Friday February 28, 2020
Home Lead Story Is The Smart ...

Is The Smart Speaker At Home Listening And Recording Your Personal Conversations?

According to Amazon, the voice utterances spoken to the device may be used in order to deliver and improve its services.

0
//
Smart speakers
According to Amazon, the voice utterances spoken to the device may be used in order to deliver and improve its services. Pixabay

At a time when digital assistants and smart speaker at home in smart devices at home or office are talking to us like never before, some users have begun to worry: Is Alexa or Google Home listening and recording personal conversations beyond the “wake” word?

There are multiple triggers to such concerns, the latest one being a person in Germany using Amazon’s voice assistant who received 1,700 audio files from a person he never met.

A woman in the US state of Oregon was in shock last year when the Amazon Echo device at her Portland home recorded a private conversation and then shared it with one of her husband’s employees in Seattle.

Amazon later clarified that Alexa mistakenly heard a series of commands and sent the recording as a voice message to one of the husband’s employees.

The threat is very much real, with more and more Indians being hooked to the always-on and Internet-connected smart home devices.

Alexa
A hacker has already developed a method to install malware on a pre-2017 Amazon Echo that streams the microphone to any remote computer. Pixabay

In a latest Forrester report titled “Secure The Rise Of Intelligent Agents”, Amy DeMartine and Jennifer Wise argue that currently, introductory versions of intelligent agents include Alexa, Cortana, Google Assistant and Siri. However, security is not part of the equation, and unless security pros get involved, the implications are more worrisome for businesses than normal human beings.

“Alexa doesn’t currently authenticate or authorise individuals who access it, leaving a company’s Alexa skills unprotected from anyone who can remember another user’s commands,” reads the report.

“A hacker has already developed a method to install malware on a pre-2017 Amazon Echo that streams the microphone to any remote computer, accesses the owner’s Amazon account, and installs ransomware,” the Forrester report added.

Apple logs and stores Siri queries but they are not associated with an Apple ID or email address, and the company deletes the association between queries and their numerical codes after six months.

Amazon and Google devices, however, save query histories until the customer deletes them, and Microsoft Cortana users must manage their own data retention preferences in the Cloud and on their devices.

According to Puneesh Kumar, Country Manager for Alexa Experiences and Devices, Amazon India, the threat of Alexa recording all your conversations is not real as the company has created layers of privacy protections in all of its Echo device.

“It includes a mute button involving a hardware press that electrically disconnects the microphones and cameras, clear visual indicators when utterances are being captured and streamed, as well as the ability to see and delete voice recording history for their devices,” Kumar told IANS.

Echo speakers use on-device keyword spotting to detect the “wake” word and only the “wake” word. When the “wake” word is detected, the light ring around the top of the device turns blue to indicate that Alexa is streaming audio to the Cloud.

“At any time, you can turn the microphone off by pushing the microphone button on the top of the device and this creates an electrical disconnect to the mic, which will turn on a red ring to visually indicate that the device is muted,” informed Kumar.

Also Read: Indian Army Kills JeM Operational Commander Within 100 hours of Pulwama Attack

According to Amazon, the voice utterances spoken to the device may be used in order to deliver and improve its services.

The users, if needed, can delete specific voice recordings associated with their accounts by going to History in Settings in the Alexa App, drilling down for a specific entry, and then tapping the delete button. You can also delete all voice recordings associated with your account for each of your Alexa-enabled products. (IANS)

Next Story

This new Defence Tool May Help Fool Hackers

The approach aims to solve a major challenge to using artificial intelligence (AI) for cybersecurity

0
Cybersecurity
The approach aims to solve a major challenge to using artificial intelligence (AI) for cybersecurity: a shortage of data needed to train computers to detect intruders. Pixabay

Instead of blocking hackers, the researchers have created a new cybersecurity defence approach, which involves setting traps for hackers.

The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognise and stop future attacks. DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers.

“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing, instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labour,” said study researcher Kevin Hamlen from University of Texas in Dallas, US. “They’re providing us data about what malicious attacks look like. It’s a free source of highly prised data,” Hamlen added.

The approach aims to solve a major challenge to using artificial intelligence (AI) for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, the researchers said.

“We’re using the data from hackers to train the machine to identify an attack, we’re using deception to get better data,” said study researcher Gbadebo Ayoade. Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, the researchers said.

But most cyberdefense programmes try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation.

The decoy site looks legitimate to intruders and attackers will feel they’re successful, said study researcher Latifur Khan. As hackers’ tactics change, DEEP-Dig could help cybersecurity defence systems keep up with their new tricks.

Hackers
Instead of blocking hackers, the researchers have created a new cybersecurity defence approach, which involves setting traps for hackers. Pixabay

According to the researchers, while DEEP-Dig aims to outsmart hackers, it might be possible that hackers could have the last laugh if they realise they have entered a decoy site and try to deceive the programme.

“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defence system just learns how hackers try to hide their tracks, it’s an all-win situation — for us, that is,” Hamlen said.

ALSO READ: Lenovo Retains its Dominance Over Tablet Market in India With 37% Market Share

The study was presented at the annual Computer Security Applications Conference in December in Puerto Rico. (IANS)