It seems like only a week after I wrote about the need for Voice Authentication on Alexa, Engadget published this article about how Siri and Alexa are Vulnerable to nefarious commands. Basically researchers were sending commands in ultra high frequencies and getting the Electronic Personal assistants to respond.
In perhaps a related mystery, often times during a movie or a TV show, I will observe where Alexa will wake up and respond to the movie, usually with “I don’t know about that” when none of the dialog said anything that resembled ‘Alexa’. Makes me wonder about how long people have known about the vulnerability that Engadget found, and have been exploiting it in front of our very ears.
Hmmm. Let’s take it a step further… what if there were a special Alexa skill, where it was coded such that Alexa did not verbally respond, but could kick off a function in the background. . . it is possible. You then could secretly tell an Alexa to execute a task with your recorded ultra high frequency command, and then Alexa ‘could’ quietly execute the task, all without knowledge of the Alexa owner.
Until I can get voice authentication for my Echo – Alexa won’t be hooked up to anything that can cause too much havoc. I don’t want to be watching ‘Ghost in the Shell’ and have a case of canned unicorn meat from Amazon show up on my front porch the next day.