Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Google Smart Speakers. Show all posts

'Paranoid' Blocks your Smart Speakers from Spying on you


Smart speakers have proven to be one of the most versatile gadgets of the era, the high-tech AI companions can do everything from playing music to ordering a meal with just the sound of your voice. They come with virtual assistants ready to answer all your queries, other features include reminding you of appointments, telling about the weather and news along with helping you to control your smart home devices.

Amazon's Echo and Google's Nest are two of the widely employed smart speakers. However, these devices also raise security concerns in regard to the voice captured by the speakers but in order to avail services of a voice assistant that as a matter of fact operates on voice commands, you can't block it from listening to your voice.

To make the experience easier and safer, a new device known as 'Paranoid' is made to enter the tech space, it is designed to block your Amazon Echo or Google Home smart speaker from listening to your voice until you say the word, "Paranoid" which is the device's wake word. After saying the word, the gizmo allows your smart speaker to listen.

Another thing to take notice of is the simplicity in the operations of Paranoid, it's extremely easy to use, it simply needs to be connected to the smart speaker in order to block it from spying upon you –meanwhile,  it still allows the speaker to be voice-activated. In order to activate it, all you have to do is to say "Paranoid" every time before you say "Okay, Google!" or "Alexa!"

The device comes in three different variants, The Home Button, Home Wave, and Home Max. It has no antenna, no SIM card slot, no Bluetooth, no Wi-Fi and no kind of wireless capability. As per its website, the makers claim that their device is "hack-proof".

The Home Button is the simplest model, it is placed on Amazon Echo's mute button and presses it manually. The second one, the Home Wave is designed to jam the microphones on your smart speakers and the most sophisticated one, the Home Max requires you to send your Amazon Echo or Google Home Devices to Paranoid headquarters stationed at Edmonton, Alberta. There, experts will attach your speaker's microphone cable to an external Paranoid device by cutting off the original cable. After the completion of the process, your smart speakers will be sent back to your address.

All the three models of Paranoid can be purchased from its official website; the original charges of the device and services are $49, however, as of now it will cost only $39.

"Smart Spies"- Amazon Alexa and Google Home's Voice Assistant Were Vulnerable to a Security Flaw


Alexa and Google Home smart speakers have been vulnerable to a security threat that made eavesdropping, voice phishing and using people's voice cues to deduce passwords possible for hackers. The hack also allowed hackers to befool users in handing out their private data without any knowledge of the same being happening.

In October, security researchers who discovered "Smart Spies" hack and new ways in which Alexa and Google Home smart speakers can be exploited, are now warning about the need to formulate new and effective methods to guard against the eavesdropping hack, reports Threatpost. Notably, no major steps were been taken to ensure protection against these hacks.

SRLabs, a Berlin-based hacking research company, told about the discovery of the vulnerability being made by them earlier this year, they went on reporting it to the concerned organizations, Amazon and Google. Furthermore, in an attempt to demonstrate the exploitation of the flaw, the firm shared a series of videos on Sunday.

As per the reports by CNN Business, Amazon and Google told that the vulnerabilities have been taken care of and likewise the issues have been fixed.

The company "quickly blocked the skill in question and put mitigations in place to prevent and detect this type of skill behavior and reject or take them down when identified," a spokesperson from Amazon told CNN Business.

Addressing the issue, SRLabs states in a blog post, "Alexa and Google Home are powerful, and often useful, listening devices in private environments. The privacy implications of an internet-connected microphone listening in to what you say are further reaching than previously understood."

Experts recommended users to be more mindful of the potentially malignant voice apps that can infect smart speakers, "Using a new voice app should be approached with a similar level of caution as installing a new app on your smartphone."

"To prevent ‘Smart Spies’ attacks, Amazon and Google need to implement better protection, starting with a more thorough review process of third-party Skills and Actions made available in their voice app stores. The voice app review needs to check explicitly for copies of built-in intents. Unpronounceable characters like “�. “ and silent SSML messages should be removed to prevent arbitrary long pauses in the speakers’ output. Suspicious output texts including “password“ deserve particular attention or should be disallowed completely." The blog reads.