Virtual personal assistants can be hijacked by subliminal messages embedded in music

Chinese and US spooks use sound to control AI assistants

Nonetheless, the technology could be used for darker ambitions like unlocking doors, wire money or shop online. However, this latest one is different because it could victimize even the most careful users, as the subliminal voice commands are undetectable to the human ear.

In a new paper (PDF), Nicholas Carlini and David Wagner describe a method to imperceptibly modify an audio file so as to deliver a secret command; the embedded instruction is inaudible to the human ear, so there's no easy way of telling when Alexa might be asked by a hacker to add an item to your Amazon shopping cart, or worse.

Of course companies always deny that they are eavesdropping or recording your conversations, but the fact that our devices are constantly on the lookout for trigger words can be disconcerting for some.

Researchers in China past year demonstrated that ultrasonic transmissions could trigger popular voice assistants such as Siri or Alexa, in a method known as 'DolphinAttack'.


"My assumption is that the malicious people already employ people to do what I do", Carlini told the Times, with the paper adding that, "he was confident that in time he and his colleagues could mount successful adversarial attacks against any smart device system on the market". It's a fair warning to companies designing digital assistant to get out in front of the problem rather than be reactionary.

Apple has additional security features to prevent the HomePod smart speaker from unlocking doors and requires users to provide extra authentication, such as unlocking their iPhone, in order to access sensitive data. For its part, the Federal Communications Commission (FCC) has discouraged the practice, calling it "counter to the public interest".

Similar techniques have been demonstrated using ultrasonic frequencies. The attack first muted the phone so the owner wouldn't hear the system's responses, either. Nearly all of these devices are created to receive and analyze audio, including spoken commands, on a wide range of frequencies, including frequencies inaudible to the human ear.

The researchers have now demonstrated that automatic speech recognition, too, is vulnerable to such attacks. During the Urabana-Champaign, they showed that though commands couldn't yet penetrate walls, they still had the potential to control smart devices through open windows in buildings. The group provided samples of songs where voice commands have been embedded to make digital assistants do specific things, including visiting websites, turning on Global Positioning System, and making phone calls. How device makers respond will differ, especially as they balance security easily of use.

Related News:



Most liked

Lawyer of two Schneiderman accusers asked Trump's fixer Michael Cohen for help
Editor's note: A previous version of this article inaccurately reported that Gleason was Cohen's attorney . Correction: The headline on an earlier version of this story misspelled the name of Eric Schneiderman .

Snapchat is finally reversing the most controversial aspects of its hated redesign
Snap has announced that it has begun rolling out a redesign to its Snapchat app to the " majority " of iOS users. A Change.org petition concerning the update attracted more than 1.2 million signatures from disgruntled users.

Google will soon require OEMs to roll out 'regular' Android security patches
For users who are craving out to run this latest version of Android on their devices, there's some good news for some of you. For example, "I haven't seen you" might be autocompleted to "I haven't seen you in a while and I hope you're doing well".

Man arrested after 'spending the night' in Rihanna's home
LAPD says they received a call shortly after 10am Thursday that a suspicious man was seen walking away from Rihanna's residence. The unidentified subject was reportedly tased while being detained, although it isn't clear what led to a taser being used.

South Korea's Biggest Cryptocurrency Exchange Investigated by Local Police, Market Drops
The startup exchange notably refused to join other South Korean exchanges in support of self-regulation at the end of past year . At the time, there has been nothing from the Upbit side as its representative said they can't answer anything about the seizure.

Detained Filipino diplomats in Kuwait to be freed in 2-3 days
Cayetano arrived in Kuwait on Thursday and will be meeting with Deputy Prime Minister and Foreign Minister H.E. Nevertheless, the secretary believes the misunderstanding between the two countries will soon be settled.

United Kingdom radio to join forces for Mental Health message
Entering grade 12 or going to university is meant to be a liberating experience for a young person, but often it isn't. Youth can experience symptoms differently from those experienced by adults with mental diseases.

Ireland-Pakistan Test Revives World Cup Memories
No nation has won their first Test since Australia beat England in Melbourne 141 years ago - I fancy a crack at that for starters. From here on, more people will pick up the game and more kids will play the game as well.

Restrictions on Pakistani diplomats U.S. will implement in today
The United States has made a decision to impose travel restrictions on and limit the movement of Pakistani diplomats. He has accused the Pakistanis of giving safe haven to terrorists the U.S. is fighting in neighbouring Afghanistan.

Leaving the Iran Nuclear Pact: What Comes Next?
Even America's adversaries like Russian Federation and China joined with the US and its closest allies in sanctioning Iran, . In addition to tearing up the deal, Trump announced a re-imposition - and strengthening - of sanctions against Iran.

Philippines Supreme Court ousts its own chief justice
Her spokesperson, Jojo Lacanilao, in a separate statement said the chief justice has made a decision to take a 15-day "wellness leave".

Apple Watch Series 3 with built-in cellular arrives at 3 Hong Kong
Yes, you have to shell out more to own the Apple Watch Series 3 Cellular . Apple claims that the Watch 3 LTE can offer up to 18-hour battery life.

Ekiti APC primary: Segun Oni tasks election committee, delegates on fairness
Some of the aspirants present include Babafemi Ojudu , Segun Oni, Opeyemi Bamidele, Senator Gbenga Aluko, Hon. He also dismissed the possibility of having a consensus candidate, saying: "We are all going for election".

Fortis Board likely to recommend 'Hero-Burman' bid for shareholders' approval
The Burman Family Office is the private investment arm of the family that owns consumer goods company Dabur India. Manipal-TPG combine and KKR-backed Radiant Life Care had also put in binding bids for Fortis .

PENCE TO MUELLER: It's Time to 'WRAP IT UP'
He also touted how the president's actions helped to create 8,000 new jobs in Elkhart. I think it's time to wrap it up .