I always wondered how my Amazon account got hacked and three tons of tuna was ordered to be delivered to Sea Life.. Now I know it was sneaky dolphins hacking Alexa on my smartphone!
Dolphins inspire ultrasonic attacks that pwn smartphones, cars and digital assistants
Voice control is all the rage these days, but a team of Chinese researchers has come up with a way to subvert such systems by taking a trick from the natural world. Apps like Google Assistant and Siri are set to always be listening and ready for action, but shouting into someone else's phone is hardly subtle. So the team from …
COMMENTS
-
-
-
Friday 8th September 2017 01:34 GMT Captain DaFt
Re: Really?
Well the bats are laughing.
Laughing at ultrasonic hacking? More like grossed out, I'd say. ☺
-
-
-
Thursday 7th September 2017 07:33 GMT Anonymous Coward
Thank God ..
.. I don't use any of these. Not Siri, not Alexa and not any other always on listening software.
BTW, So the team added an amplifier, ultrasonic transducer and battery to a regular smartphone (total cost in parts around $3): I must have a word with my local electronics shop. Just the battery housing alone would have costed me more than $3.
-
-
-
Thursday 7th September 2017 08:18 GMT Flocke Kroes
Re: Lack of ultrasonic receiver is the problem
If phones had microphones capable of detecting ultrasound properly it would be easy to add an analogue or digital low pass filter to remove it. Ordinary microphones respond to ultrasound by outputting a signal in the audible range so Alexa, Siri and friends cannot distinguish it from a voice.
-
Thursday 7th September 2017 20:46 GMT Kevin McMurtrie
Re: Dialing an number is a great attack
Only extremely high-end amplifiers have good slew rate symmetry between the positive half and negative half of the waveform. Usually one half is significantly faster than the other. When operating beyond the rated frequency response, the amplifier might reproduce the falling edge of a 35 kHz signal much better than the rising edge. This unbalance is a distortion that appears as a new signal. That new signal is the voice saying, "Play song - Never Gonna Give You Up."
There's another more sophisticated attack using sampling aliasing. If the phone is known to sample at 192kHz, you modulate the voice command at 192kHz too. The sampling beat pattern demodulates back to the voice. It's essentially using the A/D converter like a radio tuner.
In both cases, the solution is to keep the analog low pass filter far away from the operating limits of the circuitry. (And turn off voice commanding, duh.)
-
Friday 8th September 2017 02:02 GMT bombastic bob
Re: Dialing an number is a great attack
"Only extremely high-end amplifiers have good slew rate symmetry between the positive half and negative half of the waveform"
a simple fix might simply be to use a low pass filter on the microphone...
but it wouldn't stop a signal that's based on heterodyne effect between two ultrasonic signals. In fact, using a phased array, you could shoot the signal that way for quite some distance...
/me points out that ANY nonlinearity will create the 'beat' frequency, sometimes known as "intermodulation distortion". So send two ultrasonic signals for which the difference in frequency is "the desired signal". Or get REALLY creative (and highly directional) and use a multi-emitter phased array.
-
-
-
-
Thursday 7th September 2017 09:05 GMT Anonymous Coward
Groundhog Day is with us again
Didn't El Reg just run a report on exactly the same attack with exactly the same conclusions, except published by a group from Princeton?
God, these copycats are not meowing around!
-
Thursday 7th September 2017 10:01 GMT Oh Bother
Re: Groundhog Day is with us again
This one is an evolution of the attack mentioned in the previous article.
From said article:
"Also, the attack was conducted with a dedicated speaker – not the sort of thing one can sneak into a room easily – and it hasn't been demonstrated using a mobile phone as a sound source."
$3 worth of simple to hide hardware makes this attack much more feasible.
-
Thursday 7th September 2017 10:32 GMT John Smith 19
"$3 worth of simple to hide hardware makes this attack much more feasible."
As others commented at the time.
A regular phone speaker was probably not up to the job,
Turns out the kit needed to do it was a piece of p**s to build.
And noise cancelling multiple microphones on the target device makes it easier as well.
-
-
-
Thursday 7th September 2017 09:54 GMT frank ly
Why?
Why are these microphones and audio processiong circuits made so that they respond to ultrasonic signals?
Why do the voice recognition algorithms respond to ultrasonic range voices?
I thought it was a generally understood principle that you filtered out any 'out of band' energy at an early stage.
-
-
Thursday 7th September 2017 19:33 GMT inmypjs
Re: Why?
"they're using harmonics"
Harmonics are multiples of a fundamental frequency. An ultrasonic frequency has no harmonics in the audible or 'vocal' range.
They claim they utilise non-linearity in the microphone/electronics. I suppose it is possible for a loud modulated ultrasonic sound to be demodulated by the non-linearity making the phone 'hear' and audio signal that isn't really there.
I would have thought aliasing with the phone sample rate was a more likely attack mechanism but I can't be bothered to look at the paper.
-
Friday 8th September 2017 02:12 GMT bombastic bob
Re: Why?
"They claim they utilise non-linearity in the microphone/electronics. I suppose it is possible for a loud modulated ultrasonic sound to be demodulated by the non-linearity making the phone 'hear' and audio signal that isn't really there."
that would be the 'heterodyne' effect.
https://en.wikipedia.org/wiki/Heterodyne
and also there's this, for digital sampling:
https://en.wikipedia.org/wiki/Nyquist%E2%80%93Shannon_sampling_theorem
The Nyquist frequency is the maximum frequency above which (in an analog to digital converter) you get an "artifact" of some kind instead of a usable signal. Knowing the Nyquist frequency of the phone would give you the ability to generate targeted artifacts and thereby an actual signal, because of the digital sampling itself. Normally an A:D will have a low pass filter to prevent this, however, unless it was designed by a complete idiot or someone who was trying to make it "as cheap as possible".
Note that "nonlinearity" is one of the requirements for heterodyning to work...
also should mention this:
https://en.wikipedia.org/wiki/Intermodulation
-
Friday 8th September 2017 03:14 GMT inmypjs
Re: Why?
"that would be the 'heterodyne' effect."
No it wouldn't. Heterodyne requires multiplying of two signals the result containing components at the sum and difference of the signal frequencies.
Sampling produces a heterodyne effect the sampling process effectively multiplying the sampled signal by a signal of the sample frequency. The sum component can't be represented in the output the difference components are know as aliases. There are further aliases at harmonics of the sample frequency.
Feeding 1, 21, and 23kHz into an ADC sampling at 22kHz will all produce a pure 1kHz output.
-
-
-
-
Thursday 7th September 2017 12:26 GMT The Indomitable Gall
Re: Why?
The key concept in the article is "non-linearity" -- in the oversimplified version, things don't act as you'd expect.
Sound does many, many funky things. If you expose a computer microphone to a sound above the frequency your computer can sample, it creates interference patterns at a lower frequency, within the audible range.
Now, if your target has active noise-cancelling circuitry, it's designed to detect and remove frequencies acting in predictable ways, and enhance short-lived sounds in the frequency range of human speech. The hack is mindboggling in the mathematics involved, but the underlying principles (lost harmonics, ghost signals etc) are all well-established.
Suffice it to say that you couldn't do this with analogue electronics -- computer processing is most definitely required.
-
-
-
-
Thursday 7th September 2017 13:49 GMT Anonymous Coward
Does the boss use an HDMI adaptor to display presentations from his phone...?
Good heavens man, we're in the 21st century. We need no stinkin' cables to show something, it can all be done wirelessly. It would be fun if you could hide the name of the originating phone because it means everyone will be aware by the time you reach the boss' one (just planning ahead here) :).
-
-
-
-
-
Friday 8th September 2017 12:41 GMT Anonymous Coward
RE. Re: Re. audio
Even more bonus points if the phone isn't a waterproof model.
But there is a bonus package of goodies waiting for someone who can make this work, capable of turning off most if not all (generous, 60%) of phones used frequently.
Must be posted on a public forum (eg Hackaday) and verified to work by an independent third party.
-
-
-
-
Thursday 7th September 2017 14:59 GMT steelpillow
Fixes
There is a simple fix, but it costs a few pennies and takes up a little space: filter out the ultrasonics before digitising. An analog filter can take the form of a physical muffler or, depending on your mic technology, a low-pass filter circuit.
There is another, more complex fix: use multiple digital mics, clock each at a slightly different sample rate and compare their audio outputs. Any significant difference can be reverse-processed back out to recover the true audio common to all the mics. The main engineering annoyances are the multiple sample clocks and the processing overhead in recovering the true signal.
-
Thursday 7th September 2017 15:46 GMT James O'Shea
Re: Fixes
There's a much simpler fix, which costs $0.00, and which I have already implemented.: turn Siri off. It's simple that even a vice president can do it. Tap 'Settings', tap 'Siri', make sure that it's off. Problem done. I implemented this fix the very first day I got an iPhone with Siri.
-