mitigate undetectable audio commands.

    Waiting for them to go all Sneakers on us ... my voice is my passport, verify me ...

    There is no American law against broadcasting subliminal messages to humans, let alone machines.

    This was somewhat eye opening.

    he Television Code of the National Association of Broadcasters bans “transmitting messages below the threshold of normal awareness.” Neither say anything about subliminal stimuli for smart devices.

    Guess they have to be updated or be made more general then.

    “Companies have to ensure user-friendliness of their devices, because that’s their major selling point,” said Tavish Vaidya, a researcher at Georgetown. He wrote one of the first papers on audio attacks, which he titled “Cocaine Noodles” because devices interpreted the phrase “cocaine noodles” as “O.K., Google.”

    This part just made me laugh.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Sunday May 13 2018, @03:10PM (1 child)

    by Anonymous Coward on Sunday May 13 2018, @03:10PM (#679197)

    Why would these devices be built with microphones that work in the ultrasonic range? While I'm not very likely to ever have one (I'm in the over-60 generation), if I did, it probably wouldn't be very hard to add a low pass filter to the mic, so that it didn't respond to any frequencies beyond my hearing...

    • (Score: 2) by frojack on Sunday May 13 2018, @08:11PM

      by frojack (1554) on Sunday May 13 2018, @08:11PM (#679287) Journal

      "Ultrasound" snuck into the title, but TFS actually doesn't use that word.

      They use words like embedded and hidden and undetectable. Which doesn't necessarily mean you can't hear it.

      Remember the mosquito ring tone? Old farts couldn't hear that, but the speakers in the phones had no trouble playing it. Kids could hear it. Doesn't have to be ultrasound to be undetectable. Half an octave above your hearing is good enough.

      The smaller the mic the higher the frequency it is likely to pick up. Even those tones above human hearing. Not because they WANTED those tones when they designed it, but simply they didn't explicitly build in a filter to exclude them, because it wasn't necessary. Music encoding (packetiziation) would remove it. It wouldn't travel across the net.

      But some, or all, of voice recognition works on the phone. It gets the raw sound.

      Try this: Do what ever you have to do to get your phone into voice input mode.
      (You don't have to use Apple's Siri, Amazon's Alexa or Google's Assistant - simply the voice input feature of your keyboard.)
      Then softly whisper "What time is it?"
      I'm betting you see the text fill in just fine, even with a fan running in the window, or the tv on in the background.

      Yet the person across the room won't hear it. Imagine if you could whisper just barely above human hearing...

      --
      No, you are mistaken. I've always had this sig.
  • (Score: 3, Insightful) by requerdanos on Sunday May 13 2018, @03:34PM

    by requerdanos (5997) Subscriber Badge on Sunday May 13 2018, @03:34PM (#679204) Journal

    Television Code of the National Association of Broadcasters bans “transmitting messages below the threshold of normal awareness.” Neither say anything about subliminal stimuli for smart devices.

    Guess they have to be updated or be made more general then.

    That's nuts, based on a knee-jerk reaction to poor journalism.

    The code bans "transmitting messages below the threshold of normal awareness."

    "Dude, what if, like, I, um, bought a smart assistant, or somethin'? That makes it totally diffrn't right?"

    The code bans "transmitting messages below the threshold of normal awareness."

    Notice how it didn't change? And already bans transmitting subliminal messages, whether you send them to people or frogs or smart devices or martians?

    What update is needed? Do they need to add that phrase "on a computer" or the phrase "on the internet" or the phrase "on _____" (inserting the name of any conceivable voice recognition device)? What would that accomplish? It already prohibits "transmitting messages below the threshold of normal awareness" by its members.

    What change are you calling for? And why?