SoylentNews is people
SoylentNews
Experts uncover Google Home flaw that could have affected user privacy:
Some Google Home smart speakers could have been hijacked to control the device remotely, and even listen in on people's private conversations, a security expert has claimed.
The bug was discovered by cybersecurity researcher Matt Kunze, who received $107,500 in bounty rewards for responsibly reporting it to Google.
[...] First, the attacker needs to be within wireless proximity of the device, and listen to MAC addresses with prefixes associated with Google.
After that, they can send deauth packets, to disconnect the device from the network and trigger the setup mode. In the setup mode, they request device info, and use that information to link their account to the device and - voila! - they can now spy on the device owners over the internet, and can move away from the WiFi.
But the risk is bigger than "just" listening to people's conversations. Many smart home speaker users connect their devices with various other smart devices, such as door locks and smart switches. Furthermore, the researcher found a way to abuse the "call phone number" command, and have the device call the attacker at a specified time and feed live audio.
Related: The Suspicion Becomes Real: Hackers Can Take Control of Alexa and Listen to You
(Score: 3, Insightful) by Freeman on Wednesday January 04, @02:33PM (4 children)
I mean, if they aren't, they should.
My brother gave me a Google Home "smart speaker" for my birthday one year. I didn't have the heart to tell him that I wasn't going to try it out at home even, if he paid me to do it. Let alone willingly.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Funny) by Anonymous Coward on Wednesday January 04, @07:20PM (1 child)
Did you put the "Will It Blend" video up, afterward?
(Score: 2) by Freeman on Thursday January 05, @08:22PM
Nope, it stayed in the packaging, until the wife wanted me to do something with it. So, I ripped it apart, yoinked its' battery, and trashed the rest.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 1) by Leno on Thursday January 05, @03:41PM (1 child)
I never quite understood the backlash of these "smart speakers", but the cell phones created by the same corporations seem to be acceptable. It seems like they have way more capabilities to spy on you than a smart speaker. Multiple video cameras, lidar, gps, apis with direct hardware access, with you everywhere you go...
(Score: 2) by Freeman on Thursday January 05, @08:07PM
I purposely disable voice commands, etc. on my phone. My device doesn't need to be imprinted with my voice signature or other biometric data. It doesn't need to be always listening to everything I say. Sure, the phone could be a superb spy device and you are resigning yourself to being tracked when using things like GPS. Those shouldn't be active 100% of the time, though and when you shut it off, it should stay off. The backlash is well and truly deserved. Google, Amazon, et al are trying to monetize every living being on the planet. They don't care about stupid things like "privacy, security, or the well-being of individuals". Look at the likes of Facebook and you can be certain that they don't care about the well-being of individuals, either. They're raking in mountains of cash, so screw you.
To quote a famous Facebook CEO: https://www.theguardian.com/technology/2018/apr/17/facebook-people-first-ever-mark-zuckerberg-harvard [theguardian.com]
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"