
SurfingAttack: attack on voice assistants using ultrasonic guided wave - seiters
https://surfingattack.github.io/
======
emptybits
Disable your locked phone from always listening for "OK Google" or "Hey Siri".
Protected, no? Their list of five ways to "defend against SurfingAttack"
doesn't include this obvious one. i.e. If you want to give a voice command,
pick up your phone and press a button to speak. Protected and still pretty
darn convenient IMO.

Otherwise, great project and succinct video proof of how clever conveniences
often conflict with security.

~~~
seiters
Thanks for the comment. This defense works: but you have to remember to lock
your phone when you put it down.

~~~
ThePowerOfFuet
Siri can be used for many things when the device is locked.

------
snug
Reminds me of the smarter every day video where Destin used lightwaves against
smart homes

[https://www.youtube.com/watch?v=ozIKwGt38LQ](https://www.youtube.com/watch?v=ozIKwGt38LQ)

------
ElijahLynn
Was thinking about this the other day, when I heard the assistant trigger when
there was _zero_ sound to prompt it. And was thinking of an attack where
someone can literrally trigger a listen from outside your house. Especially
dangerous because the default on a new Google Home (max hub nest truck
whatever they call it) is to not have an audible prompt on a trigger.

So an attacker can literally just listen in with a press of a button. Probably
gonna have to turn off this feature altogether for the immediate future.

~~~
jmole
How exactly are they going to listen in? Are they on the other end of the
line?

~~~
nateferrero
If they can get it to listen, they can theoretically have it dial a number

~~~
squarefoot
Or call for a fake SWAT raid to the same house, so that the owner is either
being shot or imprisoned. If that can really be triggered from distance
without breaking in, it would make it the perfect revenge weapon.

~~~
Kiro
Why would you need this hack to Swat someone?

~~~
squarefoot
I surely don't want to swat anyone. My concern is that someone with the right
technology might use (1) this vulnerability to call a raid to an "enemy" from
its own assistant without breaking in or leaving digital traces: no
fingerprints, no malware installed, essentially no smoking gun, therefore
creating a scenario in which the home owner might either be shot during the
raid or prosecuted for calling a false alarm.

(1) - and if successful then sell the "service"

~~~
Kiro
My point is, you can swat someone by just calling the police pretending to be
someone else. That's how everyone is doing it already. No need to do it from
within the home.

~~~
squarefoot
Yes, but using that technology will make it appear the call originating from
the victims home.

------
up6w6
There is another very similar attack that uses laser beans instead of sound
waves but this looks less efficient because of the distance limitation.

[https://news.ycombinator.com/item?id=21453554](https://news.ycombinator.com/item?id=21453554)

~~~
rickdeckard
There's also the big difficulty to harvest laser beans...

But seriously, I wouldn't say this one is less efficient, both attacks are
quite different in scope. The laser-based attack requires line-of-sight to the
device and apparently works only on stationary home-assistants (i.e. your
Google Home), while this ultrasonic method explicitly targets Smartphones and
has potential for wide unfocused attacks at public spaces (i.e. by rigging a
table in a coffee-shop).

~~~
paranoidrobot
> There's also the big difficulty to harvest laser beans...

Especially considering it's lost or perhaps extinct.
[https://en.wikipedia.org/wiki/Silphium](https://en.wikipedia.org/wiki/Silphium)

HN Discusson from a few days ago:
[https://news.ycombinator.com/item?id=22229666](https://news.ycombinator.com/item?id=22229666)

------
hansschouten
Interesting attack. Reminds me of the DolphinAttack
([https://arxiv.org/abs/1708.09537](https://arxiv.org/abs/1708.09537))

~~~
anfractuosity
Also there's the 'Audio Hotspot Attack' \-
[https://ieeexplore.ieee.org/document/8906174](https://ieeexplore.ieee.org/document/8906174)

Which uses a parametric speaker, which uses a number of ultrasonic transducers
which "emit amplitude-modulated ultrasounds that will be self-demodulated in
the air"

------
Jernik
This requires the phone to be unlocked to do most of this, doesn't it? What is
the attack vector here, someone leaving their phone unlocked on a table and
not paying attention to the screen?

~~~
dylan604
I know lots of people that have their phones set to not lock automatically.
Some of these include not locking them when they throw the phone in their
purse, or put it in their back pocket. "I can't be bothered to type in my
password every time I pick it up" or "My kids bother me too often to unlock
the phone." It's absolutely mind boggling

~~~
iudqnolq
Password? I've never met someone else irl who sets a password on their phone.
Best I've ever seen is a PIN.

~~~
pc86
They obviously mean the same thing in this context.

~~~
iudqnolq
If you open the Android security settings you'll be asked if you want to set a
password or pin. A password is longer and can contain arbitrary characters.
I've never heard a person refer to a short series of numbers used to protect
something as a password and not a pin.

~~~
vgb2k18
> I've never heard a person refer to a short series of numbers used to protect
> something as a password and not a pin.

Until today... Screenshot from Android phone -
[https://ibb.co/KD27YGL](https://ibb.co/KD27YGL)

~~~
h4waii
Eh, you should clarify that this is not an AOSP lockscreen. It looks like
Huawei's EMUI, which is quite heavily modified and might simply be a
translation error.

~~~
vgb2k18
Meizu phone, Flyme UI. Equally as Chinese as the Huawei you mentioned, so your
point stands. Whether or not a tranlation error though, the GP had never heard
of anyone using 'password' in the context of a numeric pincode, but it does
happen. Who knows, I could be biased through my repeated exposures to the
Meizu lock-screen, but as a native English speaker I don't have a hard time
imagining a numeric-only pin being referred to as a password.

------
ElijahLynn
Really great demo videos on the webpage, fwiw.

------
draugadrotten
Now I am thinking I could use this to automatically turn everyone's phone to
"silent mode" when they put their phones on the conference room table...

------
rvz
Well this is why you disable the "Ok Google" / "Hey Google" hotword or "Listen
for Hey Siri" or always listening features and congrats you are immune to this
attack. Job done for your phones.

Perhaps a more interesting experiment would be to try this on Alexa, HomePods
and Google Home devices.

------
Animats
Coming soon to a Starbucks near you.

~~~
trhway
It worked well at the Cuban embassy
[https://spectrum.ieee.org/semiconductors/devices/how-we-
reve...](https://spectrum.ieee.org/semiconductors/devices/how-we-reverse-
engineered-the-cuban-sonic-weapon-attack)

~~~
Bendingo
"Cuban “Sonic Weapon” Attack" \--> "Jamaican field cricket or maybe cicadas"
[0]

[0] [https://www.vanityfair.com/news/2019/01/the-real-story-
behin...](https://www.vanityfair.com/news/2019/01/the-real-story-behind-the-
havana-embassy-mystery)?

------
seiters
SurfingAttack exploits ultrasonic guided wave propagating through solid-
material tables to attack voice control systems. Interesting!

