A new study carried out by a group of iResearchers from Japan and the University of Michigan have found that voice assistants such as Siri, Alexa or Google Home can be hacked with a kind of laser pointer at a distance of more than 100 meters.
The news is really shocking considering the way in which voice assistants are operated and is that with a simple laser pointer, a controller and a sound amplifier, this study shows that vox commands can be controlled. This vulnerability has been called Light Commands.
This study carried out and called Light Commands, warns of danger What this security failure means for voice assistants such as Siri and the rest of the most popular assistants. Thus, with this laser pointer and the necessary knowledge, they would be able to send a voice command more than 100 meters away that would allow us to control smart switches in our home, open or close smart garage doors, make online purchases, activate functions in the vehicles connected to these devices or open smart locks. Without a doubt, a real security problem that the only protection left to the user is keep them protected from outdoor exposure.
How does the hacking work?
Well, it is simple and although it does not work in all devices in the same way it is due to a small plate that is inside the microphones of the devices, known as a diaphragm. This is the one in charge of reproducing the sound and it seems that it can be imitated very easily with a laser and very good precision.
The solution to the problem consists of a small redesign in these microphones built into the devices by adding an insulating layer. It is not a very complicated change to carry out but for the devices already manufactured it is impossible to add it, they should start implementing it in the new ones. On the other hand, to make purchases through these devices, the advice offered by Kevin Fu, associate professor of electrical engineering and computer science at the University of Michigan, is that we use a PIN prior to purchase.
