Hacker News new | past | comments | ask | show | jobs | submit login
Gaining root access on Alexa using only sound [pdf] (usenix.org)
13 points by jaspergilley 11 days ago | hide | past | favorite | 5 comments

Please change the title to the actual paper: "Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems"

The paper is about sending voice commands using lasers, not sound. There's also no mention of "root access", the paper is just about replaying audio-converted-to-light rather than having any kind of interactive "root" shell prompt. The only feedback to know whether the exploit succeeded would be sending commands (e.g. unlock a door), which the victim might notice.

Agreed, this title is amazingly inaccurate.

Agreed, it has nothing new beside the YouTube video demoed a few months ago by exploiting MEMS microphone on voice assistants. The pictures in the paper is hilarious, an oscilloscope showing two Sin waves from the internal calibration source, seriously?

Smarter Every Day has a video demonstrating this technique[1] with the help of one of the researchers involved in this project. I was a little spooked at first, but then I realized that there is no way to point a laser at any of my devices.

[1]: https://www.youtube.com/watch?v=ozIKwGt38LQ

"we show how to use light to obtain control over these devices at distances up to 110 meters"

"Command Selection: ...Purchase a Laser Pointer"

Hilarious example

Making other people buy stuff with laser beams... wait until marketing finds out!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact