David Hanak Researchers from the Chinese University of Zheijiang have discovered a very interesting thing, namely that intelligent assistants in mobile phones (in this case Siri and Alexa) can be attacked in a very simple way without the owner of the attacked device having any idea about it. Ultrasound-guided attacks are inaudible to the human ear, but the microphone in your device can detect them and, as it turns out, can be commanded in many cases.
It could be interest you
Ondrej Holzman This attack method is called "DolphinAttack" and works on a very simple principle. First, it is necessary to convert human voice commands into ultrasonic frequencies (band 20hz and higher) and then send these commands to the targeted device. All that is needed for successful sound transmission is a phone speaker connected to a small amplifier and an ultrasonic decoder. Thanks to the sensitive microphone in the attacked device, the commands are recognized and the phone/tablet takes them as classic voice commands of its owner.
As part of the research, it turned out that basically all female assistants on the market respond to such adjusted orders. Whether it's Siri, Alexa, Google Assistant or Samsung S Voice. The device that was tested had no influence on the test result. The reaction of the assistants was therefore received both from the phone and from a tablet or computer. Specifically, iPhones, iPads, MacBooks, Google Nexus 7, Amazon Echo and even Audi Q3 were tested. In total, there were 16 devices and 7 different systems. Ultrasound commands were registered by everyone. What is perhaps even creepier is the fact that the modified (and inaudible to the human ear) commands were also recognized by the speech recognition function.
Several procedures were used in the tests. From a simple command to dial a number, to opening a dictated page or changing specific settings. As part of the test, it was even possible to change the destination of the car's navigation.
The only positive news about this new method of hacking the device is the fact that it currently works at about one and a half to two meters. Defense will be difficult, as the developers of voice assistants will not want to limit the frequencies of the commands being sensed, as this could lead to a worse function of the entire system. In the future, however, some solution will have to be found.
Source: Engadget
Since you are translating the article, you could have made it more understandable. From the English original, it's much less confusing how it works. Defense is trivial, just ignore the commands that come only on ultrasonic frequencies.
Yes, and as stated in the article, developers will not proceed with ignoring commands from ultrasonic frequencies, as it is not entirely clear how this would affect the resulting quality and recognition capabilities of classic voice commands.
No, the article says to chop the spectrum. I proposed to ignore the input, which is composed only of the ultrasonic part of the spectrum.