An international team of experts has proved that Amazon’s Alexa, Apple’s Siri, and Google assistant can be hacked by throwing a laser pointer on microphones of the devices. Experts have said that dubbed light commands remotely enable hackers to send inaudible and invisible commands to the voice assistants. Laser pointers target the Micro Electro Mechanical System of the device and make it respond to light as if it was sound. As per the study, hackers can easily send sounds into the microphone by modulating the amplitude of the laser light. The authors of the study threw laser light to hijack the voice assistants at distances up to 110 meters. Intruders need to have a clear view of the target along with specialized equipment and expertise to hack the voice assistants with the laser.
Authors have argued that user authentication on these voice assistants is almost non-existent. The study has revealed some of the shocking truth behind the safety of these voice assistants. Tech scholars said that through sound injected light beam, hackers could easily unlock the user’s smart lock protected front gate, locate, and start vehicles and shop on websites at the user’s expense. Hackers are also able to target the user’s Google account by hacking voice assistants. Experts have shared these findings with Amazon, Apple, Tesla, Ford, and Google. They have also contacted security teams of ICS-FERT and FDA.
Amazon has quickly responded to the rising concern and said that the company is reviewing the findings of the study. The officials of the company said that the privacy and security of the customers is their top priority and they are devising ways to improve the security of the devices. There had been many security concerns around voice assistants in the past. Amazon’s popular Echo device faced a lot of criticism over its handling of user data. Considering the security issues of its devices, Amazon has recently rolled out a new Auto Delete feature, which gives users better control over stored voice recordings in their Alexa devices. As per Amazon, users can set up voice pins to keep their data safe. Apple, Tesla, and Ford have not yet responded to new security concerns.