Did you know that your smartspeaker could be hacked with a laser? A recent study has uncovered vulnerabilities in Amazon Alexa, Google Voice, Apple Siri, Facebook Portal Mini, Amazon’s Fire Cube TV, a Samsung Galaxy S9 and a Google Pixel 2.
Researchers… have discovered that when a laser is aimed at the devices’ microphones, an electrical signal is created, just as it is when a voice command is made. Using an oscilloscope, the academics found they could make it so the microphone created the same signal when receiving light as it did with sound. In doing so they effectively mimicked a voice with a laser beam.
Even across long distances, attacks can still be made through windows. And hackers wouldn’t even need fancy equipment, according to Forbes:
These “light commands” can be made with cheap easy tech, even a classic laser pointer. And the commands can be tweaked to make Amazon, Google and Apple voice-operated tech carry out actions, such as opening doors, making online purchases or turning lights on and off. The attacks could even be used to unlock and start certain vehicles, the academics claimed.
What should I do to protect myself from an attack?
If you have Alexa or any other smartspeaker device, security expert Alan Woodward recommends either closing your curtains or hiding your device to help protect against potential laser vulnerabilities. According to the researchers, the design of the microphones must be altered in order to eliminate the vulnerability. When exactly this might happen is unclear. A Google spokesperson remarked that they were “closely reviewing this research paper,” and are “always looking at ways to improve the security of our devices.”