nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Is it possible to control Amazon Alexa, Google Now using inaudible commands? Absolutely

Coat

Cocaine noodles, add five Amazon Echo Dots to my shopping list. And some monkeys.

27
0
Silver badge

Don't the assistants reply loud and clear whenever you give them an order?

2
0
Silver badge
Gimp

Not when you order a ball-gag.

31
0
Silver badge
Coat

"OK, Google. Add cocaine noodles to my shopping list"

...

"Honest, guv'ner, I was simply tellin' this microphone thingie over 'ere to add some noodles to me shoppin' list. I don't know how this package of cocaine appeared on me doorstep!"

7
0
Bronze badge

Amazon now?

What does Amazon deliver when you say

"Cocaine noodles"?

Could seriously revolutionise the drug industry. The next Pablo Esteban is probably coding the drug über meets echo app as we speak (unless it's already here and I'm hugely out of touch with how things are done now days).

All delivered by drone of course.

13
0
TRT
Silver badge

Re: What does Amazon deliver...?

Amphetabetti-spaghetti.

31
0
Silver badge

Re: Amazon now?

"All delivered by drone of course."
Presumably on credit. Then you get the demand to pay up in 24 hours or have your kneecaps rearranged.

13
0
Silver badge
Coat

Re: What does Amazon deliver...?

Which is of course better than the Google equivalent of Alphabet-Spaghetti ..

4
0
Anonymous Coward

Sounds reasonable

On one of my computers, (an Asus Flipbook), Cortana wakes up and starts recording when I say "toilet paper". I'll let you wits take it from there.

7
0
Silver badge

Re: Sounds reasonable

This already exists. Trouble is that they charge you for the device.

2
0
Anonymous Coward

Re: Sounds reasonable

Not surprising. Yesterday I asked Alexa to give me the weather. The Dot in the bedroom 10m away (through a doorway, round corners) started playing Amy Grant and the Echo a few feet in front of me said it didn't know of a town called "burning".

0
0
Silver badge
Coat

Re: Sounds reasonable

"Cortana wakes up and starts recording when I say "toilet paper"."

and states: "Wiping Windows 10..."

1
0
Silver badge

Coke & Noodles

Calls the police on the basis you are planning to create an IED.

https://www.youtube.com/watch?v=l1teigkajYk

1
0
Silver badge

Re: Coke & Noodles

Wouldn't that have the same effect as eating taco bell and coke ?

1
0

Just tested cocaine noodles on my OP5 and there was no reaction , OK google was instant though.

2
0
Silver badge
Joke

You just ordered oodles of cocaine. We will fulfil once we've hired a truck for your delivery. Is it OK to drop it in your driveway? When someone orders oodles of sand for a building project, we do that.

0
0
Gold badge

An ingenius attack, but presumably now that the method has been disclosed it is fairly easy to defeat it with a low-pass filter on the microphone. (Arguably, there should already be one there on the principle that one should always sanitise inputs before processing.)

17
1
Silver badge

Re: low-pass filter on the microphone.

Not so simple if it's the electret capsule. A little easier if it's the FET (need new design of capsule as FET is internal). If it's simply aliasing type "mixing" (Fin - Fsample), then you need a pretty good low pass filter as a simple R C will be defeated by simply more volume. OTOH, if it's aliasing, then sampling at 96kHz and DSP filter is very effective as it's very hard to generate above 48kHz (the nyquist frequency for 96kHz).

3
0
Silver badge

it is fairly easy to defeat it with a low-pass filter on the microphone.

Now try convincing let's say Google or Amazon to add it to their designs. If you are wondering why they are so reluctant to do so, I suggest running a spectrum analyzer on the audio section of the next TV advert. You will stop wondering when you notice the amount of "interesting" stuff in the higher frequencies.

4
1
Anonymous Coward

... l it is fairly easy to defeat it with a low-pass filter on the microphone ...

You can certainly try to defend against it, but you can't fully protect yourself against an attack of this type. The fourier-aliasing attack aside, any sufficiently loud noise will generate harmonics and sub-harmonics if the microphone has an even slightly non-linear response somewhere within the signal's spectrum. You can do it with the ultrasound as in this report; you can do it with infrasound, or you can do it with a sharp whistle. The ultrasound case is dead easy, as you are relying on the lowest-order non-linearity, and use your microphone to generate a difference frequency of two high-frequency signals. The last two are harder to control to produce the desired output signal, since you are relying on higher-order non-linearities - but still easy enough if you have access to the same hardware the target has.

Depending on where they are placed, low-pass and band-pass filters may defend against the attack (if they are placed before the non-linear element), or they can facilitate it: if the filter is placed after the non-linear element, it will cut the abnormally-strong signal at the unexpected frequency, so that you'll never know anything was wrong in the first place. The already-generated harmonics will just pass through ...

The only sure-fire defence is to completely cut the output if the input at any frequency (measured as early as possible in the device) exceeds the design limits. Naturally, this defence immediately becomes a denial-of-service vulnerability, and so it goes.

4
0
Silver badge

Many of the non-linear elements are mechanical, not electronic. A filter to defeat it would have to be an acoustic filter rather than circuitry. A big wad of felt, or something. Unlikely to get added.

2
0

Re: low-pass filter on the microphone.

These products have MEMS microphones, which are mechanically very linear out towards 100 kHz. It's more likely to be the digitisation process with limited filtering. Sampling at the higher rate is the best solution, as you write, but at the expense of power consumption for the phone.

0
0
Boffin

"suggest running a spectrum analyzer on the audio section of the next TV advert"

Yep, it's done to wake up your tablets and phones, they can pick up the audio and that allows the ad-men to do more tracking by looking for the number of "callbacks"!

Easy answer? Stop watching TV as it's full of shite any way! Ha ha!

2
0
Silver badge

"Naturally, this defence immediately becomes a denial-of-service vulnerability, and so it goes."

On the plus side, disabling voice-activated IoT nonsense may well be considered a feature, not a bug.

0
0
o p

for images too

There is a serie a "déception challenges" on kaggle like this one:

https://www.kaggle.com/c/nips-2017-non-targeted-adversarial-attack

You have to modify an image so that a human won't notice the difference but certain classifiers will be fooled.

But deep learning is not the only victim. For ages english people ask me about the kind of "messages" i am looking for or to repeat some Peter Sellers lines..

4
0
Silver badge

Cocaine noodles

Isn't that top ramien and red bull ?

1
0
Silver badge
Joke

Personally I would be more worried about :

Audible commands...

2
0
Thumb Up

Alexa, buy me a Rolex. Confirm purchase!

Is the first thing I say when I walk into anyone's living room.

On my fifth watch now, but don't get invited out much any more.

10
0
Silver badge

Re: Alexa, buy me a Rolex. Confirm purchase!

Is this your way of sticking your oar in?

http://www.fyneboatkits.co.uk/photos/products/rowlocks/bronze-open-rowlocks-sockets.jpg

For some reason there's a big increase in popularity of these kits (the 12" version is the most popular for some reason):-

https://images-na.ssl-images-amazon.com/images/I/31krlxYXLhL._SX300_.jpg

2
0
Bronze badge

People who read this

have also looked for:

"how to make sure the auto-playing videos embedded on my site cannot be blocked."

9
0
Gold badge
Unhappy

This is one of those things you see and think "That's got to be bu***hit"

And yet it isn't. :-(

Fortunately it's probably impossible to pull off with the standard speaks on a regular phone due to the crappy bandwidth they have.

OTOH Bluetooth it to a custom device and it could still be quite small but still create a lot of mayhem...

2
1

I'm surprised Song didn't try singing to it.

Alexa, get me coat.

4
0
Silver badge

This shit will not end well

This shit will not end well and we'll be lucky to live through it.

(referring to the never ending incredible mistakes being make regularly by computer companies)

4
1
Bronze badge

Microphone

The only microphone I have turned on lately is one that intentionally records other sounds. I am using it to answer scammers that ask for your e-mail address.

The nice little Olympus voice recorder then replies:

Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...Gonads are useful for their purpose but they are no substitute for brains...

2
0
Bronze badge

Re: Microphone

I have slightly changed my sound wave. I am sending a sound sequence calculated to possibly induce epilepsy like some video games. This is a bit of a hobby for a while since it doesn't cost me anything to send this. I am waiting to see if they change the scam greeting again. The first time the greeting was half an hour long. The next morning they shortened it to 1 minute.

I can also confuse them because I have more than one phone number. The one I am using is not listed and does not accept incoming. It is also a dumb phone on the net. The people that supply my line think this is hilarious. But then they are students (summer job) from the university where I am working.

0
0
Anonymous Coward

at a frequency outside of the range of human hearing

It's time to release the flock of specially trained bats!

2
0

Re: at a frequency outside of the range of human hearing

Funnily enough, the collective noun for a flying group of bats is "cloud".

8
0
Anonymous Coward

Re: at a frequency outside of the range of human hearing

And if they counter with a sound that's at the resonance frequency of their skulls?

2
0
Silver badge

But can I actually get cocaine noodles ?

2
0
Bronze badge

But can I actually get cocaine noodles ?

Cocaine Noodles

More Cocaine Noodles

Addictive Noodles

1
0
Bronze badge

But can I actually get cocaine noodles ?

Buy them here for 1 dollar

Cocaine

She don't lie, she don't lie, she don't lie... Propane

3
0
Silver badge

And El reg commentators never disappoint.

1
0

"not the sort of thing one can sneak into a room easily"

https://www.amazon.co.uk/20Vrms-Ultrasonic-Transducer-Sensor-Detector/dp/B00P0BD6PA

https://www.amazon.co.uk/MakerHawk-NodeMcu-Development-ESP8266-ESP-12F/dp/B071S8MWTY

https://www.amazon.co.uk/Value-Charger-Adapter-Quadcopter-XC317/dp/B01F6YUGLW

https://www.amazon.co.uk/XCSOURCE-Battery-Lithium-Charging-TE668/dp/B01N2Z24VL

I'm sure this would be difficult to sneak into a room. It must be all the size of a moderately voluminous matchbox.

0
0
Silver badge

Got my first android phone the other week.

Spent a nice sunny morning on the balcony playing with all the settings including disabling the Google App's access to absolutely everything it had disable options for!

1
0

Re: Got my first android phone the other week.

A lot of the time those apps simply go dormant in the foreground but the services stay active in the background. You really want to do it properly look for Google free clean builds from sites likes XDA and flash your phone without any of the Google shit in there in the first place, the only way to be sure the services never even got installed let alone started.

0
0
Bronze badge

An old echnique brought up to date

The composer Fredrick Chopin exploited an effect like this in some of his compositions. He didn't use intermodulation distortion but the beat effects of many notes played at speed to give the subjective impression of another part being played inside the piece. (Needless to say you need to have rather good technique to achieve this -- you're more likely to hear it on a decent recording of something like his Etudes.)

3
0
Silver badge
WTF?

These digital assistant thingies

Why?

Just why?

5
0
Anonymous Coward

Re: These digital assistant thingies

Oh I dunno, audio control over your music and ebooks is good enough for me. Oh, and alarms and timers.

2
0
Silver badge

Re: These digital assistant thingies

No need to stay anonymous, we use ours a lot too, so much so we added three dots to the echo we got to celebrate the birthday of baby jesus last year.

Anything it can't find on amazon music (I hit maybe three songs a week that it wants me to upgrade to the premium music jobby for) I just ensure there's a copy on my plex server and it can then pull it from there (it does this automatically if the song is already present in any of my music libraries it can see including online services like spotify.

We've found we use the timer a hell of a lot, the DAB radio only gets turned on for the odd sporting event now (i'm a football fan, not popular around these parts I know) all other radio and music is now consumed via either a dot and a decent speaker, or the echo unit.

We (like many people I think) have disabled the ability for it to buy anything in the settings. This wasn't hidden and wasn't hard. It can still buy media, so the worst I could be stiffed for is a terrible album/song i'd never be forced to listen to.

We use it to build the shopping list for the families needs (it presents this list on the relevant app on your phone, or will yell it at you in the house) meaning whoever it as whatever shop can see what we need, grab it and remove it from the list.

It's not like the thing was a fortune, and it's not like you have to use it or leave it plugged in, but we do and we do. It cost no more than a reasonable compact speaker that doesn't have the other functionality, and we've found we use that functionality a lot. Great bit of kit.

1
0

Devices need to roll out tech like Alexa's Wake Word Verification: https://goo.gl/UmWPbb

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing