
Alexa and Google Home expose users to vishing and eavesdropping - kerm1t
https://srlabs.de/bites/smart-spies/
======
eth0up
If Amazon's Ring is partnering with LE[1], and from what I understand, in some
circumstances providing access to customer-produced data even when customers
refuse requests, it doesn't seem too unreasonable to have suspicions.

1\. [https://www.vice.com/en_us/article/43kga3/amazon-is-
coaching...](https://www.vice.com/en_us/article/43kga3/amazon-is-coaching-
cops-on-how-to-obtain-surveillance-footage-without-a-warrant?xyz)

2\. [https://www.eff.org/deeplinks/2019/08/five-concerns-about-
am...](https://www.eff.org/deeplinks/2019/08/five-concerns-about-amazon-rings-
deals-police)

Edit to append link and quote:

Quote: _However, he noted, there is a workaround if a resident happens to
reject a police request. If the community member doesn’t want to supply a Ring
video that seems vital to a local law enforcement investigation, police can
contact Amazon, which will then essentially “subpoena” the video._

Link: [https://www.govtech.com/security/Amazons-Ring-Video-
Camera-A...](https://www.govtech.com/security/Amazons-Ring-Video-Camera-
Alarms-Privacy-Advocates.html)

~~~
ineedasername
That seems like a strange workaround. Wouldn't the burden of proof to subpoena
to Amazon be the same as a warrant to the user?

~~~
koolba
Amazon owns the video, not the user, so you only need a warrant if they demand
one. They’re also free to not require one.

~~~
ineedasername
That makes sense, although it's not a subpoena in that case. It's just Amazon
voluntarily cooperating. However, I'm not a fan of such voluntary cooperation.
I think a company's default response should be, "We'll help you in every way
possible once there is a warrant."

I mean, something like this should be viewed in the context of comparable IRL
vendors. If I rent a 3rd-party storage unit from U-Haul or similar, a warrant
is generally required.

(one exception I found was a case where police, on-site, witnessed a drug
deal. They then used the defendant's key to open their unit without a warrant.
It was judged lawful, that finding drugs and keycard on the defendant was
sufficient probably cause. That makes sense, given that if police witness you
in front of your house, or car, etc selling drugs, that would be sufficient as
well to search.) [0]

[https://www.govinfo.gov/content/pkg/USCOURTS-
ilnd-1_14-cr-00...](https://www.govinfo.gov/content/pkg/USCOURTS-
ilnd-1_14-cr-00696/pdf/USCOURTS-ilnd-1_14-cr-00696-0.pdf)

------
adrianmonk
> _It is possible to ask for sensitive data such as the user’s password from
> any voice app._

Newsflash: computing device with the capability for user interaction can
request information that you might not want to give it.

In other words, how is this situation different from any software running on
any other type of computing device?

~~~
jen_h
It's not really any different -- changing server behavior after app review is
possible for any server-based app. The one thing they exploited that is
unique, though, is that when a user talks to a smart device, they generally
don't know at any given time if their commands are going to Google/Amazon or
are being passed to Google/Amazon _and_ the third-party developer.

As far as many users are concerned, they're talking to Alexa. The third party
app is Alexa, too.

And because of the opaque single-dimensional nature of voice interfaces, even
a savvy user doesn't know who's really receiving their intent -- there are
enough glitches where you think you're sending to the active skill, but you're
back in Alexa's lobby again, so the inverse case the researchers are playing
with is a good vector.

I think they could solve some of this because Amazon/Google are gatekeepers --
they get user input no matter where it goes -- they could easily automate
detecting anomalous user input and flag for review (that would of course miss
the first victims, but it's better than nothing).

I think the "Who's listening?" part is a little harder to solve. Maybe by
forcing the third party app to always announce itself as itself? But that does
add some friction to the "experience" they want to provide...however, a little
friction is better if it means protecting your users.

~~~
jen_h
Okay, just thought of something here — force third party apps to use a
different voice.

Developers (on Alexa, at least) can optionally do this now with SSML, but
making it a requirement would be an audio cue to users that the “actor” has
changed — without adding any delay to the interaction.

------
cookie_monsta
> Amazon or Google review the security of the voice app before it is
> published. We change the functionality after this review, which does not
> prompt a second round review

How is this not a massive red flag?

~~~
jeremyjh
I don't know for sure about Google, but with Alexa skills are simply
implemented as a web service. There is no way for Amazon to know that you've
deployed new code on your web service. There are a lot of limits to what you
can change though, the prompts / intents are specified in a manifest you have
to upload. But what the device _does_ for an existing intent, and the
responses it sends, can be changed without their knowledge.

~~~
cookie_monsta
I just can't believe that people actually pay to have these things in their
houses. Or maybe, sadly, I can.

~~~
jeremyjh
A smartphone has a much larger attack surface and far more snooping
capability.

------
zik
TIL "vishing" is a word.

If like me you were wondering what it meant:

"Vishing is the telephone equivalent of phishing. It is described as the act
of using the telephone in an attempt to scam the user into surrendering
private information that will be used for identity theft."

~~~
asr
This makes no sense. Phishing comes from phreak + fishing, but the "ph" in
phreak is already from the word phone (phone + freak) -- so the ph in
"phishing" already comes from the word phone! The telephone version of
phishing should be... "phishing."

But thanks for the explanation.

~~~
chrisweekly
Disclaimer: I'm not a linguist, and this word was new to me. FWIW, I inferred
something like "v for voice interface". IMHO the "ph" in "phishing", despite
the etymology, has lost any meaningful semantic connection to "phone" per se.
So this new term might seem redundant or circular in its derivation, while
still being a valid / useful addition to the lexicon. (shrug)

------
kayhi
Do these devices record all the time or only after the trigger word (they
would need to be always listening for the trigger word) until the end of the
statement?

~~~
jMyles
The more important question is: _how_ do we know whether these devices (or a
particular subset of them) record all the time or only after the trigger word?

~~~
skeletonjelly
By

a) viewing what they store via their log tools (though this isn't guaranteed
to show everything, ie if they are recording everything they couldhide)

b) monitoring outbound network connections

~~~
kortilla
Neither of those things are indicative. Secretly recorded things could be
hidden from logs and bundle up recordings with normal voice queries on the
network calls.

------
seansta
Im not a fan of devices actively listening and sending snippets (if not all
the info) back to home base.

My simple solution is to not use these kind of devices.

------
AtomicOrbital
All hardware with a microphone (or speaker since it too can be used as a mic)
needs a hardware switch to disable ... Which will only land once open hardware
Linux mobiles take off in next year or two ... Until then I just assume
nothing is private

~~~
chrisweekly
Please forgive (and remedy?) my ignorance, but are you saying all hardware
speakers can be used as microphones?

~~~
ShamelessC
Yep! If you want to try this, you can plug any speaker with a 3.5 mm output
into a mic input and speak into it. It'll probably be faint, but it usually
works.

[https://security.stackexchange.com/questions/154343/can-a-
sp...](https://security.stackexchange.com/questions/154343/can-a-speaker-be-
used-as-a-microphone)

~~~
largbae
Microphone-less headphones are a great way to test this phenomenon. If you
have them handy, just plug them into the mic port and talk. IIRC only one
earpiece in a stereo set connects with a mono microphone jack.

------
sucrose
Google allows you to change an app after Play Store approval without a second
review? If so, well that's your problem right there.

