Do you work on the project on GitHub? You can use this tool to automatically sync your GitHub releases to SourceForge, so that your projects have a backup location, and take advantage of SourceForge's massive reach.

× 159654371 story
Security

The security-woes dept. posted a message on Monday March 7, 2022, at 01:50PM.

Academic researchers have devised a new working exploit that commandeers Amazon Echo smart speakers and forces them to unlock doors, make phone calls and unauthorized purchases, and control furnaces, microwave ovens, and other smart appliances. joshuark shares a report: The attack works by using the device's speaker to issue voice commands. As long as the speech contains the device wake word (usually "Alexa" or "Echo") followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy's University of Catania found. Even when devices require verbal confirmation before executing sensitive commands, it's trivial to bypass the measure by adding the word "yes" about six seconds after issuing the command. Attackers can also exploit what the researchers call the "FVV," or full voice vulnerability, which allows Echos to make self-issued commands without temporarily reducing the device volume.

The researchers have dubbed the hack "AvA" because it uses the Alexa feature to force devices to make their own commands. It only takes a few seconds of proximity to a vulnerable device while it's turned on so an attacker can utter a voice command instructing it to pair with an attacker's device. The attacker will be able to issue commands if the device remains within the radio range. The attack is the first to exploit the vulnerability of self-issuing arbitrary commands on Echo devices, allowing an attacker to control them for a long time.


Slashdot

ConnectWise RMM makes it easy to monitor and manage complex IT environments Monitor, manage, and support clients at the desktop level—without requiring integration of third-party RDS tools.

You can get a free demo.

Array(0x55eaeda7ed30)

divspanAmazon Echo smartMonday March
Related News
Patrick Mahomes, Kansas City Chiefs prevail against Buffalo Bills, win wild AFC divisional game in overtime
Popular on TVN
Stay In Touch

All Rights Reserved © 2024