Smart speakers are an addition to many households nowadays. But these speakers from potential require some vigilance due to security breaches. Researchers have found that now hackers can enable these little devices to do their bidding even without making any sound. Advanced devices such as Google Assistant, Apple Siri, Apple Alexa were all shown exposed to this security hole. Scientists even got it working on Facebook Portal devices as well. Phones and Tablets were no safe as well and shown vulnerable. This breaching trick works because of MEMs or micro-electronic-mechanical systems, assembled into smart speakers’ mic. These small components are sensitive to light and can interpret it as sound, so this means that these components can easily be manipulated by something like laser pointers.
Smart speakers are many a time hooked up with smart alarms, smart locks and several times with home security systems considering this imagine the depth of the problem as this security breach can be used to sneak into a property. Microphones in these speakers interpret any movement at mics diaphragm as sound. These movements are due to sound pressure that is hitting physically at the microphones’ diaphragm. However, the problem is light from laser pointers triggers some movement in the microphone’s diaphragm that it interprets as sound, researchers told this to Dan Goodin, the Security Editor at Ars Technica. They further stated that although they don’t completely understand physics behind and they are currently investigating this.
Researchers performed this hack in several set-ups, and they found that that attack does require a line of sight with the device. Also, these smart speakers come with audible feedback too, so you will know if someone is attacking your privacy. Hence the consensus is that this isn’t some kind of practical hack that one will go around and try, yet it is something to be aware of. And although this is not any precarious security attack that is likely to occur on the streets however, the research is valuable as it figures out the approaches that hackers might take in the future.