I Alexa bug let hackers turn into covert listening device

Amazon Echo speakers listen out for the word “Alexa”, the name of its voice assistant, before completing a command, like “Alexa, read tell me today’s news”. Any interaction with Alexa is recorded to improve the service, but once the command is finished, Alexa stops recording.

But security researchers from Checkmarx developed an Alexa Skill that would have been an Echo user’s worst nightmare. The Skill, a voice app that can be installed on an Echo speaker, would keep Alexa listening long after it should have switched itself off and automatically transcribe what it hears for an attacker.

When an Alexa skill completes its task it is supposed to stop listening. However, sometimes Alexa doesn’t hear a command correctly, which will lead the Echo to ask for the user to repeat it. This “re-prompt” feature could be exploited, the researchers found, and be programmed to carry on listening, while muting Alexa’s responses.

FOLLOW THE LINK FOR THE FULL REPORT – JR

https://www.yahoo.com/news/amazon-alexa-bug-let-hackers-104609600.html

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s