Share This article

Most smartphones can respond to your voice commands, but they might also respond to someone else’s. Researchers from France’s ANSSI information security agency has found a way to make Apple’s Siri and Google voice search respond to commands without talking to them. It happens via radio waves and works up to 16 feet away. This technique can be used to exploit the device in a number of ways.

This clever hack relies upon the headphone jack, which has a microphone input on virtually all modern smartphones. The main limitation of the method developed by ANSSI is that the target device needs to have headphones with a mic plugged into the device. That’s because the electromagnetic waves must use the cord as an antenna to access the mic input. The electrical signals can be made to look like a user’s voice, thus activating Siri or Google.

With the voice commands listening, the radio waves can continue feeding signals into the mic that look to the phone like voice input. The researchers were able to use their system — based on an inexpensive open-source software GNU Radio, a USRP software-defined radio, an amplifier, and an antenna — to issue commands that sent the phone’s browser to a specific website or placed a call. You could use this to essentially turn a phone into a surreptitious listening device or direct it to a website with a software exploit. An attacker could also use these silent voice commands to send phishing messages from the user’s email or social accounts.

You don’t necessarily need to panic and disable voice commands on your phone just yet. In addition to having headphones plugged in, you need to have voice commands enabled from the lock screen and sleep mode. If a phone is awake, the user would probably notice something was amiss, after all. This is the default setting for Siri on iPhones, but Android devices behave differently. You have to manually turn on the “OK Google” hotword from any screen, and when you do the phone tunes to your voice. After you’ve trained the phone in this way, the radio waves would be unable to trigger the voice actions because they don’t “sound” like you. So, Siri is much more vulnerable than Google’s voice search.

The 16 foot range of the hack is based on the laboratory setup used in the ANSSI test. If you wanted to make a mobile version of the rig that fits in a backpack, you’d probably only have enough power to hack a phone from six or seven feet away. That could still be useful in a crowded space like a subway car. The larger version from the lab might fit in a car as well.

The researchers have contacted Apple and Google to suggest allowing users to create custom wake words, which would block this attack. Better shielding on headphone cables would also do the trick. Neither company has responded yet.

Read more http://www.extremetech.com/mobile/216290-researchers-figure-out-how-to-silently-hack-siri-and-google-voice-search