In case you haven’t noticed yet, smart gadgets with built-in virtual personal assistants are currently the darlings of the consumer tech world. They do offer various amazing conveniences that make us feel that we are finally living in the future.
But how would you feel if your smart assistant is being fed with commands without your knowledge? Worse yet, these commands are inaudible to human ears and they can potentially put you and your family at risk.
Security researchers from Zhejiang University in China have discovered precisely that – a critical vulnerability on virtually all voice-activated virtual assistants using “silent” commands. Be it Alexa, Siri, Cortana, Google Assistant or Bixby, they can all fall victim to this alarmingly simple hack.
How did they do it? They apparently used a technique called the DolphinAttack, a way to translate voice commands into ultrasonic frequencies that are too high for the humans to hear. Although not perceptible by the human ear, these ultrasonic sounds are audible to microphones such as the ones in smartphones and smart speakers like the Amazon Echo or the Google Home.
With this “silent” attack, attackers can potentially take control of these gadgets by simply encoding voice commands in frequencies above 20,000 Hz, the known limit of the human ear.
Using only a smartphone outfitted with a cheap amplifier, battery and an ultrasonic speaker – extra parts worth less than $3, they were able to issue commands to various virtual assistants:
- Tell an iPhone to call a phone number
- Have a MacBook open a website
- Make a Windows 10 PC turn on Airplane Mode
- Have an Amazon Echo open a door
- Change navigation options on an Audi Q3 car
While these tests were conducted in a controlled environment, the real life implications of such exploits can’t be denied.
Fortunately, this attack method currently has a limited range of five to six feet and in some cases, only a few inches. This means unless there’s a stronger way to amplify the ultrasonic signal, an attacker attempting to issue an “open the back door” command to a home’s Amazon Echo, for example, needs to be situated inside a home already.
However, in public spaces, hacking a smartphone or computer with this method is easier to pull off. All an attacker has to do is walk by you with the ultrasonic transmitter in hand and issue the “silent” commands to your gadget. You wouldn’t hear it nor suspect a thing but your gadget’s browser may be already opening a website loaded with malware, infecting it stealthily.
How to prevent DolphinAttacks
It sounds like an obvious fix but gadget manufacturers could simply program their virtual assistants to ignore commands issued with high frequencies (20,000 Hz and above) that are inaudible to humans.
However, the researchers found that all voice-controlled assistants have this vulnerability built-in. It’s possible that ultrasonic reception is actually a feature that’s left in on purpose.
How come? Well, some are saying that ultrasonics actually help these gadgets in analyzing voices. These virtual assistants may actually need these high frequencies to accurately comprehend what humans say.
Another reason may be the practical and legitimate uses for ultrasonic communications. In fact, advertisers are already using ultrasonic sounds for tracking cross-device activity. Gadgets like the Amazon Dash and Google Chromecast are also reportedly using inaudible ultrasonic frequencies to pair with other devices.
As always, this just illustrates how convenient design decisions can also be exploited with the right tools.
If you’re worried about ultrasonic commands hijacking your virtual assistants, you can turn off their always-on, always-listening settings.
How to turn off “Hey Siri”: Navigate to your iOS device’s Settings >> General >> Siri then toggle Allow “Hey Siri” to off. Note: Always-on wake phrase “Hey Siri” only works for iPhone 6s or later, the 2nd-gen 12.9-inch iPad Pro and the 9.7-inch iPad Pro. iPhone 6 or earlier and other iPad and iPad Touch models have to be plugged in for the “Hey Siri” wake phrase to work.
How to turn off “Hey Cortana”: Open Cortana on your Windows computer, select the Notebook icon on the right column, click on Settings then toggle “Hey Cortana” to off.
Amazon Echo: Turning off Echo is easy. Just press the microphone on/off button on the top of the unit. When off, the light will turn red and Echo won’t respond to your wake word until you turn the microphone back on.
Google Home: To mute Google Home’s mics, press its physical mute button located at the back of its shell. Similar to the Echo, if this button is activated and lit, the mic is off.
Keep in mind that disabling the mics will definitely defeat the raison d’étre of these smart speakers. The always-on, always-listening nature of these smart virtual assistants is what makes them truly compelling gadgets to have. Hopefully, developers will soon find a good compromise between security and ease of use.
To read more about the ultrasonic vulnerabilities, click here to read the full research paper.