Once again, your Alexa may be working against you

December 20, 2019

Once again, your Alexa may be working against you

Security researchers have found that a hack for Amazon Alexa and Google Home that was originally presented months ago, has gone unsolved.

These hacks are done through two applications, Skills for Amazon Alexa and Actions for Google Home, that seem harmless at first. But in fact, it can be manipulated to work against you.

This is done by changing the device's welcome message to an unpronounceable sequence, which causes the device to say nothing. If this time is extended, then the app can fool the device to ask for the user's password, or eavesdrop on the user's conversations.

Testing this hack 5 months later, the researchers found that Amazon and Google have still failed to properly address the situation.

The companies removed the initial application but allowed it to be re-uploaded without any changes. Additionally, they made small changes such as not allowing the same sequence, but these are still easily navigated by the researchers.

What does this mean?

If you own one of these devices be sure to not use any third-party applications, be careful on what personal information you say in the presence of the device, and finally be hesitant on any password requests by your device.





Leave a comment

Comments will be approved before showing up.