Can Amazon Echo be hacked and turned into a covert microphone?

No primary category set

In a piece called “Alexa, are you listening?”, security expert Mark Barnes explains that there could be vulnerability in the Amazon Echo that means it can be turned in to a covert microphone that could be used for nefarious purposes.

Barnes writes in the article: “The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering. Such malware could grant an attacker persistent remote access to the device, steal customer authentication tokens, and the ability to stream live microphone audio to remote services without altering the functionality of the device.”

The article goes onto explain (in most technical detail) exactly how this can be done. the immediate reaction is that to ‘hack’ the device in this way you do need physical access to the Echo device. Rather like in spy movies, it’s almost like planting a ‘bug’ in the lampshade. Barnes explains: “Rooting an Amazon Echo was trivial however it does require physical access which is a major limitation. However, product developers should not take it for granted that their customers won’t expose their devices to uncontrolled environments such as hotel rooms.” Perhaps too it shouldn’t be taken for granted that all homes are entirely secure. This could be a vulnerability used for pranks and spying very easily unshared houses of even people of the same household.

At heart though this speaks to the changes and challenges that whizzy and fairly futuristic technology can have to everyday life. There are all sorts of way being able to turn Echo into a microphone could be used: from practical jokes to espionage. It will be interesting to see the extent to which future models of the Echo deal with the findings of Mr Barnes.

One Response

  1. thats not even a question. if it’s possible to hack nasa / the nsa /the cia / the pentagon et al, then it’s possible to hack your internet enabled speaker.
    the question is has it happened yet? the answer is yes.

RELATED POSTS..

New Amazon Vouchers pricing requirement

New Amazon Vouchers pricing requirement

How Absolute Collagen grew to a £23m business

How Absolute Collagen grew to a £23m business

Amazon Ships in Product Packaging sign up

Amazon Ships in Product Packaging sign up

Hardly Ever Worn It Amazon Luxury resale collaboration

Hardly Ever Worn It Amazon Luxury resale collaboration

Amazon Disbursements held due to unmet UK business establishment requirements unfreeze disbursements says Minister

Enterprise minister tells Amazon unfreeze disbursements

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Latest

Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars