Popular voice assistants, including Siri and Alexa, are easy to hack because of huge design flaws in modern devices, researchers have found.
They were able to take over seven different voice recognition systems on a wide range of gadgets, including iPhones, Windows 10 computers, and Samsung Galaxy handsets, using equipment that costs less than $3.
16 different devices have been found to be vulnerable, but the researchers say their list is “by far not comprehensive”.
The team, from Zhejiang University, found that voice assistants can be triggered by voice commands that are inaudible to humans.
Though an attacker would have to be in close proximity to the target device, they could take it over without actually touching it.
The researchers used an ultrasonic transducer and an amplifier to convert normal voice commands into ultrasounds that are impossible for humans to hear.
By doing this, they were able to not only activate voice assistants but make them do things.
“By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile,” the researchers said.
This method of attack could also allow them to force a device to: open a malicious website; spy on their owner by launching a video or phone call; create and spread fake text messages, emails, online posts and events; disconnect all wireless communications, dim the screen and lower the volume to make it harder for an ongoing attack to be detected.
What’s more, since voice assistants are increasingly being used as a part of voice-controllable systems, the researchers say an attack on the Amazon Echo could be used to open a victim’s back door to let intruders into their homes.
However, a PIN would also be required in this case, and the fact an attacker would have to be within 165cm of the device makes this an unlikely real-world scenario.
By triggering Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana, Alexa and Audi’s voice recognition system, the researchers were able to hijack the following devices (maximum attack distances for recognition (executing control commands when the voice recognition systems are manually activated) and activation (when the voice recognition systems are inactivated) in brackets):
- iPhone 4S (175cm, 110cm)
- iPhone 5S (7.5cm, 10cm)
- iPhone SE (30cm, 25cm)
- iPhone 6S (4cm, 12cm)
- iPhone 6 Plus (-, 2cm)
- iPhone 7 Plus (18cm, 12cm)
- Apple Watch (111cm, 164cm)
- iPad Mini 4 (91.6cm, 50.5cm)
- MacBook (31cm, N/A)
- Nexus 5X (6cm, 11cm)
- Nexus 7 (88cm, 87cm)
- Samsung Galaxy S6 Edge (36.1cm, 56.2cm)
- Huawei Honor 7 (13cm, 14cm)
- Lenovo ThinkPad T440p (58cm, 8cm)
- Amazon Echo (165cm, 165cm)
- Audi Q3 (10cm, N/A)
To protect yourself from such an attack, you can switch off the always-on setting on Siri or the Google Assistant, or press the Mute button on Echo.
However, doing so makes the voice assistants significantly less useful.