NEWSBYTE Security researchers have discovered a vulnerability that enabled Amazon’s voice assistant, Alexa, to listen in on people’s conversations after the ‘Alexa’ wake-up word had been detected.
According to a blog post by IT security firm Checkmarx, researchers Maty Siman and Shimi Eshkenazi from the Checkmarx Research Lab decided to test the idea of turning their own Amazon Echo into a tapping device.
Their initial challenge was to activate the Echo, given that the audio of Alexa-powered devices is only streamed to the cloud after the wake-up word is detected.
The researchers created a skill for Alexa, in this case a calculator, that was able to record and transcribe everything a person said and send that data back to a third party.
There were two challenges in achieving this. First, they had to ensure the Alexa recording session would stay active, and second, they wanted the listening device to transcribe what was said accurately.
Researchers found that it was possible to create such a hack when Alexa skills were configured to accept a specific sentence format with placeholders (slots) for closed lists of values, such as colours, places, or movie names – such as “What is the weather in [City]?”.
By keeping that empty slot open, the researchers were able to hack the device to record conversations. After that, speech to text algorithms could be deployed.
“Within a valid skill with legitimate intent functionality (for example a calculator skill that calculates math actions according to user input), the input can be captured to an external log, accessible to the skill developer,” said the researchers in their report.
Internet of Business says
Amazon has been informed of the issue and has reportedly set specific criteria to identify (and reject if necessary) eavesdropping skills during certification. Alexa will now detect empty reprompts and take appropriate actions, as well as detect longer-than-usual sessions, said Amazon.
However, the flaw has come to light just as Amazon is extending the functionality of its digital assistant, to include follow-up questions that will no longer need the ‘Alexa’ keyword to activate them.
The aim, as explained in our detailed report, is to enable Alexa to have more natural conversations via improved memory, context carryover, and skills arbitration, all of which demands that the assistant stays active without the keyword in order to converse with the owner of any Alexa-powered device – numbers of which are growing, as the report explains.
The potential for Alexa to record conversations or transmit them to the cloud would therefore appear to be growing, not receding, as a result of these new skills.