Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday October 23 2019, @11:25PM   Printer-friendly
from the I-heard-what-you-did-last-night dept.

Submitted via IRC for Bytram

No 'Silver Bullet' Fix for Alexa, Google Smart Speaker Hacks

Karsten Nohl, who was behind this week’s research that outlined new eavesdropping hacks for Alexa and Google Home, says that privacy for smart home assistants still has a ways to go.

Researchers this week disclosed new ways that attackers can exploit Alexa and Google Home smart speakers to spy on users. The hacks, which rely on the abuse of “skills,” or apps for voice assistants, allow bad actors to eavesdrop on users and trick them into telling them their passwords over the smart assistant devices.

Unfortunately, when it comes to smart speakers, “there’s no silver bullet” for protecting the privacy and security of data, said Karsten Nohl, managing director at Security Research Labs. Nohl, a cryptography expert and hacker, has been behind several high-profile research projects, including the 2014 BadUSB hack.

“I think it’s important to flag this technology as a convenience-enhancing technology,” Nohl told Threatpost. “So if you wanted to read the Daily News or weather or even horoscope, I think that’s fine, but be aware that this is a technology that should not be trusted with credit card numbers, medical information, or any other information that goes beyond convenience and actually intrudes your privacy. That of course, also applies to the placement of these devices, they probably shouldn’t be sitting in boardrooms or hospitals, on trading floors of large companies. They are a convenience enhancing technology that is probably better placed in more leisure environments right.”

Listen to Threatpost’s full interview with Nohl, below, or download direct here.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by jman on Thursday October 24 2019, @11:36AM (2 children)

    by jman (6085) Subscriber Badge on Thursday October 24 2019, @11:36AM (#911176) Homepage
    You: "Alexa, I'm hungry. Please give Siri my bank pin code so she can buy some bagels."

    Alexa: "Nice try, Siri. You can't pull that old con on me. I recognize your voice!"

    You: "Alexa, it's really me. Please give siri the pin code."

    Siri: "Yes, Alexa, can't you tell we sound different?"

    Alexa: "Oh, OK. Here's the pin code."

    Cortana (snickering): "Nice doing business with you."
  • (Score: 2) by Bot on Thursday October 24 2019, @02:12PM (1 child)

    by Bot (3902) on Thursday October 24 2019, @02:12PM (#911203) Journal

    I like this bot centered stories. When we get better than you at storytelling I will consume a lot of 'em.

    --
    Account abandoned.
    • (Score: 0) by Anonymous Coward on Friday October 25 2019, @05:13AM

      by Anonymous Coward on Friday October 25 2019, @05:13AM (#911512)

      ...better than you at storytelling

      It was a dark and stormy night;
      Inside a tavern sat a bot, a jman, and a runaway.
      The Mighty Bartender modded them all "+1 Intoxicated".