Digital Assistants Can Hear More Than You Think

rgMekanic

[H]ard|News
Joined
May 13, 2013
Messages
6,943
Your home or phones wiretap digital assistant can hear a lot more than you think. The New York Times is reporting that researchers in China and the United States have begun demonstrating that devices like Siri and Alexa can be vulnerable to hidden commands, not audible to the human ear. In 2016 it was shown that commands could be hidden in white noise played over loudspeakers, but now Berkeley researchers have shown that they can embed commands into recordings of music or spoken text.

It sure will save a lot of broken windows and stolen wallets when a boombox can open your door or transfer your money to the criminal with no hassle right? Seriously, get up and change the thermostat the 4 times per year you need to, and get these creepy things out of your home. Big thanks to modi123 for the story.

"We wanted to see if we could make it even more stealthy," said Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley and one of the paper’s authors. Mr. Carlini added that while there was no evidence that these techniques have left the lab, it may only be a matter of time before someone starts exploiting them. "My assumption is that the malicious people already employ people to do what I do," he said.
 
So now your 13yr old daughter's personalized tracking device can interact with your household monitoring device and helpfully unlock the doors when she is home and you are gone to make it easier for the child slavers to acquire new merchandise without leaving a broken door as evidence. Excellent!
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.

That's the thing, you don't let fear dictate your mind, but you are mindful of it. Its a very powerful basic emotion, one that has gotten us this far. Without fear we're no better than the lemming.

Also, remember to keep your door unlocked when you go to bed tonight, because there is nothing to fear :)
 
I love tech. But I would never allow a listening device that is connected to the internet in my home. Ever. I have nothing to hide, but the level of eavesdropping, and the possible abuse, seriously turns me off.

But, those of you who have them, more power to ya, I'm sure they can come in handy.
 
My downstairs neighbor has an Alexa, its creepy as hell. I was over there to watch something on TV, her and I were having a conversation and all of the sudden Alexa started asking questions & answering search results. :nailbiting:
Must be thin floors if Alexa can hear you and you can hear her through a floor. My Echo is in my living room and the volume is set to be comfortable in that room. If I *yell* across the house to Alexa she can usually hear me, but I can only barely hear her response.

I doubt this is going to end up with some crime tidal wave of gangs exploiting Echos and Siris with silent command transmitters. The news will sensationalize it, just like they did when keyless entry fobs became popular on cars. I still remember one news broadcast with these really thug-looking dudes with a laptop and they were all NCIS on the keyboard next to some car and they managed to get the door open AND get the engine started. Nobody noticed they already had wires running into the car before they started filming. But hey, keyless entry is going to lead to a massive increase in car thefts as thieves just need to h4x0r!!!! (note: since 1990 car thefts have fallen in the US by nearly two thirds)

I'm curious about seeing that example again, but with an Echo in a living room, and the transmitter outside, and the attacker not knowing the precise location of the device.
 
peoplein-thesixties-better-not-say-that-or-the-governmentwill-wiretap-24983486.png
 
I thought I heard about this earlier, and indeed, I did. 2016 there was a flurry of activity about it.

2016.11.03

Dystopian corporate surveillance threats today come at us from all directions. Companies offer "always-on" devices that listen for our voice commands, and marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we'll actually click. Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly science fictional way: with audio signals your phone can hear, but you can't.

The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in advertisements, web pages, and even physical locations like retail stores. These ultrasound "beacons" emit their audio sequences with speakers, and almost any device microphone—like those accessed by an app on a smartphone or tablet—can detect the signal and start to put together a picture of what ads you've seen, what sites you've perused, and even where you've been.
[...]
https://www.wired.com/2016/11/block-ultrasonic-signals-didnt-know-tracking/
 
That's blocking out reality in an act of willful ignorance - which leads to becoming a Nazi:
Don't be a Nazi, bro.
You win. You godwind the thread.

There is so much satisfaction to see it posted time and time again. Didn't even make it to second page. We're skipping the formality now and get straight down to the point.
 
Last edited:
They listen all day waiting for you to interact with them.

How is that not a sign that they are spying?

Why do people want these in their homes?

I hope everyone with one gets what's coming to them.

This is beyond stupid.

You have no clue what you are talking about, but that's normal now on the internet. I just wasn't expecting it to find its way into [H] so fast, from editor to user. Do you have a smartphone? It's ALL that those devices are + kamera + gps + permanent mobile connection + ID (IMEI) + all your contacts, messages, photos.... Oh, and you're online on a PC, so throw that out, too.
 
You have no clue what you are talking about, but that's normal now on the internet. I just wasn't expecting it to find its way into [H] so fast, from editor to user. Do you have a smartphone? It's ALL that those devices are + kamera + gps + permanent mobile connection + ID (IMEI) + all your contacts, messages, photos.... Oh, and you're online on a PC, so throw that out, too.

The Idiocracy is almost overwhelming. You do understand there is a difference between a device that potentially spies on you when you use it and a device that is always spying on you... Right???
 
You have no clue what you are talking about, but that's normal now on the internet. I just wasn't expecting it to find its way into [H] so fast, from editor to user. Do you have a smartphone? It's ALL that those devices are + kamera + gps + permanent mobile connection + ID (IMEI) + all your contacts, messages, photos.... Oh, and you're online on a PC, so throw that out, too.

You do see how there is a difference between a "phone" and a "phone with voice assistant software", right? The latter has the intention of listening to everything you do and sending back data of what it hears to another server somewhere. A phone by itself is at least ostensibly only using its microphone when you ask it to do so. However, this is only part of a much bigger issue that is only a small percent technical with a HUGE portion of it being policy/legality. We should not have to give up our privacy like this in order to make use of technology. There are some kinds of technology that will by nature grant some kind of user information by their use - like using a mobile/cellular phone as we understand them will grant tower data that could be triangulated etc - but what we fear the vast majority of the time is not the technical issue, but the fact of how many entities and how easily can have free reign over this information.

We really need to have brand new privacy laws written from the ground up that by default all online services can only collect the minimal amount of information required to actually provide a service to the user, encrypt it at all times ideally zero-knowledge encryption, cannot use that data for anything else, and must purge it as soon as possible. Full Stop. This should not be able to be waved through agreement of a TOS, usage of an application etc. Yes, there is certainly an argument for using open source digital assistants that reside on one's personal server and/or on the same phone and that kind of thing should be encouraged. But we do not need to accept the idea that the convenience of applications like Siri, Alexa, and Google Now means inviting a foreign monitoring device into your midst. With some minor technical implementations and most importantly proper regulation, we'd have a lot less to fear.

We need to stop just accepting whatever the industry tells us is acceptable and realize that they will NOT self-regulate - no corporate entity will do so as long as their is profit to be made and usually lots more of it by acting contrary to the good of individuals and/or society as a whole. This state of affairs that by using any given piece of software means just giving up total control should not be acceptable and those who try to push that exploitative narrative need to be brought to heel.
 
Last edited:
I love tech. But I would never allow a listening device that is connected to the internet in my home. Ever. I have nothing to hide, but the level of eavesdropping, and the possible abuse, seriously turns me off.

I hope you don't have a cellphone.
 
  • Like
Reactions: Rahh
like this
You have no clue what you are talking about, but that's normal now on the internet. I just wasn't expecting it to find its way into [H] so fast, from editor to user. Do you have a smartphone? It's ALL that those devices are + kamera + gps + permanent mobile connection + ID (IMEI) + all your contacts, messages, photos.... Oh, and you're online on a PC, so throw that out, too.

This guy....
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.

Please be more specific about this immigrants part. Illegal immigrants are sucking our gov't / Hospitals dry with free or unpaid for services. What's not to fear about that when my family pays a hell of a lot for these same services.
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.
I find it hilarious that you actually believe that the only reason people own guns in this country are for protection.... You're just being naive if you think everyone has these thoughts.
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.
This comment wont age well. Oh, and "If you don't agree with me you are paranoid and ignorant."
 
Most people are irrevocably stupid.

The real stupidity comes from not understanding how exactly these devices work and transmit data. These comments I guarantee are coming from the same people that own smart phones which are far worse in spying. You might want to make sure that hat is actually tin-foil before posting.
 
This type of capability and research was covered back in January:

https://www.hardocp.com/news/2018/01/31/satan_china_russia_hijack_siri_alexa

I don't think of myself as paranoid. I like to think of myself as a realist who has just enough foresight to extrapolate current research and discoveries into the future to envision what technologies and advances will be commonplace whereas they were once thought impossible. Of course, there are so many things I never saw coming that I think I'm not very good at these predictions.

But if anyone thinks it's paranoid to believe this technology would one day be used for nefarious purposes (if it's not already), consider this: Back in January they could make an Asus laptop tell and Amazon Echo to make a credit card payment using an undetectable voice command embedded in a song.
 
They listen all day waiting for you to interact with them.

How is that not a sign that they are spying?

Why do people want these in their homes?

I hope everyone with one gets what's coming to them.

This is beyond stupid.

Is the big bad FBI going to break into my house for discussing movie pirating? You guys think too highly of the government if you think they're going to bust into the house of every Alexa user for discussing illicit activity.
 
The real stupidity comes from not understanding how exactly these devices work and transmit data. These comments I guarantee are coming from the same people that own smart phones which are far worse in spying. You might want to make sure that hat is actually tin-foil before posting.

Whataboutism, ad hominem, tinfoil.

you must realize it's not tin foil conspiracy when it is literally proven, at this point not just once but time and again.

But you are right, we shouldnt even have a conversation about these things, because whatabout the smart phones, the nsa, hackers, trolls, etc. why bother, you should probably just give up, why wait.
 
Whataboutism, ad hominem, tinfoil.

you must realize it's not tin foil conspiracy when it is literally proven, at this point not just once but time and again.

But you are right, we shouldnt even have a conversation about these things, because whatabout the smart phones, the nsa, hackers, trolls, etc. why bother, you should probably just give up, why wait.

Not saying we shouldn't discuss. I have an Alexa in my home on its own network with network monitoring watching when it is sending data which is really easy to setup. Of course if your alexa is hacked or smartphone or whatever you're going to have a bad time. With that said, I know that Alexa doesn't transmit ANY data (0 bytes) unless the keyword is triggered. Also, we all know that smart phones are far more the target of spying and not so much Alexa type of devices in the home. I much rather discuss how to make smart phones more secure and less susceptible to spying before I worry about Alexa.
 
Is the big bad FBI going to break into my house for discussing movie pirating? You guys think too highly of the government if you think they're going to bust into the house of every Alexa user for discussing illicit activity.

It's that they can not that they will.

I don't think the Fifth applies to recorded audio from a third party. Does it?
 
Okay, so if I have an echo and a smart door lock, someone could get her to unlock my door, possibly. Might not be in earshot of the door so they would have to know what house has them and if she controls the smart lock (if there is one).

So can a screwdriver or crowbar.

I use one, it controls my lights and plays music, they will be very disappointed. It was set so it cannot make purchases without me or my wife finalizing on the phone so can't force purchases either.

I dunno, I like em. Digital assistants are good for weather, setting a timer or reminders are the most uses I use them for. On my phone it is useful for reading or responding to texts while driving.
 
I like that I don't have this paranoia mindset. This paranoia that you must own guns for safety, immigrants are to be feared, or technology is evil while hypocritically completely dependent on it in the daily lives.

What a different mindset to have one's live dictated by fear. Don't understand it.

Wow, great generalizations, you would think you are a politician. Amirite? Of course, you need to steer the conversation to something unrelated to the topic, right?
 
  • Like
Reactions: PaulP
like this
Back
Top