Hackers Can Turn Amazon Echo Into a Covert Listening Device (helpnetsecurity.com)

← Back to Stories (view on slashdot.org)

Hackers Can Turn Amazon Echo Into a Covert Listening Device (helpnetsecurity.com)

Posted by BeauHD on Tuesday August 1, 2017 @10:40AM from the always-listening dept.

Orome1 shares a report from Help Net Security: New research released by MWR InfoSecurity reveals how attackers can compromise the Amazon Echo and turn it into a covert listening device, without affecting its overall functionality. Found to be susceptible to a physical attack, which allows an attacker to gain a root shell on the Linux Operating Systems and install malware, the Amazon Echo would enable hackers to covertly monitor and listen in on users and steal private data without their permission or knowledge. By removing the rubber base at the bottom of the Amazon Echo, the research team could access the 18 debug pads and directly boot into the firmware of the device, via an external SD card, and install persistent malware without leaving any physical evidence of tampering. This gained them remote root shell access and enabled them to access the "always listening" microphones. Following a full examination of the process running on the device and the associated scripts, MWR's researchers investigated how the audio media was being passed and buffered between the processes and the tools used to do so. Then they developed scripts that leveraged tools embedded on the device to stream the microphone audio to a remote server without affecting the functionality of the device itself. The raw data was then sampled via a remote device, where a decision could then be made as to play it out of the speakers on the remote device or save the audio as a WAV file. The vulnerability has been confirmed to affect the 2015 and 2016 editions of the device. The 2017 edition of the Amazon Echo is not vulnerable to this physical attack. The smaller Amazon Dot model also does not carry the vulnerability. More technical details can be found here.

21 of 114 comments (clear)

Min score:

Reason:

Sort:

News! by Ol+Olsoc · 2017-08-01 10:42 · Score: 5, Insightful

This is like saying that hackers can turn a car into a transportation device.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
1. Re:News! by Daetrin · 2017-08-01 10:47 · Score: 4, Informative
  
  I'm shocked. Shocked i tell you. This is my shocked face. For some reason it looks very similar to my sarcasm face.
  
  --
  This Space Intentionally Left Blank
2. Re:News! by ShanghaiBill · 2017-08-01 11:05 · Score: 5, Insightful
  
  The "hack" described in TFA requires physical access to the device. Anything can be compromised by someone with physical access. For instance, I can "hack" the smart-lock on your front door with my sledgehammer.
3. Re:News! by WolfgangVL · 2017-08-01 11:55 · Score: 2
  
  If YOU made a time machine, would YOU tell anybody?
  DIDN'T THINK SO.
  
  --
  You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
4. Re:News! by Orgasmatron · 2017-08-01 14:29 · Score: 2
  
  The key word isn't "listening device", it is "covert". Hackers can turn an overt listening device into a covert listening device. Kinda like how Android malware can turn your Google/AT&T spying device into a Google/AT&T/other spying device.
  
  --
  See that "Preview" button?
5. Re:News! by Ol+Olsoc · 2017-08-01 15:16 · Score: 2
  
  The key word isn't "listening device", it is "covert". Hackers can turn an overt listening device into a covert listening device. Kinda like how Android malware can turn your Google/AT&T spying device into a Google/AT&T/other spying device.
  The keyword isn't covert. It is that the device listens, and as a part of the security lacking Internet of things someone or many people out there simply are listening to it. I don't give a damn if you call it onomatopoeia, the gaddamned thing is listening in all the time. And the utter naivety to think that the only people who are listening to it is Amazon is charming, but so wrong. Maybe that isn't a big deal for many people.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
6. Re:News! by Buchenskjoll · 2017-08-01 20:17 · Score: 2, Funny
  
  Of course I would. And every time I would say "I told you so yesterday!", and then go back and do it.
  
  --
  -- Make America hate again!
7. Re:News! by drinkypoo · 2017-08-02 05:28 · Score: 2
  
  I completely, and deeply, disagree, at least on any device that manages sensitive user information.
  Security through obscurity is not security. It's false.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Holy Possessed Toaster (talkie anyone) by brokenin2 · 2017-08-01 10:48 · Score: 4, Insightful

How many average consumer devices can't be compromised with physical access to the hardware?
Couldn't someone also just plant a bug in the thing (or somewhere else in your house) and listen to you that way?
In what world is this news?
Why buy this crap? by DatbeDank · 2017-08-01 10:48 · Score: 4, Insightful

Always listening device,
Who in their right mind thought these tools would be useful to a consumer? Are people out there really that dense to think that a device like this isn't sending every waking minute of their lives to some spook at the NSA?
Every time I hear someone go on and on about how the "Internet of Things" is the next great land rush, I laugh. The sooner this and 360 VR die the better.
1. Re:Why buy this crap? by Woldscum · 2017-08-01 11:22 · Score: 2
  
  AND on top of it they are getting you to PAY for it. Tom Sawyer and whitewashing the fence all over again.
2. Re:Why buy this crap? by Ksevio · 2017-08-02 04:08 · Score: 2
  
  Are people out there really that dense to think that a device like this isn't sending every waking minute of their lives to some spook at the NSA?
  For a tech site, you wouldn't expect questions like that. I have one, it's handy for asking questions, controlling the lights and stuff.
  
  I also have monitored the traffic from it and there's nothing significant until you say the wake word. Might as well be afraid of your toaster sending data to the NSA.
It is going to be more interesting ... by basicprimitives · 2017-08-01 10:58 · Score: 2

If hackers turn all mobile phones into global echolocation surveillance system, that is going to be way more interesting. Do you ever ask yourself how google gets information about traffic jams? Every mobile phone is being tracked. What is the point to hack Amazon Echo when we have mobile phone in every pocket?
1. Re:It is going to be more interesting ... by markdavis · 2017-08-01 12:14 · Score: 2
  
  >"Only phones that have opened google maps and told it to get their location are tracked for traffic. Pretty easy to avoid that."
  Actually, that is not true. A lot of the traffic information comes from the cell companies which track all the phones BY NECESSITY and then sell that information (supposedly ananoymized) to third parties. I know that Sprint does it, and I doubt they are alone. They don't tell you and don't ask your permission. If your phone is on and the mobile radio is on, you ARE being tracked.
Once again by NEDHead · 2017-08-01 11:07 · Score: 4, Interesting

Star Trek had it right. First you poke the button on the communicator, then it listens...
1. Re:Once again by freeze128 · 2017-08-01 11:22 · Score: 2
  
  Button press unnecessary when on board the Enterprise.
2. Re:Once again by AmiMoJo · 2017-08-01 23:48 · Score: 3
  
  Star Trek seemed to have really strong privacy protections. Clearly they could record everything all the time, but chose not to. When investigation was required there was never any CCTV from the ship, or voice recordings made by the computer.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
From the institute of by Snotnose · 2017-08-01 11:19 · Score: 2

No Shit Sherlock.

Back in '90 or I was sysadmin when we got a bunch of personal Sun workstations. These all had microphones on them, Usenet soon told me how to turn the mic on and record to a local file. Went to my boss, told him we needed to open up every box and cut a wire. He was all like "um, no, not gonna happen". Told him to wait 5 minutes, then call someone and talk for a minute or two. Went into his office, played back the audio file I'd recorded of his conversation, spent the next few hours opening up brand spanking new Sun workstations to cut a wire.

Why yes, I do have black tape over the camera on my laptop. Why do you ask?
"Turn"? by Dialecticus · 2017-08-01 11:27 · Score: 2

You mean from an overt listening device? You could do that just by throwing a towel over it.
Re:People blowing this off need to consider .... by Rick+Schumann · 2017-08-01 11:29 · Score: 2

It could be compromised before the box even arrives at your house. For that matter it could even be compromised before it leaves the factory.
Re:People blowing this off need to consider .... by markdavis · 2017-08-01 12:09 · Score: 3, Insightful

>"It could be compromised before the box even arrives at your house. For that matter it could even be compromised before it leaves the factory."
It might even be DESIGNED compromised with built-in back doors for three letter agencies or whatever.