Hacker News new | past | comments | ask | show | jobs | submit login

Those two separate control boards didn't stop my Amazon dot from acually recording ambient noise and uploading it to Amazon's systems. I know this because of the audio history they themselves provide! You can literally go back and play back all the audio recorded, and a great deal of it did not include questions. Further, there was also a report of being able to trigger audio recording without either activating the LED ring or using a wake word via a serial root console. While a third-party attacker is unlikely to use that method of access, nothing about the hardware actively prevents Amazon ftom triggering it that way. Likewise for Google.

And yes, I work on this stuff. Neither Google nor Amazon have the hardware limitations you suggest.

You are making an enormous amount of assumptions based on a semantic argument.

Echo devices only begin recording if they think they hear the wake word. Obviously this is less than straight-forward, hence the recordings that didn't follow the wake word (just examples of an Alexa device incorrectly thinking it heard it).

To suggest that a serial root console is a point of attack for an Echo device is bordering on insanity. You'd need a breakout board connected via the USB interface (not port, mind you) in order for this work-around to be effective. So yes, if a hacker had physical access to your device, time enough to solder on a breakout board, said third-party could record a variety of things.

But then, it's a whole hell of a lot easier to just install a mic in someones house and get the same effect, now wouldn't it?

> To suggest that a serial root console is a point of attack for an Echo device is bordering on insanity.

That was not what he said. He argues that Amazon/Google could remotely use a similar exploit (without direct access to the hardware) to start recording without lighting up the LED.

Nobody has EVER gotten root console access on an Echo device remotely, and the only successful "remote" exploit that didn't require soldering requires that the attacker and the victim are both on the same wifi network.

Please, feel free to explain how Amazon and Google could exploit that vulnerability (that has since been patched)? More importantly, I'd love to hear how they are going to pull this off and hide it, given network traffic will be a dead give away?

If what your suggesting is actually what he meant, that's even more absurd than attackers trying to do the same.

I'm quite confident Amazon has remote root on every Echo device. It's called a firmware update.

True enough. They could easily push a new update that would record every single thing you say, and despite not indicating anywhere on the device, it would take a matter of minutes before it was in the news because what they certainly can't do is hide network traffic.

Right, the bigger concern for me is targeted attacks. One user, especially a non-technical user, getting a "special" update pushed out.

As indicated in your previous comments, e.g. https://news.ycombinator.com/item?id=18616219 , you work for Amazon. It would be a better look if you disclosed this openly when commenting about Amazon.

It's easily located in my post history, however, I don't work with anything even remotely related to the Echo devices. My interest in this discussion is as a user, not as an employee.

It's an ethics issue. You have vested interest in Amazon's public perception as an employee. You can't try to divorce your comments from your relationship with Amazon and expect to still be taken seriously.

A simple disclosure would have lent your comments more credibility.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact