Attackers can secretly call from smartphones or manage smart columns.
A group of scientists from the University of California, Berkeley showed how you can manage the voice assistants Siri, Alexa and Google Assistant with sounds that are not audible to a person. The study was published in The New York Times.
The researchers noted that voice assistants interpret the sounds heard, distinguish letters and make sentences. Thanks to this, they can be given commands with sounds that do not hear the human ear. They can be encrypted in YouTube videos, inserted into songs or made as background noise.
For example, they can force a smartphone to dial a number or transfer money, and an “intelligent” column – to include a song, open the door or start a dictaphone. According to scientists, this will be used by intruders to remotely break into other people’s devices.
In Google and Amazon said that they constantly improve the system of speech recognition and noted that assistants understand the command only from people. Apple added that owners of the Homepod column will have to unlock the iPad or iPhone to manage applications using voice.
As noted researchers from Princeton University and Zhejiang University showed a similar vulnerability in 2017. DolphinAttack technology allows you to control voice assistants with noises that do not distinguish the human ear. According to the US law, it is not forbidden to transfer the command to the cars from a distance.