Experts uncover Google Home flaw that could have affected user privacy:
Some Google Home smart speakers could have been hijacked to control the device remotely, and even listen in on people's private conversations, a security expert has claimed.
The bug was discovered by cybersecurity researcher Matt Kunze, who received $107,500 in bounty rewards for responsibly reporting it to Google.
[...] First, the attacker needs to be within wireless proximity of the device, and listen to MAC addresses with prefixes associated with Google.
After that, they can send deauth packets, to disconnect the device from the network and trigger the setup mode. In the setup mode, they request device info, and use that information to link their account to the device and - voila! - they can now spy on the device owners over the internet, and can move away from the WiFi.
But the risk is bigger than "just" listening to people's conversations. Many smart home speaker users connect their devices with various other smart devices, such as door locks and smart switches. Furthermore, the researcher found a way to abuse the "call phone number" command, and have the device call the attacker at a specified time and feed live audio.
Related: The Suspicion Becomes Real: Hackers Can Take Control of Alexa and Listen to You
Related Stories
The suspicion becomes real: hackers can take control of Alexa and listen to you:
This is a novel method of taking control of a person's Echo speaker. "An attacker could then use this listening function to set up a social engineering scenario where the skill pretends to be Alexa and responds to user statements as if it were Alexa," vulnerability researcher Sergio Esposito told The Register.
Amazon has already patched most of the vulnerabilities, except for one in which a Bluetooth-paired device was able to play audio files created through a vulnerable Amazon Echo speaker, Esposito confirmed. A vulnerability tracked as CVE-2022-25809 which has been assigned a Medium severity level .
Paper (pdf) at arxiv.org.
YouTube video demonstrating an attack.
See also: Ars Technica.
(Score: 5, Insightful) by Subsentient on Wednesday January 04, @08:46AM (2 children)
Smart speakers are largely made to spy on you, it's just usually that data goes back to Google or Amazon.
I'm not surprised there's ways to get around that and send that data elsewhere.
I will never allow one of those things in my house.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 4, Insightful) by crafoo on Wednesday January 04, @04:40PM (1 child)
A huge reason to get these devices into peoples' houses - to listen to as many conversations as possible, from as many people as possible. As many speaking mannerisms as possible, as many subcultures as possible. Full conversation coverage.
The gold rush for big data is real. I'd love to see the training sets for NN's they've built using all of the voice data they've collected. I just assume it's beyond voice as well, and they are building huge relational datasets of what people talk about, when, with who. absolutely priceless data.
(Score: 5, Insightful) by Ox0000 on Wednesday January 04, @05:06PM
Someone else said it here a couple of years ago:
(Score: 3, Funny) by PiMuNu on Wednesday January 04, @12:46PM (5 children)
I wonder if Google smart speakers stuff is going the way of alexa... i.e. in the bin.
(Score: 3, Insightful) by Freeman on Wednesday January 04, @02:33PM (4 children)
I mean, if they aren't, they should.
My brother gave me a Google Home "smart speaker" for my birthday one year. I didn't have the heart to tell him that I wasn't going to try it out at home even, if he paid me to do it. Let alone willingly.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Funny) by Anonymous Coward on Wednesday January 04, @07:20PM (1 child)
Did you put the "Will It Blend" video up, afterward?
(Score: 2) by Freeman on Thursday January 05, @08:22PM
Nope, it stayed in the packaging, until the wife wanted me to do something with it. So, I ripped it apart, yoinked its' battery, and trashed the rest.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 1) by Leno on Thursday January 05, @03:41PM (1 child)
I never quite understood the backlash of these "smart speakers", but the cell phones created by the same corporations seem to be acceptable. It seems like they have way more capabilities to spy on you than a smart speaker. Multiple video cameras, lidar, gps, apis with direct hardware access, with you everywhere you go...
(Score: 2) by Freeman on Thursday January 05, @08:07PM
I purposely disable voice commands, etc. on my phone. My device doesn't need to be imprinted with my voice signature or other biometric data. It doesn't need to be always listening to everything I say. Sure, the phone could be a superb spy device and you are resigning yourself to being tracked when using things like GPS. Those shouldn't be active 100% of the time, though and when you shut it off, it should stay off. The backlash is well and truly deserved. Google, Amazon, et al are trying to monetize every living being on the planet. They don't care about stupid things like "privacy, security, or the well-being of individuals". Look at the likes of Facebook and you can be certain that they don't care about the well-being of individuals, either. They're raking in mountains of cash, so screw you.
To quote a famous Facebook CEO: https://www.theguardian.com/technology/2018/apr/17/facebook-people-first-ever-mark-zuckerberg-harvard [theguardian.com]
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 5, Insightful) by Ox0000 on Wednesday January 04, @03:35PM
These eavesdropping devices are explicitly designed to spy on your conversations. With any in the room, you no longer have private conversations. The owner of the device (which ain't _you_) is involved in every single one, and that owner has only one goal: extract resources from you.
The responsible disclosure game has become a farce! It is not responsible at all to allow the owner of those devices to fix it because then these things continue to exist; the right course of action is to wholesale eliminate these types of devices, to eradicate them from existence.
It would have served humanity much more if they just disclosed the flaw to the public, combined with the biggest advertisement campaign possible; heck, maybe they could have highly targeted home speaker owners via google advertisements to inform them of the trojan in their house.
Yes, I understand that this would make people who invited those devices into their home 'vulnerable', but there is an easy fix for for those people as well: unplug the things, whack them with a baseball bat until they are tiny pieces of dust, and voila: not vulnerable anymore. These are not things you cannot live without.
There was no justification to adhere to the farce that is 'responsible disclosure': if you care about end-user privacy, you don't go and be an enabler for these devices, you help get rid of them.
(Score: 3, Insightful) by maxwell demon on Thursday January 05, @02:51PM
IoT device XY being vulnerable isn't really news any more. Now if some device were found to be actually secure, that would be news.
The Tao of math: The numbers you can count are not the real numbers.