https://venturebeat.com/2020/07/06/researchers-identify-89-words-that-accidentally-trigger-alexa-to-record/
By Kyle Wiggers
VentureBeat.com
July 6, 2020
As voice assistants like Google Assistant and Alexa increasingly make
their way into internet of things devices, it’s becoming harder to track
when audio recordings are sent to the cloud and who might gain access to
them. To spot transgressions, researchers at the University of Darmstadt,
North Carolina State University, and the University of Paris Saclay
developed LeakyPick, a platform that periodically probes
microphone-equipped devices and monitors subsequent network traffic for
patterns indicating audio transmission. They say LeakyPick identified
“dozens” of words that accidentally trigger Amazon Echo speakers.
Voice assistant usage might be on the rise — Statista estimated there were
an estimated 4.25 billion assistants being used in devices around the
world as of 2019 — but privacy concerns haven’t abated. Reporting has
revealed that accidental activations have exposed contract workers to
private conversations. The risk is such that law firms including Mischon
de Reya have advised staff to mute smart speakers when they talk about
client matters at home.
LeakyPick is designed to identify hidden voice audio recordings and
transmissions as well as to detect potentially compromised devices. The
researchers’ prototype, which was built on a Raspberry Pi for less than
$40, operates by periodically generating audible noises when a user isn’t
home and monitoring traffic using a statistical approach that’s applicable
to a range of voice-enabled devices.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/
