Tech & Science: Google and Amazon approved home speaker apps that spied on users - - PressFrom - United Kingdom
  •   
  •   

Tech & Science Google and Amazon approved home speaker apps that spied on users

14:35  21 october  2019
14:35  21 october  2019 Source:   engadget.com

The best smart speakers for 2019

The best smart speakers for 2019 With smart speakers from Amazon, Google and Apple as well as third-party products from the likes of Sonos, we can help you choose from all the exciting options.

All of the malicious apps were were approved by moderation teams, and were only removed when the researchers disclosed the issue to Amazon and Google . Users need to be more aware of the potential of malicious voice apps that abuse their smart speakers . Using a new voice app should be

'smart spies ' in both the Amazon Alexa and Google Home app stores to demonstrate how easily Each was designed to eavesdrop or phish, and each was then approved by Amazon and Google . The Smart Spies skills on Alexa or actions on Google Home were all able to eavesdrop on users

a cup of coffee on a table

Privacy is a hot topic in the realm of smart speakers, from employees listening in on recordings and auditors accessing user locations. Now, another privacy issue regarding speakers has been raised, as security researchers reveal that apps accepted by the Amazon Alexa and Google Home platforms could be used to phish users and to eavesdrop on them.

Researchers from the firm Security Research Labs created the apps, known as Skills for Alexa and Actions for Google Home, which exploited security vulnerabilities to hack devices, as reported by Ars Technica. SRL created several apps for each platform which appeared to be legitimate skills such as a horoscope app, but which actually hid malicious code.

Baidu overtakes Google in global smart speaker market

Baidu overtakes Google in global smart speaker market 3,700-percent growth year-over-year

Patent applications from Amazon and Google revealed their smart speakers are ' spying ' on you. A Google patent application describes using a future release of it smart Home system to monitor The feature is designed to allow users to talk to enabled gadgets to search the web, launch apps and

Google will fix Pixel 4 face unlock issue with 'eyes open' update.

The apps were able to collect personal data including passwords, and also to eavesdrop on users even after they thought that the speaker was no longer listening. This worked by the app giving a fake error message which sounded as if it had closed, while it actually it continued operating and taking down a transcript of everything the user said after that point.

All of the malicious apps were were approved by moderation teams, and were only removed when the researchers disclosed the issue to Amazon and Google. "To prevent 'Smart Spies' attacks, Amazon and Google need to implement better protection, starting with a more thorough review process of third-party Skills and Actions made available in their voice app stores," the SLR researchers concluded.

Google’s betting on SMS 2.0 to get its messaging groove back

Google’s betting on SMS 2.0 to get its messaging groove back Google’s gotten a lot of grief for its messaging strategy, and rightly so. 

The Amazon Echo and Google Home devices have a lot in common then, but they are also some key differences to talk about. Amazon Echo and Google Home speakers do take a slightly different approach to the way their abilities Handled and activated through the Alexa app on smartphones

The Google Home Mini speaker was recording conversations without users knowing. It's not uncommon for companies like Google and Amazon (AMZN) to keep the audio smart speakers "My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw," he wrote on the site.

Both companies say they are now strengthening their processes for reviewing apps, but the prevalence of malicious smartphone apps on platforms like the Google Play Store demonstrates how difficult the task of security vetting apps is.

SLR had advice for smart speaker users as well: "The privacy implications of an internet-connected microphone listening in to what you say are further reaching than previously understood. Users need to be more aware of the potential of malicious voice apps that abuse their smart speakers. Using a new voice app should be approached with a similar level of caution as installing a new app on your smartphone."

Gallery: Best Amazon Alexa compatible devices you can buy today (PocketLint)

  Google and Amazon approved home speaker apps that spied on users

MSN UK is committed to Empowering the Planet and taking urgent action to protect our environment. We’re supporting Friends of the Earth to help solve the climate crisis - please give generously here or find out more about our campaign here.

Your Amazon Echo or Google Home could be fooled by a laser ‘speaking’ words .
Hey Google, Alexa, Siri: pew pew pewThe researchers found that by changing a laser’s intensity to a specific frequency and pointing the laser directly at a smart speaker’s microphone, they could make the microphone interpret the laser as if it were sound, letting them issue a command to the voice assistant powering the device. And it seems like practically every voice assistant may be vulnerable to this vector of attack, as the researchers say they have tested this on Google Home devices, Amazon Alexa devices, and Facebook’s Portal Mini, as well as some smartphones including an iPhone XR, a sixth-generation iPad, a Samsung Galaxy S9, and a Google Pixel 2.

—   Share news in the SOC. Networks

Topical videos:

usr: 0
This is interesting!