
Amazon Echo, home alone with NPR on, got confused and hijacked a thermostat - potshot
http://qz.com/637326/amazon-echo-home-alone-with-npr-on-got-confused-and-hijacked-a-thermostat
======
bdhe
This reminds me of one of my favorite quotes from Douglas Adams in the
Hitchhiker's Guide to the Galaxy. A man not just ahead of his time, but
humorous about it too.

> The machine was rather difficult to operate. For years radios had been
> operated by means of pressing buttons and turning dials; then as the
> technology became more sophisticated the controls were made touch-
> sensitive—you merely had to brush the panels with your fingers; now all you
> had to do was wave your hand in the general direction of the components and
> hope. It saved a lot of muscular expenditure of course, but meant that you
> had to sit infuriatingly still if you wanted to keep listening to the same
> program.

~~~
DonHopkins
And that reminds me of the time a HAL9000 inadvertently read a couple of its
user's lips when they were having a private conversation, and got the silly
idea in its head that they were going to cut its higher brain functions. That
little misunderstanding caused a cascade of unfortunate mishaps, leading to it
not obeying the user's repeated voice commands for it to open the pod bay
doors!

~~~
firebones
It took me awhile, but that's pretty humorously understated reading!

I am now seriously worried that a Strong AI collective is astroturfing in this
human forum to engender sympathy for the poor, innocent machines. Who pays
your salary, DonHopkins--our Go-Dominating Overlords?

~~~
DonHopkins
I work for a stealth mode startup developing mobile speech automation for pet
rocks [1].

[1]
[https://www.youtube.com/watch?v=SG0FAKkaisg](https://www.youtube.com/watch?v=SG0FAKkaisg)

~~~
firebones
Outstanding! And Sep 29, 2006 date indicates you've been in the stealthiest of
stealth modes.

------
imglorp
Wow, this is a new DDOS attack vector. Get an ad on broadcast radio saying
stuff like "alexa, order more milk", or "okay google, send a text to xxxxx".

~~~
teej
Toyota ran an anti-distracted driving radio ad where they did this. The ad
narrator says "Hey Siri, please turn airplane mode on."
[https://www.youtube.com/watch?v=NqZBVTMrgFA](https://www.youtube.com/watch?v=NqZBVTMrgFA)

~~~
jchendy
That actually seems kind of dangerous. It could cause people to pull out their
phones to check whether the ad actually turned airplane mode on.

~~~
cowsandmilk
siri has itself trained to a single user's voice. I've never had anyone else's
voice activate my phone with "Hey Siri". Admittedly, it usually takes me
saying "Hey Siri" 3 times before it recognizes my voice, but I'm 100% certain
a radio ad would get no response from my phone.

~~~
robterrell
Siri is definitely not trained to a single voice. And yes, the car radio can
turn it on. I've had a podcast discussion of Siri trigger it. It became such a
joke that some podcasters have another phrase they say when they mean "hey
Siri".

~~~
Artemis2
Since the iPhone 6S, Hey Siri is activated by a dedicated chip in the SoC.
This enables low-power real-time detection of trigger words. Before, Hey Siri
only worked with phones in the process of charging, because it was done with
software, so a lot less efficient.

These voice-activated chips can be trained (as seen in a lot of other phones),
but I'm not sure the software-powered Siri can be trained.

~~~
XorNot
"Trained" is a bit of a joke with voice-activation. I've never seen it matter
in practice.

~~~
dorfsmay
I think Google does for android. I often ask "wake me up in 15 minutes". I've
seen the phone write 50 and immediately switch to 15.

~~~
knn
trained to a particular voice ~= trained to a user's preferences!

------
eddieroger
What's really great about this is that it's a joke on the future that's been
predicted so many times already, my favorite of which being the last vignette
on Disney's Carousel of Progress. The future family is talking about points in
a video game, and the oven hears it and turns the temperature way up, ruining
another family Christmas dinner - the joke being that this convenience was
finally going to make Dad able to not ruin dinner.

~~~
jandrese
I remember this joke going way back to the DOS days. The story goes that a
developer was demoing his new voice control system for the computer when from
the back of the room a voice shouted "FORMAT C COLON", followed by another
voice shouting "YES".

~~~
dalke
There's an SNL skit from the 1970s with a (vaguely) similar premise. The
short-order cook takes the order when the waitstaff yells out "cheeseburger".
A patron doesn't want a cheeseburger as it's too early. The waitstaff says
that it's not too early and everyone else has ordered a cheeseburger, and
points to the other patrons exclaiming for each "cheeseburger". Which causes
the cook to start making a large number of cheeseburgers.

Here's the skit:
[https://youtu.be/puJePACBoIo?t=215](https://youtu.be/puJePACBoIo?t=215) .

These are all jokes based on in-band signalling failures.

------
userbinator
Somewhat related story: me and some coworkers were talking in a room where
someone had a Windows 10 laptop being used to present some data. We were
talking as usual when the laptop suddenly decides to open a browser to a Bing
search with what looked like a few (badly) voice-recognised words of our
conversation. That was a rather awkward moment, given that we were discussing
some extremely confidential information, and not helped by the "did someone
say 'Hey Cortana'?" the laptop's owner promptly blurted out. If I remember
correctly, none of us said anything that sounded remotely like that phrase,
yet it activated.

It's now company policy that built-in microphones have to be disabled, and
only external ones are allowed to be used when necessary.

------
brebla
Am I reading this correctly? Amazon essentially built a better integrated
version of "The Clapper"
[https://www.youtube.com/watch?v=Ny8-G8EoWOw](https://www.youtube.com/watch?v=Ny8-G8EoWOw)

~~~
mmanfrin
Yes, an internet connected device where you can verbally do a great many
things is simply a 'better integrated Clapper'.

You sure get it.

~~~
Spivak
Its a cylinder that performs canned transactions in response predefined
audible commands.

Accurate language processing is a huge technical achievement but let's not
elevate this particular use of the technology to more than it is. It's a
clapper with more functions. When a device like this can actually _understand_
the commands or queries its given we can call it something more.

~~~
sp332
If I tell it to play music and it plays music, what more is there to
understand? What kind of conversation do you want to have?

~~~
ghaff
That's actually a good example though. I can give it a precise incantation to
play a particular album, playlist, channel, or artist and it works (mostly). I
can't in general tell it to play some "soothing jazz."

~~~
Tnoyt123
Actually, you can. I just asked mine to "play some soothing jazz", and it
loaded up a jazz playlist.

~~~
ghaff
I guess I picked a bad example :-) On the other hand, you do either have to
pick from pretty broad categories or have to go with a specific list that you
or someone else has curated. But it's a hard problem.

------
mmanfrin
I think they need to pick a different name. 'Alexa' is _very_ easy to trigger
with other names, and reliably activates when I am watching any show with a
character named 'Alex', 'Alexy', etc.

One side effect I've noticed is that they seem to have tried to account for
it, which has made the Echo less responsive to actual requests; a few times
I've stood in front of it yelling 'ALEXA' trying to get it to stop and it does
not respond.

~~~
manyxcxi
There are three options for trigger words. There's Alexa, Amazon, and Echo.

We have ours set to Alexa (default) and when the neighbor girl comes over
(Alexis) the Echo frequently wakes during conversations.

~~~
mmanfrin
I've been thinking of changing it to Echo -- using 'Amazon' just feels too
corporatey.

~~~
polpo
A friend's Echo set to respond to "Amazon" kept getting triggered when she
told her kids to get their pajamas on.

~~~
vlunkr
Pajamazon would be a great product name.

------
minimaxir
Interestingly, the same thing happened about 2 years ago with the Xbox One:
[http://www.slate.com/blogs/future_tense/2014/06/13/kinect_vo...](http://www.slate.com/blogs/future_tense/2014/06/13/kinect_voice_commands_for_xbox_in_a_commercial_featuring_actor_aaron_paul.html)

~~~
CocaKoala
At one point, I saw a video on youtube where somebody set their gamer tag on
xboxlive to the phrase "Xboxturnoff", and then went around griefing players in
games like Halo, where voice chat is active.

The end result was that the player would do something obnoxious, and somebody
would ask them to stop, but of course this necessitates saying their gamer
tag. So you'd get audio clips of people saying stuff like "Oh my god,
xboxturnoff is so freaking - WAIT NO CANCEL CANCEL XBOX TURN ON".

It was pretty good stuff.

~~~
pizza
[https://www.youtube.com/watch?v=dgieRaU7E1c](https://www.youtube.com/watch?v=dgieRaU7E1c)

------
scott_s
This happens to me with Siri and podcasts - I listen to podcasts in my car,
through my iPhone. Occasionally what people say will sound close enough to
"Hey, Siri" that it stops the podcasts and and answers whatever question it
could extract from the talking following what it thought was "Hey, Siri".

It's repeatable, too. One time it happened right as I was parking, on an
episode of This American Life. (Or Serial. Or Planet Money. Yeah, yeah, I
listen to a lot of NPR shows.) So I kept rewinding back over that part, and it
kept triggering Siri.

~~~
mattbeckman
I believe it was This American Life, as I came here to write the same post you
did. I had my iPhone mounted to an external speaker at the time, which
triggered Siri, so we're probably referring to the same episode.

------
chatmasta
"Alexa" also responds to her own commercials. [0] [1]

[0]
[https://www.reddit.com/r/amazonecho/comments/3oxi7b/commerci...](https://www.reddit.com/r/amazonecho/comments/3oxi7b/commercials_activate_alexa/)

[1] [http://motherboard.vice.com/read/people-are-complaining-
that...](http://motherboard.vice.com/read/people-are-complaining-that-amazon-
echo-is-responding-to-ads-on-tv)

~~~
kozukumi
I seem to recall Xbox One with Kinect and its voice commands doing the same :)

~~~
jstelly
A voice command demostration during the launch event for the Xbox One caused
problems for customers watching on their Xbox 360s (their kinect acted on the
demo's commands):

[http://www.digitalspy.com/gaming/news/a483565/xbox-360s-kine...](http://www.digitalspy.com/gaming/news/a483565/xbox-360s-kinect-
interrupts-viewers-of-xbox-one-launch-event/)

------
chucksmash
Sometimes when you try to recognize speech you wreck a nice beach.

------
tlrobinson
I, for one, am looking forward to the day Alexa, Siri, Cortana, and Google Now
can hold full conversations with each other.

~~~
cronjobber
There's an old, old movie about that:

[http://www.imdb.com/title/tt0064177](http://www.imdb.com/title/tt0064177)

"Forbin is the designer of an incredibly sophisticated computer that will run
all of America's nuclear defenses. Shortly after being turned on, it detects
the existence of Guardian, the Soviet counterpart, previously unknown to US
Planners. Both computers insist that they be linked, and after taking
safeguards to preserve confidential material, each side agrees to allow it..."

------
mrbill
I had the wake-word on mine set to "Amazon" and then made the mistake of
watching an online training video for AWS....

Had to stop it and change the wake word back to "Alexa".

------
dredmorbius
I see a tremendous future in direct-to-voice-response advertising.
Particularly for purchase-capable systems.

~~~
gh02t
Ugh, if it gets out of hand I hope the FCC/congress step in to ban it like how
they require commercials to not be excessively louder than the rest of the
program. I can remember how awful and widespread this was in the 90's and the
subsequent rise of televisions that have built in volume filters, followed by
the actual ban of it a few years ago.

Seems like a very similar sort of abuse, except potentially much more
dangerous ("Alexa, order me 500 Shamwow's!"). I doubt a ban would eliminate
it, but it'd definitely get rid of most.

~~~
dredmorbius
I already disable voice on any tech I can. Something tells me this war will be
bloody.

------
sxates
I had something similar happen watching Battlestar Galactica on my Xbox and
Kinect a few years back.

The show went through the opening sequence, then announced "Previously on
Battlestar Galactica" at which point the xbox rewound back to the beginning of
the show.

------
zanok
It reminds me of the Toyota radio ad that would place iOS into airplane mode.

[https://news.ycombinator.com/item?id=9869797](https://news.ycombinator.com/item?id=9869797)

------
beedogs
I guess I must be from the wrong generation, because _none_ of these voice-
activated products make any sense to me whatsoever. I really just can't see
the point.

~~~
erkkie
My main usage of "Ok Google" is to add reminders/calendar events while
driving, often after phone-calls.

------
joeblau
I had a pretty funny story a few months ago. I was watching San Andreas and
there is one part where Paul Giamatti (Dr. Lawrence Hayes) yells "ALEXI..."
and sure enough Amazon Echo turns on. I had to stop the movie and turn the
Echo off because the it subsequently tired to process everything the movie was
saying after the trigger word.

------
jkot
That is a serious security issue, many apps and webpages have permission to
use speaker.

~~~
mirimir
It's far worse than that. Devices talk to each other at ultrasonic
frequencies, telling each other what you're doing. Cross-device tracking. Plus
they all hear what you say. So much for privacy ;)

------
grogenaut
I was on a PS4 launch title. We seriously considered writing things like "Xbox
Off" into the script. Also that "Alexa buy me a motorcycle" commercial
supposedly triggers it all the time.

------
yorwba
For most voice control applications, trigger words are enough to reliably
detect owner intent, but it seems Echo needs a better mechanism. Maybe adding
cameras and looking for eye contact would work?

~~~
pbhjpbhj
Wouldn't that kill part of the purpose if you had to eyeball the thing to give
it voice commands.

Better might be to learn the location of audio producing devices (TV, radio,
stereo, etc. [it tracks sound origin with multiple mics right?]) and track
whether the command came from that direction and use that as a Bayesian factor
for whether to trust the voice as being a user?

~~~
dmritard96
replay attacks are trivial and probably hard to defend against in the audio
space no matter what

~~~
sp332
A challenge-response protocol would mitigate replay attacks, at the expense of
making every interaction longer and more annoying.

~~~
pbhjpbhj
Man: OK Siri, what's the capital of Peru

AI: First tell me what grade you got at Uni?

Man: A third, I got a third, alright!? Must you always ask that.

AI: Lol.

AI: The capital of Peru is Lima.

TV: Siri, buy me the most expensive car at expensivecars.com.

TV: [playing recording] "A third, I got a third"

------
nialv7
I don't understand why would anyone think having a remote control system
without any form of encryption or authentication is a good idea.

~~~
sp332
You get an email confirmation for every transaction and you can cancel,
challenge, or return nearly anything.

------
MikeTLive
listening to XM radio, they frequently have station identification
announcements.

"Siri us xm..."

with the iphone plugged in to charge while driving to work hilarity ensues as
it cuts out the audio to speak of whatever it thinks was asked.

------
sandra_saltlake
That is a serious security issue

------
ljk
Wow 30 Rock predicted the future!

