In most of the UK households, voice recognition is one of the most familiar features that have an active smart speaker. On the other hand, a virtual assistant is another common facility on the smartphones of the quarter of British consumers.
As per the general public, this is one of the most effective security measures that can keep their devices safe.
But the actual condition may not be the same. Hackers just need a voice sample of yours to synthesize a human voice and trick the security system.
According to David Emm, the principal security researcher at Kaspersky Lab, the central risk of the voice recognition security system is that we forget its existence. As per his words, if any of us is having a device that has the capability to listen, it is not at all safe enough for us. Because it may scoop up lots and lots of information about our personal data. As we tend to speak a lot in our daily life, it records everything and that can easily be hacked by the professional hackers.
So its potential to gather information doesn’t really stand beneficial to us all the time.
What Happens When Your Smart Speaker Itself Starts Spying On You?
Unfortunately, you can already see the results of it in the news headlines. In Oregon, a family reported that their Alexa recorded their private conversation as well. The story doesn’t end here.
It also sent those conversations to the contacts from its address book. Many of the users have made the same complaint that their speaker is actually listening to their conversation. This is pretty much creepy and none of us would like to have one after coming across such abnormal incidents.
Another danger indicated by Emm is that the companies are going to use people’s voice in order to personalize their advertisements. And that is the reason they are making devices that can record whatever you speak.
So, make sure you are training your Alexa or Siri properly to make it effective enough. Otherwise, you might just end up giving wrong orders to it and make it more confused. You literally have to hone its capability to make it useful for you.
It is not sure if they are still using those data for their advertisement purposes. But they already have the personal details of millions of people and that is going to be a very tempting pot of data in future.
Looks like keeping an Alexa or Siri includes more risk than having a stalker.
Limited Risk Factor
As soon as the technology becomes more powerful and adopts more effective methods to intercept, the threat will also increase rapidly.
Strangely enough, the Google Assistant can literally make a phone call on behalf of you. Have you ever imagined that a technology can replace you as well?
As per the researchers, Google assistant, Alexa, and Siri can be breached in a way that human ears cannot detect. Still, none has shown any concern about Emm’s words and never really shared them with the rest of the world.
In fact, Dan Kaminsky, the co-founder and CSO of a cybersecurity company white ops made a joke that Alexa re-implemented the butt-dial and that is why the Oregon incident took place.
Emm said that the hackers will probably use them for the highly-targeted attacks. Right now what they are doing is gathering enough information for a wider attack. Therefore, in terms of gathering necessary data implications, they are much smarter than we can ever imagine.
Preventative Measures To Avoid This Situation
After reading the whole thing you may start wondering whether you have taken the right decision by choosing Axela, Google assistant or Siri. But let me tell you that everything has some preventive methods.
So you can also migrate the risk factor from the voice recording devices. As per Emm’s suggestion, you can switch off the microphone and install an antivirus software on the device to avoid the situation. On the other hand, blocking and password protecting can be another effective option to eliminate such issues.
But the fact is, we are too much comfortable with the default settings of any new device. As an instance, we have already seen people making online purchases through Amazon Echo just because it has the “one-click” purchasing option.
Ubiquitous Security and Privacy Research Laboratory researchers are trying to develop an app that will hold the capability to detect voice replay attack. The magnetometer in a smartphone compass is used in this system to locate the magnetic fields from a smart speaker.
It can actually measure the distance between the speaker and the phone. And they are making use of the phone’s trajectory mapping algorithm for that job.
Is It Possible To Stop This Vulnerability?
It is kind of impossible to ensure if the voice authentication will become pervasive in nature in the nearer future. But as per the increasing trend, we can imagine that it is soon going to be.
Developers also have to be concerned about the security of its usability and cost. Emm mentioned that the companies are going to make security as their first and foremost priority in their product design stage. The companies can talk to the major companies like Kaspersky Lab and bake it into the actual firmware. Or else they have to make this thing robust in order to avoid the hackers to get access to someone’s personal data.
On the other hand, the developers need to give their speakers the ability to update along with time. Otherwise, the people may find it vulnerable to get something that cannot be updated.
After all, developing a device with the best security measures should be an important aspect for the developers. But the ability to provide patches for upcoming attacks is also another vital factor of developing companies.
