Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday October 23 2019, @11:25PM   Printer-friendly
from the I-heard-what-you-did-last-night dept.

Submitted via IRC for Bytram

No 'Silver Bullet' Fix for Alexa, Google Smart Speaker Hacks

Karsten Nohl, who was behind this week’s research that outlined new eavesdropping hacks for Alexa and Google Home, says that privacy for smart home assistants still has a ways to go.

Researchers this week disclosed new ways that attackers can exploit Alexa and Google Home smart speakers to spy on users. The hacks, which rely on the abuse of “skills,” or apps for voice assistants, allow bad actors to eavesdrop on users and trick them into telling them their passwords over the smart assistant devices.

Unfortunately, when it comes to smart speakers, “there’s no silver bullet” for protecting the privacy and security of data, said Karsten Nohl, managing director at Security Research Labs. Nohl, a cryptography expert and hacker, has been behind several high-profile research projects, including the 2014 BadUSB hack.

“I think it’s important to flag this technology as a convenience-enhancing technology,” Nohl told Threatpost. “So if you wanted to read the Daily News or weather or even horoscope, I think that’s fine, but be aware that this is a technology that should not be trusted with credit card numbers, medical information, or any other information that goes beyond convenience and actually intrudes your privacy. That of course, also applies to the placement of these devices, they probably shouldn’t be sitting in boardrooms or hospitals, on trading floors of large companies. They are a convenience enhancing technology that is probably better placed in more leisure environments right.”

Listen to Threatpost’s full interview with Nohl, below, or download direct here.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Informative) by Anonymous Coward on Thursday October 24 2019, @12:12AM (3 children)

    by Anonymous Coward on Thursday October 24 2019, @12:12AM (#911050)
    Starting Score:    0  points
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   2  
  • (Score: 2) by Runaway1956 on Thursday October 24 2019, @12:16AM (2 children)

    by Runaway1956 (2926) Subscriber Badge on Thursday October 24 2019, @12:16AM (#911054) Journal

    That might be a better idea. If a million Amazon droids were to return their Amazon spy devices this month, and a million more next month, Amazon might come to understand that they are on the wrong track.

    • (Score: -1, Offtopic) by Anonymous Coward on Thursday October 24 2019, @12:20AM

      by Anonymous Coward on Thursday October 24 2019, @12:20AM (#911056)

      My CoC: do whatever I want to do, and to hell with anyone who is "offended".

      WORD! KEEPIN IT REAL, NIGGA!

    • (Score: 1, Insightful) by Anonymous Coward on Thursday October 24 2019, @01:17AM

      by Anonymous Coward on Thursday October 24 2019, @01:17AM (#911072)

      Sadly the sheeple will not return them, but await SpySpeaker 2.0, then line up to buy it too.
      I agree the Silver Bullet is the trash or a return, but even better is not buying one in the first place.