Submitted via IRC for soylent_red
Using Light Beams to Control Google, Apple, Amazon Assistants
Academic researchers found that certain microphones convert light to sound, allowing voice commands to be sent to voice-controlled (VC) devices like Google Home, Amazon Echo, Facebook Portal, smartphones, or tablets.
Dubbed Light Commands, the attack works from afar by shining a laser beam at microphones that use micro-electro-mechanical systems (MEMS), which convert the light into an electrical signal.
By modulating the intensity of the light beam, MEMS can be tricked to produce the same electrical signals produced by audio commands. With careful aiming and laser focusing, attacks can be successful from as far as 110 meters.
In their experiments, researchers from the University of Electro-Communications in Japan and the University of Michigan tested the attack on popular VC devices.
The voice recognition system in Google Home, Nest Cam, Amazon Echo, Fire Cube TV, iPhone, Samsung Galaxy S9, Google Pixel, and iPad, was tested from various distances.
A Light Commands attack sends inaudible instructions to a voice-controlled device, making it react in a meaningful way. The researchers demonstrated that it can be used to open a garage door or to unlock the front door of a house.
No large investment is needed to pull this off, either. A low-cost setup used by the researchers consisted of a normal laser pointer, a Wavelength Electronics laser driver ($339), and a Neoteck NTK059 sound amplifier ($27.99). A computer that plays the recorded audio commands is also required. Laser beams provide precise aiming, but the researchers showed that Light Commands attacks also work with a laser flashlight (Acebeam W30). From 10 meters, they were able to inject commands into Google Home.
(Score: 2) by NotSanguine on Friday November 08 2019, @04:16AM (4 children)
Beam weapons seem like an expensive way to "control" such devices. A hammer, tire iron or shotgun can do just as good a job, IMHO.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by c0lo on Friday November 08 2019, @04:45AM (1 child)
On the upside, disabling the alarm and make an inconspicuous entry to access the loot - aka former property of the idiot that uses IoT controlled via Google assistant/Alexa? On a budget under $500?
I'd say the thieves guild should lower the professional indemnity insurance premium for any of their members that use this equipment (instead of hammer, tire iron or shotgun).
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 5, Funny) by NotSanguine on Friday November 08 2019, @04:50AM
Thieves? I'm talking about how the owners of these devices should "control" them.
Oh, is this about stealing? Sorry. I didn't read TFS, just the headline.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 1, Informative) by Anonymous Coward on Friday November 08 2019, @02:10PM (1 child)
The advantage this has over a hammer, tire iron, shotgun, or even just an audio player is that you don't have to enter the house - the telescreen just needs to be visible from a window. So no, for some applications, it would be a lot better.
If you combine it with some kind of speech synthesis software, you could theoretically cause it to do anything that the owner could do without the owner being in the house. You could certainly use it to order your neighbor 100 pizzas, but I'm sure the espionage folks will come up with better uses. It's not unrealistic to imagine a court case where the "evidence" is a recording of someone committing murder, only that entire recording was fabricated and beamed into the telescreen from a black van on the street (or possibly a small drone, if it was sitting on the windowsill).
(Score: 2) by NotSanguine on Friday November 08 2019, @02:21PM
Why wouldn't I want to enter my own house?
And I'll use whatever tools I want to control my own stuff. Not that I would ever buy such a device, except to smash it with a hammer or a tire iron, or give it both barrels.
No, no, you're not thinking; you're just being logical. --Niels Bohr