Researchers at University of Michigan and the University of Electro-Communications in Tokyo have discovered an alarming flaw with digital assistants found in many smart speakers.

The team revealed that burglars could break into homes by shining a laser at digital assistants and smart speakers from more than 100 metres away.

Until now, most of the concern surrounding these devices have centred on privacy worries. Amazon this year admitted in a letter to a US senator that it keeps Alexa user voice recordings indefinitely, and it is being sued for over allegations that Alexa-powered smart speakers are recording children.

Smart security

But now the security aspects of these devices has been brought into question because of lasers.

In their paper on the matter, the researchers warned that “Light Commands is a vulnerability of MEMS microphones that allows attackers to remotely inject inaudible and invisible commands into voice assistants, such as Google assistant, Amazon Alexa, Facebook Portal, and Apple Siri using light.”

“In our paper we demonstrate this effect, successfully using light to inject malicious commands into several voice controlled devices such as smart speakers, tablets, and phones across large distances and through glass windows,” the researchers warned.

A video of Google Home speaker being tricked into opening a garage door can be found here.

“The implications of injecting unauthorised voice commands vary in severity based on the type of commands that can be executed through voice,” the researchers warned. “As an example, in our paper we show how an attacker can use light-injected voice commands to unlock the victim’s smart-lock protected home doors, or even locate, unlock and start various vehicles.”

This ability for criminals to “talk” to digital voice assistants by shining a laser at the device’s microphone, will be a cause for concern for homeowners, depending on automated their property is.

Membrane issue

The problem stems from the fact that most of the assistants on modern devices use compact and highly sensitive microphones equipped with a diaphragm. This is a thin membrane that moves when hit by sound waves.

It seems that this movement is then converted into electrical signals, which are acted upon by the voice assistant.

The researchers discovered that the diaphragm also moves when hit by specific frequencies of light from a laser.

The researchers played around with the intensity of the light from the laser, in order to mimic the frequency of a human voice. This allowed them to make basic commands and activate the smart speaker.

It is understood that the researchers have shared the findings with Amazon, Apple, Google, Tesla and Ford.

Google and Amazon are reportedly reviewing the discovery.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago