Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Google Privacy Technology

Project Alias Hacks Amazon Echo and Google Home To Protect Your Privacy (fastcompany.com) 62

Posted by BeauHD from the safety-first dept.
fahrbot-bot writes: The gadget, called Alias, is an always-listening speaker, designed to fit on top of an Amazon Echo or Google Home, where it looks like a mass of melted candle wax. It's composed of a 3D-printed top layer, a mic array, a Raspberry Pi, and two speakers. It only connects to the internet during the initial setup process. Alias stays "off the grid" while you're using it, preventing your conversations from leaving the device. When the Alias hears its own (customizable) wake word, it'll stop broadcasting white noise and wake up Alexa or Google Assistant so you can use them as normal.
This discussion has been archived. No new comments can be posted.

Project Alias Hacks Amazon Echo and Google Home To Protect Your Privacy More

Project Alias Hacks Amazon Echo and Google Home To Protect Your Privacy

Comments Filter:
  • The only reason I would trust this device is if it didn't have a network adapter. Once it is online, it is open to hacking attacks.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      It goes beyond that, the companies involved on the back-end making claims of "oh, it's not listening to you much," or "oh, we encrypt everything in the cloud" and then you find the insecure AWS folder full of videos...

      This is before black-hats figure out how to trivially botnet them into a superweapon, this is just how the companies that sold you the damn spying devices "for your convenience" value your privacy and security. Lip service.

      Amazon's RING security cameras with the backend "god" mode that they l

      • Re: (Score:3)

        by dcw3 ( 649211 )

        This is before black-hats figure out how to trivially botnet them into a superweapon

        Yup, that's happened a lot. Better stay in mom's basement just to be safe.

    • Re: (Score:2)

      by ceoyoyo ( 59147 )

      It really wouldn't be hard to build one of these things yourself. I'd be surprised if there weren't multiple DIY projects just a Google away.

  • I only see one problem (Score:5, Insightful)

    by Opportunist ( 166417 ) on Tuesday January 15, 2019 @07:48PM (#57969458)

    Anyone valuing his privacy enough to use such a device probably already would not allow an eavesdropping device to exist in his living room. So who exactly is the target audience?

    • Re: (Score:3)

      by lazarus ( 2879 )

      I'm trying to figure out why the people who want the device but are worried about their privacy don't use the mute button on the top of their Echo. Is there some conspiracy about this not working that I'm unaware of? Why would I replace the mute button with another device that may also be listening to me?

      It's listening devices all the way down!

      • Re: (Score:2)

        by dmt0 ( 1295725 )
        All the convenience of those assistant devices comes from the fact that you can use them from across the room. This Alias thing makes a lot of sense.

      • >"I'm trying to figure out why the people who want the device but are worried about their privacy don't use the mute button on the top of their Echo. Is there some conspiracy about this not working that I'm unaware of?"

        Doesn't have to be a "conspiracy". How do you KNOW the mute button works or what it does? Perhaps it still listens and doesn't respond. There is no way to know what it is doing.

        >"Why would I replace the mute button with another device that may also be listening to me?"

        Because they yo

        • >"How do you KNOW the mute button works or what it does? Perhaps it still listens and doesn't respond. There is no way to know what it is doing."

          Reply to self. I should have added:

          And even if you know what it does now, how do you know that won't change later? The company could decide, at any point, to change the behavior because it is a soft function. And if they can change it, then so can hackers. And perhaps there are back doors and the government can gain access directly or indirectly. None of th

        • Re:I only see one problem (Score:4, Informative)

          by lazarus ( 2879 ) on Tuesday January 15, 2019 @11:27PM (#57970340) Journal

          Doesn't have to be a "conspiracy". How do you KNOW the mute button works or what it does?

          Because it is a hardware switch which cuts off electricity to the microphone. This has been explored by many many tear-downs. Search for yourself.

          So unless someone has sneaked into your house/office and swapped it for some elaborate bypass it is not going to hear anything when it is activated.

          • >"Because it is a hardware switch which cuts off electricity to the microphone. This has been explored by many many tear-downs. Search for yourself."

            Thanks. I didn't know that. Besides, that is not typical at all for mute buttons. Plus, three are many "smart speakers" now and by many companies. I was speaking more in abstract and not about one particular model from one particular company and right now.

            In any case, you can't activate a mute button remotely, so I still see how this Alias thing would be

            • Re: (Score:1)

              by gebbeth ( 720597 )
              There are hacks that allow speakers to be used as microphones.

              • >"There are hacks that allow speakers to be used as microphones."

                Yeah, security is such a nightmare now. At least in the case of the "Alias", it emits a constant stream of noise that blocks the mic and would likely block the speaker portion acting as a mic.

          • Re: (Score:2)

            by AmiMoJo ( 196126 )

            This doesn't seem to be confirmed. The source seems to be an interview with Bezos where he makes that claim, but looking at various teardowns of the hardware there is no obvious physical switch.

            In fact, it seems unlikely because the Echo uses an array of microphones, not just one, pointed in different directions. The switch might power down the amplifier perhaps, but no-one seems to have any evidence supporting that.

        • Re:I only see one problem (Score:4, Insightful)

          by ichimunki ( 194887 ) on Tuesday January 15, 2019 @11:40PM (#57970374)

          How would I know if the "Do Not Disturb" button worked? Wireshark. Even if the device listens but doesn't respond, what matters is whether it phones home-- and that can be monitored. It should not be connecting to the network until after it recognizes the wake word... now I suppose it could record and then wait for the wake word to transmit... but if I'm that paranoid, why wouldn't I just install a bunch of smart sockets to turn the power to my devices off when I want true privacy? Or why would I get devices like these in the first place?

          • >"now I suppose it could record and then wait for the wake word to transmit"

            It might also only transmit when it needs to, which will look like normal traffic but could be metrics you don't expect. Again, it is a "black box". It might also do so only if and when you are targeted, or only when it hears certain things that you didn't supply during testing, or only if it was hacked. There are lots of ways something can spy on you without it just transmitting in obvious ways.

            >"but if I'm that paranoid,

      • I'm trying to figure out why the people who want the device but are worried about their privacy don't use the mute button on the top of their Echo.

        You'd have to cross the room to un-mute it every time you wanted to use it, completely destroying the hands-free usefulness of the device.

        Like if you are in the middle of cutting raw chicken and just want to start up a timer you forgot to set...

        So I can see some point to a third party device you know can be enabled or disabled by voice and not overridden by the E

    • Anyone valuing his privacy enough to use such a device probably already would not allow an eavesdropping device to exist in his living room. So who exactly is the target audience?

      Maybe you find an Echo in your hotel room, or in your university dorm or common space ... Your significant other's house? It's like covering a camera.

    • So who exactly is the target audience?

      People who aren't single. This is a compromise device.

  • Until this little startup begins to threaten a fraction of 1% of market share, and then Google and Amazon deploy the workaround models.

  • Simpler, cheaper solution (Score:4, Insightful)

    by Tyger-ZA ( 1886544 ) on Tuesday January 15, 2019 @08:12PM (#57969584)
    Unplug your spy devices, permanently

  • Wrong material (Score:4, Funny)

    by ArhcAngel ( 247594 ) on Tuesday January 15, 2019 @08:45PM (#57969732)
    Shouldn't it be made out of tinfoil?

  • From their website photos I'm guessing sizeof(micArray)/sizeof(micArray[0]) == 1.

  • I might get a Google Home now that I can name it Asshole. Hey Asshole, turn on the lights!

  • Snips (Score:4, Informative)

    by GodWasAnAlien ( 206300 ) on Wednesday January 16, 2019 @03:57AM (#57971022)

    Instead, why not give/throw/sell the alexa/google device away,
    and just put Snips on a Raspberry pi?

  • It should'a could'a been a robot finger that Presses the Mic-Mute button on the top of Echo.

    Seriously - does the White Noise block Alexa? I ask because it seems to "hear" whoever is speaking loudest - my children fight over what music should play and the loudest child wins. Although I win by pressing the mute button.

    Do I have to put up with the roar of Niagara Falls in my kitchen ? If so - seems the cure is worse than the disease.

    Or a solution looking for a problem.

Slashdot Top Deals

It is easier to write an incorrect program than understand a correct one.

Close