That noise in your head? It’s real
You have most likely uttered one or all of these phrases in the recent past: 'Hey Siri' or 'Hello Google' or 'Alexa'. (Sorry, we’re not going to count 'Cortana' in this.)
If you’ve spoken these magic words, it means that you have a phone or a device which on occasion answers your question. Maybe it starts playing music, or opens a garage door, or orders food from a nearest restaurant. (Perhaps you wish your Cortana could do something similar.).
Here is the bad news. Together with email, any of your devices which are controlled by voice are the hackable, exploitable targets.
Most of us are used to hacking attempts that come to us via email. Some bad actor is trying to convince you to click on a link or type in your password. That’s bad enough.
But now, sound has become an effective way to control your devices.
The technology behind this has been around for some time. We just didn't have devices equipped with high enough quality hardware for it to work. Now that we have those high-quality devices (pretty much everywhere), it works just fine. The method is called Psychoacoustic Hiding. Your system can now be hacked by hackers exploiting speech, music or even birdsong. You can listen to all the examples here.
You’ll have a hard time recognizing the noise causing the issues. Psychoacoustics (a branch of psychophysics involving scientific study of sound perception and audiology) explains why: humans perceive various sounds, but ignore others. Your ear and brain can recognize and process only certain sounds or frequencies (Just think of how a dog whistle works). However, computers don't have this limitation.
How does it work? You take a regular sound and combine it with a 'noise' which is recognized by a computer as a legitimate command.
The computer’s advantage over human limitations is actually the weak spot for technology. A paper authored by researchers from the Ruhr University Bochumdescribes in great detail how the core technology that all the smart devices run on, based on Deep Neural Networks, is vulnerable to these types of attacks. And for the geeks and nerds, here is the code for you to test. Yes, that's how easy it is.
How big is the problem?
There are about 200 millions of smart speakers/assistants around. Add to that, the 100's of millions of iPhones, iPads, MacBooks, Android phones. Now we are looking at well above 1 billion devices.
The next time you are standing next to someone in the elevator and that person is playing music, your phone might be under attack at the same time.
This is not the only way to attack your phone. The hackers can achieve the same thing through vibration or by using a laser. A laser is especially useful since the hacking can be done over a longer distance.
What can you do about this? Nothing, except turn off all your devices. You’ll have to play your music from your vinyl collection and manually open your garage. If that's not an option for you, don't worry: the chances that you personally will be hacked is very small. How small? It’s kind of like getting an email asking you to click a link. I mean… how often does that happen?
Let's finish on an upbeat note. I recommend that you choose technology which helps you in your daily life. Choose technology from vendors which repeatedly demonstrate their commitment to your security and privacy. Educate yourself about the risk and mitigate it. That’s the best you can do. And finally, make it into a regular pattern.