Slashdot Mirror

← Back to Stories (view on slashdot.org)

Radio Waves Can Be Used To Hijack Androids and iPhones Via Siri and Google Now

Posted by timothy on from the at-that-range-you-could-use-a-knife dept.

An anonymous reader writes: Two French researchers have discovered a way to use the Siri and Google Now voice assistant software to relay malicious commands to smartphones without the user's consent or knowledge. This method relies on a special hardware rig that can send radio waves to smartphones with earphones plugged into them. The radio waves get picked up by the earphone cable, get transformed into electrical signals and then to software commands. The research is accompanied by a YouTube video as well. Note that this attack, as the article explains, so far relies on some bulky dedicated equipment, and on the attacker being close to the system he wants to disrupt.

2 of 49 comments (clear)

  1. Re:Bad headline by Anonymous Coward · · Score: 1, Funny

    This attack is a good example of why I never wear headphones when listening to music on my phone. I just blare my music instead, which might annoy some people around me but actually I am doing them a favor by exposing them to culture and expanding their horizons. And anyway it is obviously the ONLY thing I can do to stay safe from this attack....so.....

  2. Time for... by fyngyrz · · Score: 1, Funny

    Time for an aftermarket add-on that goes in the phone jack that contains a low pass filter. Inductors, capacitors, pcb, input jack, output spike/plug, case.

    If the paranoia grows sufficiently (or the threat actually does), it could be quite a moneymaker. You could probably sell a bunch at a premium to the various TLAs either way, as some of them are what one could reasonably describe as "professionally paranoid."

    Fancy ones could have a LED that lights up using the shunted RF energy. A LED! Imagine that!

    Or you could build in a thingy that wraps around the phone case over to right next to the camera, and when the LED goes off, it could be detected by the camera, and the phone could vibrate. No, wait, that means someone might be able to remotely sex you up. That's no good.

    Really fancy ones could have a LED that lights in the infrared band, so no one could see it but the owner, using some fancy active spy/eyeglasses. Well, and the guy with the infrared scope on his sniper rifle. So perhaps not. :)

    Of course, the business model will fall flat on its face when iPhone X / Android hardware X comes out with said RFI filtering built-in. and a detection that can drive the LED, an app, etc.

    Ok, look. Let's just get rid of this researcher so This Can Never Happen Again*

    -------------

    * All due respect to South Park's 2D inhabitants and their observatory-destroying ways

    ** No need to thank me, I plan to continue to use my engineering design chops to secure the Safety Of Our Nation.

    *** JFC, now I can't get my tongue out of my cheek. This getting old shite is getting old.

    --
    I've fallen off your lawn, and I can't get up.