back to article Dolphins inspire ultrasonic attacks that pwn smartphones, cars and digital assistants

Voice control is all the rage these days, but a team of Chinese researchers has come up with a way to subvert such systems by taking a trick from the natural world. Apps like Google Assistant and Siri are set to always be listening and ready for action, but shouting into someone else's phone is hardly subtle. So the team from …

  1. Paul

    I always wondered how my Amazon account got hacked and three tons of tuna was ordered to be delivered to Sea Life.. Now I know it was sneaky dolphins hacking Alexa on my smartphone!

    1. DJ Smiley

      So long, and thanks for all the tuna!

    2. Evil Auditor Silver badge

      Tuna? Soon they'll order freakin' lasers. Or magnetic mines.

      1. The Dogs Meevonks Silver badge

        "Tuna? Soon they'll order freakin' lasers. Or magnetic mines."

        Don't be silly... only sharks want the frickin lasers on a nice fashionable head strap.

  2. JJKing
    Joke

    Really?

    Ultrasonic hacking? Why that sounds silly. :-)

    1. Anonymous Coward
      Anonymous Coward

      Re: Really?

      Well the bats are laughing.

      1. Captain DaFt

        Re: Really?

        Well the bats are laughing.

        Laughing at ultrasonic hacking? More like grossed out, I'd say.

  3. Anonymous Coward
    Anonymous Coward

    Thank God ..

    .. I don't use any of these. Not Siri, not Alexa and not any other always on listening software.

    BTW, So the team added an amplifier, ultrasonic transducer and battery to a regular smartphone (total cost in parts around $3): I must have a word with my local electronics shop. Just the battery housing alone would have costed me more than $3.

    1. Ivan Headache

      Re: Thank God ..

      This was in China (with free shipping).

  4. DJ Smiley

    Dialing an number is a great attack

    Steps to execute:

    1. register with dodgy provider of premium rate numbers.

    2. stand in busy shopping center running this.

    3. $$$$$$$

    1. Anonymous Coward Silver badge
      Boffin

      Re: Dialing an number is a great attack

      You forgot step 2.5: plug in an ultrasonic receiver to everyone else's phones.

      That kinda limits the attack surface and removes some of the profit.

      1. Flocke Kroes Silver badge

        Re: Lack of ultrasonic receiver is the problem

        If phones had microphones capable of detecting ultrasound properly it would be easy to add an analogue or digital low pass filter to remove it. Ordinary microphones respond to ultrasound by outputting a signal in the audible range so Alexa, Siri and friends cannot distinguish it from a voice.

      2. Anonymous Coward
        Anonymous Coward

        Re: Dialing an number is a great attack

        @ A/C that's not really A/C

        Go back, read the article.

        They didn't plug a receiver into the smart phone, they plugged an transmitter into a smart phone.

      3. Kevin McMurtrie Silver badge
        Boffin

        Re: Dialing an number is a great attack

        Only extremely high-end amplifiers have good slew rate symmetry between the positive half and negative half of the waveform. Usually one half is significantly faster than the other. When operating beyond the rated frequency response, the amplifier might reproduce the falling edge of a 35 kHz signal much better than the rising edge. This unbalance is a distortion that appears as a new signal. That new signal is the voice saying, "Play song - Never Gonna Give You Up."

        There's another more sophisticated attack using sampling aliasing. If the phone is known to sample at 192kHz, you modulate the voice command at 192kHz too. The sampling beat pattern demodulates back to the voice. It's essentially using the A/D converter like a radio tuner.

        In both cases, the solution is to keep the analog low pass filter far away from the operating limits of the circuitry. (And turn off voice commanding, duh.)

        1. bombastic bob Silver badge
          Boffin

          Re: Dialing an number is a great attack

          "Only extremely high-end amplifiers have good slew rate symmetry between the positive half and negative half of the waveform"

          a simple fix might simply be to use a low pass filter on the microphone...

          but it wouldn't stop a signal that's based on heterodyne effect between two ultrasonic signals. In fact, using a phased array, you could shoot the signal that way for quite some distance...

          /me points out that ANY nonlinearity will create the 'beat' frequency, sometimes known as "intermodulation distortion". So send two ultrasonic signals for which the difference in frequency is "the desired signal". Or get REALLY creative (and highly directional) and use a multi-emitter phased array.

  5. Anonymous Coward
    Joke

    Sonic smartphone ?

    Don't give the writers for "Doctor Who" any ideas...

    The glasses where bad enough...

  6. LeoP

    I knew why ...

    ... I don't want a Siri, Alexa, Cortana, Blubba-Blubba or Listeny-Spyme even before that.

    Who the ***************** thought this would be a good idea anyway? Hint: Starship Enterprise assumes the benevolence of all with an authorized voice. An authorized voice that ist.

  7. Anonymous Coward
    Anonymous Coward

    Groundhog Day is with us again

    Didn't El Reg just run a report on exactly the same attack with exactly the same conclusions, except published by a group from Princeton?

    God, these copycats are not meowing around!

    1. Oh Bother

      Re: Groundhog Day is with us again

      This one is an evolution of the attack mentioned in the previous article.

      From said article:

      "Also, the attack was conducted with a dedicated speaker – not the sort of thing one can sneak into a room easily – and it hasn't been demonstrated using a mobile phone as a sound source."

      $3 worth of simple to hide hardware makes this attack much more feasible.

      1. John Smith 19 Gold badge
        Unhappy

        "$3 worth of simple to hide hardware makes this attack much more feasible."

        As others commented at the time.

        A regular phone speaker was probably not up to the job,

        Turns out the kit needed to do it was a piece of p**s to build.

        And noise cancelling multiple microphones on the target device makes it easier as well.

  8. frank ly

    Why?

    Why are these microphones and audio processiong circuits made so that they respond to ultrasonic signals?

    Why do the voice recognition algorithms respond to ultrasonic range voices?

    I thought it was a generally understood principle that you filtered out any 'out of band' energy at an early stage.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why?

      Why are these microphones and audio processiong circuits made so that they respond to ultrasonic signals?

      1 - they're using harmonics, which could be in vocal range;

      2 - surely you're not advocating discrimination against people with squeaky voices?

      :)

      1. inmypjs Silver badge

        Re: Why?

        "they're using harmonics"

        Harmonics are multiples of a fundamental frequency. An ultrasonic frequency has no harmonics in the audible or 'vocal' range.

        They claim they utilise non-linearity in the microphone/electronics. I suppose it is possible for a loud modulated ultrasonic sound to be demodulated by the non-linearity making the phone 'hear' and audio signal that isn't really there.

        I would have thought aliasing with the phone sample rate was a more likely attack mechanism but I can't be bothered to look at the paper.

        1. bombastic bob Silver badge
          Boffin

          Re: Why?

          "They claim they utilise non-linearity in the microphone/electronics. I suppose it is possible for a loud modulated ultrasonic sound to be demodulated by the non-linearity making the phone 'hear' and audio signal that isn't really there."

          that would be the 'heterodyne' effect.

          https://en.wikipedia.org/wiki/Heterodyne

          and also there's this, for digital sampling:

          https://en.wikipedia.org/wiki/Nyquist%E2%80%93Shannon_sampling_theorem

          The Nyquist frequency is the maximum frequency above which (in an analog to digital converter) you get an "artifact" of some kind instead of a usable signal. Knowing the Nyquist frequency of the phone would give you the ability to generate targeted artifacts and thereby an actual signal, because of the digital sampling itself. Normally an A:D will have a low pass filter to prevent this, however, unless it was designed by a complete idiot or someone who was trying to make it "as cheap as possible".

          Note that "nonlinearity" is one of the requirements for heterodyning to work...

          also should mention this:

          https://en.wikipedia.org/wiki/Intermodulation

          1. inmypjs Silver badge

            Re: Why?

            "that would be the 'heterodyne' effect."

            No it wouldn't. Heterodyne requires multiplying of two signals the result containing components at the sum and difference of the signal frequencies.

            Sampling produces a heterodyne effect the sampling process effectively multiplying the sampled signal by a signal of the sample frequency. The sum component can't be represented in the output the difference components are know as aliases. There are further aliases at harmonics of the sample frequency.

            Feeding 1, 21, and 23kHz into an ADC sampling at 22kHz will all produce a pure 1kHz output.

    2. The Indomitable Gall

      Re: Why?

      The key concept in the article is "non-linearity" -- in the oversimplified version, things don't act as you'd expect.

      Sound does many, many funky things. If you expose a computer microphone to a sound above the frequency your computer can sample, it creates interference patterns at a lower frequency, within the audible range.

      Now, if your target has active noise-cancelling circuitry, it's designed to detect and remove frequencies acting in predictable ways, and enhance short-lived sounds in the frequency range of human speech. The hack is mindboggling in the mathematics involved, but the underlying principles (lost harmonics, ghost signals etc) are all well-established.

      Suffice it to say that you couldn't do this with analogue electronics -- computer processing is most definitely required.

  9. chivo243 Silver badge

    Did the dolphin say

    Fa love pa?

  10. Richard Gray 1
    Devil

    Advice from the Great Sir Terry Pratchett

    "Never trust a species that smiles all the time, they are up to something"

  11. Anonymous South African Coward Bronze badge
    Trollface

    Excellent.

    So now I can have the Boss's phone surf pr0nz when in a boredroom meeting...

    wonder if Simon will make use of this nifty feature...

    1. The Indomitable Gall

      Does the boss use an HDMI adaptor to display presentations from his phone...?

      1. Anonymous Coward
        Anonymous Coward

        Does the boss use an HDMI adaptor to display presentations from his phone...?

        Good heavens man, we're in the 21st century. We need no stinkin' cables to show something, it can all be done wirelessly. It would be fun if you could hide the name of the originating phone because it means everyone will be aware by the time you reach the boss' one (just planning ahead here) :).

  12. Anonymous Coward
    Anonymous Coward

    Re. audio

    I wonder if the same approach can be used to *TURN OFF* annoying phones in cinemas?

    Extra bonus points if it does this without alerting the luser(s)

    1. Anonymous Coward
      Anonymous Coward

      Re: Re. audio

      In this context it's worth noting that the size of most soft drink cups rather nicely accommodates a whole phone. I'm not suggesting anything here, merely observing ..

      :)

      1. Anonymous Coward
        Anonymous Coward

        RE. Re: Re. audio

        Even more bonus points if the phone isn't a waterproof model.

        But there is a bonus package of goodies waiting for someone who can make this work, capable of turning off most if not all (generous, 60%) of phones used frequently.

        Must be posted on a public forum (eg Hackaday) and verified to work by an independent third party.

  13. Gnosis_Carmot

    Wouldn't a group of teenage girls be able to do the same?

    Wouldn't a group of teenage girls be able to do the same?

  14. Prst. V.Jeltz Silver badge
    Boffin

    top tip - you can use a similar technique to test your remote control batterys - simply look at the IR signal through your phone camera screen.

  15. Aodhhan

    Guess this explains the long line of dolphins, bats and dogs outside the Apple store.

    1. Prst. V.Jeltz Silver badge
      Coat

      mainly sheep

  16. steelpillow Silver badge
    Boffin

    Fixes

    There is a simple fix, but it costs a few pennies and takes up a little space: filter out the ultrasonics before digitising. An analog filter can take the form of a physical muffler or, depending on your mic technology, a low-pass filter circuit.

    There is another, more complex fix: use multiple digital mics, clock each at a slightly different sample rate and compare their audio outputs. Any significant difference can be reverse-processed back out to recover the true audio common to all the mics. The main engineering annoyances are the multiple sample clocks and the processing overhead in recovering the true signal.

    1. James O'Shea

      Re: Fixes

      There's a much simpler fix, which costs $0.00, and which I have already implemented.: turn Siri off. It's simple that even a vice president can do it. Tap 'Settings', tap 'Siri', make sure that it's off. Problem done. I implemented this fix the very first day I got an iPhone with Siri.

      1. Rich 11

        Re: Fixes

        It's simple that even a vice president can do it.

        Only because he thought Siri was a real woman and he couldn't be trusted to be left alone in a room with her.

  17. Captain Boing

    Dolphin in (Insert Point of Presence) Pwns Smart Tech With This One Weird Old Trick

    <ignores article>

  18. Sherrie Ludwig

    Firsts thing I did when I HAD to get an iPad for work: I throttled the bitch Siri.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon