Researchers identify dozens of words that accidentally trigger Amazon Echo speakers

[InfoSec News <alerts () infosecnews org>]

https://venturebeat.com/2020/07/06/researchers-identify-89-words-that-accidentally-trigger-alexa-to-record/

By Kyle Wiggers
VentureBeat.com
July 6, 2020

As voice assistants like Google Assistant and Alexa increasingly make 
their way into internet of things devices, it’s becoming harder to track 
when audio recordings are sent to the cloud and who might gain access to 
them. To spot transgressions, researchers at the University of Darmstadt, 
North Carolina State University, and the University of Paris Saclay 
developed LeakyPick, a platform that periodically probes 
microphone-equipped devices and monitors subsequent network traffic for 
patterns indicating audio transmission. They say LeakyPick identified 
“dozens” of words that accidentally trigger Amazon Echo speakers.

Voice assistant usage might be on the rise — Statista estimated there were 
an estimated 4.25 billion assistants being used in devices around the 
world as of 2019 — but privacy concerns haven’t abated. Reporting has 
revealed that accidental activations have exposed contract workers to 
private conversations. The risk is such that law firms including Mischon 
de Reya have advised staff to mute smart speakers when they talk about 
client matters at home.

LeakyPick is designed to identify hidden voice audio recordings and 
transmissions as well as to detect potentially compromised devices. The 
researchers’ prototype, which was built on a Raspberry Pi for less than 
$40, operates by periodically generating audible noises when a user isn’t 
home and monitoring traffic using a statistical approach that’s applicable 
to a range of voice-enabled devices.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/