X10 Community Forum

💬General Category => General Discussion => Topic started by: dhouston on November 04, 2019, 03:29:57 PM

Title: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 04, 2019, 03:29:57 PM
https://lightcommands.com/ (https://lightcommands.com/)
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: brobin on November 08, 2019, 10:41:17 PM
139 years ago our good friend Alexander Graham Bell did essentially the same thing with his Photophone invention.  History repeats itself.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: HA Dave on November 08, 2019, 10:58:01 PM
https://lightcommands.com/ (https://lightcommands.com/)

Totally 100% true! I like where it reads:   "As an example, in our paper we show how an attacker can use light-injected voice commands to unlock the victim's smart-lock protected home doors"

Of course... this is all impractical. And that's why it's never been done. And it never will be. But it can be fun to read about.

However... the world does have very real risks (like getting robbed in a parking lot). I know a lot of people who carry concealed weapons to defend themselves against such risks. It's all a calculation... best done using math... instead of emotions. 
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 09, 2019, 08:07:28 AM
139 years ago our good friend Alexander Graham Bell did essentially the same thing with his Photophone invention.  History repeats itself.
But he wasn't hacking an iPhone.  ;)
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: beelocks on November 09, 2019, 09:28:28 AM
I live in New Hampshire. The easiest way through a window to open a door is pick up a nearby rock and sling it through a window. Hi-tech entry is gained with a hammer :)
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: HA Dave on November 10, 2019, 10:03:46 AM
I live in New Hampshire. The easiest way through a window to open a door is pick up a nearby rock and sling it through a window. Hi-tech entry is gained with a hammer :)

Here in Ohio... burglars have learned to use welcome mats and patio furniture to bust open windows. Or... their trade-tools, as many serious robberies are committed (around here) by workers who became addicted to cocaine or meth. I haven't heard of ANY burglar ANYWHERE with the skills to operate a "Laser-Based Audio Injection System" as described in the theoretical paper (linked to by the OP).

The current POPULAR way to rob people around here involves watching the delivery trucks. Old people particularly.... fail to monitor their doors with cameras. PLUS older people often receive medications that addicts find desirable for both use and resale. So the thief's merely run up to the door and grab the package... and they're gone. Easy Peasy (and no hi-tech laser set-ups involved).
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: brobin on November 10, 2019, 12:32:53 PM

[/quote]
But he wasn't hacking an iPhone.  ;)
[/quote]

He didn't have to... he already owned every phone, the wires and central offices.  rofl
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dave w on November 10, 2019, 05:41:17 PM

He didn't have to... he already owned every phone, the wires and central offices.  rofl

Didn't Alex want "Ahoy!" to be the proper way to answer his invention when it rang? I think I just took us down a rabbit trail, but we can bring it back by talking about how to rabbit hunt with a laser. <big smile>
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 10, 2019, 07:39:03 PM
Of course... this is all impractical. And that's why it's never been done. And it never will be. But it can be fun to read about.
The article states...
Quote
So far we have not seen any indications that this attack have been maliciously exploited.
Since any attacker has to be within a few hundred feet and have a line of sight to the target, it's not likely to be something we need worry about but it does illustrate how, as 'smart' devices proliferate, there may be many unanticipated vulnerabilities.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: brobin on November 10, 2019, 09:07:52 PM

He didn't have to... he already owned every phone, the wires and central offices.  rofl

Didn't Alex want "Ahoy!" to be the proper way to answer his invention when it rang? I think I just took us down a rabbit trail, but we can bring it back by talking about how to rabbit hunt with a laser. <big smile>

That's right, he actually preferred and used "Ahoy Hoy" to answer the phone. Edison instructed all his people to use Hello. How's THAT for some useless knowledge!
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on November 11, 2019, 11:32:16 AM
There are solutions to a lot of these problems that will become more of a reality though.  We just have to keep them in mind when setting systems up.  If the voice box can see a window, it would be exposed to this risk.  By shutting the drapes, you should eliminate the concern.  Or, I suppose make sure it is blocked by furniture.  In the cold war days, there were devices that could record conversations by detecting vibrations on windows.  The counter was to install some form of device that would change how the window was vibrating (not sure if it was a white noise generator or a noise cancellation type device and can't find a link).

But, this type of threat is something a lot of people are becoming more aware of and concerned with.  I recently found a whole line of clothing that helps with radiation but eliminates all the downsides of using tin foil.  I haven't ordered from this specific company since they are in Europe, but I imagine it should help those who are interested.

https://shieldapparels.com/
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dave w on November 12, 2019, 09:10:27 PM
That's right, he actually preferred and used "Ahoy Hoy" to answer the phone. Edison instructed all his people to use Hello. How's THAT for some useless knowledge!
Impressive.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: toasterking on November 14, 2019, 06:03:12 PM
he actually preferred and used "Ahoy Hoy" to answer the phone. Edison instructed all his people to use Hello.
I'm glad I found this thread as I'm already quite anti-Edison and didn't realize I'd been making such a big mistake in supporting his legacy for my whole life.  Accordingly, I started bringing back "Ahoy-Hoy" as a telephone greeting earlier this week.  :)
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: HA Dave on November 15, 2019, 08:49:39 AM
....... there may be many unanticipated vulnerabilities.

Maybe... at some point in the UN-known future. But I don't live in the future (or the past)... and never will as that is impossible, except in the our imaginations.

And in the here and now.... it appears that your "future problem" has already been resolved. As improved voice recognition technology can tell the identify the persons voice and act appropriately (as programmed) based on "who" makes a request. 

Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: HA Dave on November 15, 2019, 09:08:06 AM
There are solutions to a lot of these problems that will become more of a reality though.  We just have to keep them in mind when setting systems up.  If the voice box can see a window, it would be exposed to this risk.  By shutting the drapes, you should eliminate the concern.  Or, I suppose make sure it is blocked by furniture.  In the cold war days, there were devices that could record conversations by detecting vibrations on windows.  The counter was to install some form of device that would change how the window was vibrating (not sure if it was a white noise generator or a noise cancellation type device and can't find a link).

Your so correct... You know... even cameras can be defeated with a ball cap or a hoodie.

My Dad was a police officer in the 70's-80's and drug dealers would be monitored using "big ear-type listening devices". And the solution for the drug dealers was to place speakers facing the outside walls and windows.

Meanwhile.... if you're so deep into whatever criminal behavior gets so much police attention... maybe being off-line (and avoiding modern Home Automation) would be a better lifestyle choice.

Meanwhile.... I am pretty positive I have been and may still be monitored by my own government. So.... it would be foolish of me to think I could somehow outsmart or out-tech the feds with curtains and/or furniture. As nearly every appliance and TV in the home can be hacked with the appropriate court order. And isn't THAT what people should be worried about?!?!? 
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dave w on November 15, 2019, 09:26:21 AM
I'm already quite anti-Edison and didn't realize I'd been making such a big mistake in supporting his legacy for my whole life.  Accordingly, I started bringing back "Ahoy-Hoy" as a telephone greeting earlier this week.  :)
There is always the Tesla greeting to consider: "Sparky here".
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on November 15, 2019, 10:34:37 AM
That's a valid point.  Having our television remotes able to respond to our voice also means that we should really keep those away from windows as well.  I wonder if the research is still going on and, if so, could we suggest they look at things like our voice remotes?  I also wonder if the same is possible with phones since Apple and some Android models will respond to commands without touching them.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: HA Dave on November 16, 2019, 10:53:21 PM
...... wonder if the same is possible with phones since Apple and some Android models will respond to commands without touching them.

Of course they would (at least theoretically... of course). Best way to find out is just dig through your bin of extra electronic parts and pieces. Then hack together your own "Laser-Based Audio Injection System".... and try for yourself.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 17, 2019, 07:59:48 AM
I also wonder if the same is possible with phones since Apple and some Android models will respond to commands without touching them.

The link I posted in the beginning of this thread is to an abstract of the study. There is a link to the full study at the beginning of that abstract. The abstract also lists the devices and voice systems tested (Google Assistant, Alexa, Siri, Portal). It includes iPhones/iPads and while they did not test Android devices, it stands to reason that any using voice control will be vulnerable.

Finally, the abstract includes their email address so you can ask your questions directly.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on November 17, 2019, 01:38:41 PM
I did review a different story covering the same study. That one only included mention of the voice boxes but no mention of other devices.

If I had DARPA money as in the study, I'd have no problem peicing something together.  I suppose it all depends on who funds your toys.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 17, 2019, 03:17:55 PM
If I had DARPA money as in the study, I'd have no problem peicing something together.  I suppose it all depends on who funds your toys.

Again, from the abstract...
Quote
The Light Commands attack can be mounted using a simple laser pointer ($13.99 (https://www.amazon.com/dp/B07PM1MF74), $16.99 (https://www.amazon.com/dp/B07WD723Z7), and $17.99 (https://www.amazon.com/gp/product/B07TZ4Q55Q) on Amazon), a laser driver (Wavelength Electronics LD5CHA (https://www.teamwavelength.com/product/ld5cha-5-a-30-v-laser-diode-driver/"), $339), and a sound amplifier (Neoteck NTK059 (https://www.amazon.com/gp/product/B01MS22YWV), $27.99 on Amazon). A telephoto lens (Opteka 650-1300mm (https://www.amazon.com/dp/B001GKPOJK), $199.95 on Amazon) can be used to focus the laser for long range attacks.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on November 17, 2019, 10:30:02 PM
Nice. I figured we'd be out 10x that much, but for under $1000 I can prank neighbors? Sweet!
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dhouston on November 18, 2019, 07:33:12 AM
Nice. I figured we'd be out 10x that much, but for under $1000 I can prank neighbors? Sweet!
Actually, it's under $600 even with the added cost of 2 AAA batteries for the laser pointer.
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on November 18, 2019, 10:46:54 AM
Thanks for catching that.  It won't work without batteries!
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: dave w on November 18, 2019, 06:20:18 PM
 rofl
Title: Re: All Voice Activated Systems are vulnerable to this ingenious hack.
Post by: bkenobi on January 02, 2020, 01:59:49 PM
Turns out Destin is a conspiracy theorist as well.

https://www.youtube.com/watch?v=ozIKwGt38LQ