https://venturebeat.com/wp-content/uploads/2017/02/download.png


Source: Venture Beat (https://venturebeat.com/2018/05/10/siri-alexa-and-google-assistant-can-be-controlled-by-inaudible-commands/)



Apple’s Siri, Amazon’s Alexa, and Google’s Assistant were meant to be controlled by live human voices, but all three AI assistants are susceptible to hidden commands undetectable to the human ear, researchers in China and the United States have discovered. The New York Times (https://www.nytimes.com/2018/05/10/technology/alexa-siri-hidden-command-audio-attacks.html?smtyp=cur&smid=tw-nytimes) reports today that the assistants can be controlled using subsonic commands hidden in radio music, YouTube videos, or even white noise played over speakers, a potentially huge security risk for users.

According to the report, the assistants can be made to dial phone numbers, launch websites, make purchases, and access smart home accessories — such as door locks — at the same time as human listeners are perceiving anything from completely different spoken text to recordings of music. In some cases, assistants can be instructed to take pictures or send text messages, receiving commands from up to 25 feet away through a building’s open windows.

Researchers at Berkeley said that they can modestly alter audio files “to cancel out the sound that the speech recognition system was supposed to hear and replace it with a sound that would be transcribed differently by machines while being nearly undetectable to the human ear.” Princeton University and China’s Zhejiang University researchers enhanced the attack by first muting the AI device so its own responses would also be inaudible to the user.

The novelty here is the unhearable nature of the secret commands. TV shows and commercials have openly and deliberately triggered certain digital assistants using verbalized phrases, but hiding the phrases is the sonic equivalent of subliminal advertising. There are not yet laws against triggering AI devices with hidden phrases, however, potentially enabling the practice to be exploited without straightforward legal consequences.

If the security issue isn’t fully addressed — although it most certainly will be — the number of potential breaches could be staggering. As the Times points out, phones and speakers with digital assistants are expected to outnumber people by 2021, and over half of American households will have one or more smart speakers by then.

All three of the digital assistant makers are apparently already aware of the vulnerability, though they were vague in explaining existing mitigations. Amazon claims to have taken unspecified steps to ensure Echo is secure, Google said that Assistant has features to mitigate undetectable commands, and Apple said that its devices have precautions and limitations precluding certain of the commands. It’s unclear whether subsonic audio filtering alone will be enough to address the issue, but it’s quite possible that a simple software patch will be enough to remove the risks.


Source: Venture Beat (https://venturebeat.com/2018/05/10/siri-alexa-and-google-assistant-can-be-controlled-by-inaudible-commands/)

Damn, isn't that interesting... :)

Is anybody surprised?

Is anybody surprised?

I for one am not. I read Slashdot (https://slashdot.org/) on a daily basis — it's a technology-centered US American website — and so I've more or less been keeping up with the whole A.I. hype, and all the antics that have come out of that in the meantime.

Furthermore, I've been involved with IT for almost 30 years — loosely involved since the early 1990s, and more closely involved since the year 2000. As such, I am perfectly aware of how software developers constantly either overestimate the quality of their own work, or are too interested in applying the next "Ooh, shiny!" feature to bother fixing the bugs in their current generation of software.

"Yes, we know about that bug, but no, we're not going to fix it, because we've got a new version coming out in only a few months." And then that new version will have exactly the same amount of flaws as the outgoing version, and then those flaws won't get fixed either, because by the time these flaws are found out about, the developers will already be working on the next new version.

Add to this the fact that it has recently turned out that several (if not most) of the most popular microprocessor types have hardware design flaws in them which are either impossible to fix without going back to the drawing table, or so hard to fix by way of software patches that they would slow the system down to a crawl if they did. And then you can throw on top the very fact that most programming languages and compilers aren't even designed for detecting and/or fixing things like buffer overflows.

Once again, I see this as a typical manifestation of human arrogance and shortsightedness, i.e. humans claiming to possess a prowess or level of intelligence that they cannot live up to. The worst part of it all is that this substandard level of quality is not only being marketed as ready for production use, but that it has actually become the norm.

And it was Microsoft that made this happen. They are solely responsible for people's willingness to accept and actually even pay for substandard quality. But while the original developers of GNU/Linux and other operating systems had grown up on UNIX and similar systems, the current batch of developers in the IT sector are all people who grew up on Microsoft Windows — they're probably too young to have ever even used DOS — and who know no better than this hyperactive culture of irresponsible hardware and software development.

Anyway, as a sideways-related example of this A.I. hype, self-driving cars are becoming all the rage these days. And while I can understand that this kind of technology may have its merits in some fields of application, it does also take the fun out of driving, and it is bound to give us a whole new generation of people who own a car but don't actually know how to drive it themselves.

But hey, it's all the rage, it's the hype, you just have to jump on board. And this, notwithstanding the fact that, first of all, those things usually depend upon satellite navigation — which is a technology that's still exclusively under military control as we speak — and secondly, that reports are coming in, one after the other, of fatal car accidents involving and/or caused by self-driving cars.

The proponents of capitalism say that capitalism has given the world progress. No, it hasn't. What it has given the world, is man's arrogance to think that he can run before he has properly learned how to walk. And it is this arrogance, not any geopolitical conflict, that will ultimately be mankind's undoing.

Time to get off my beer case again... :wry:

The consumer has funded the research and development and been told each time that the product is wowzer bonza super.
I think initially at least, some thought that the case, but these days, and pretty early on, people knew it was all BS and Jellybeans, but the consumer doesn't complain and tell the purveyors how their propaganda is not believed. They still purchase the product, out of hmm 'want', but aren't very vocal so the industries across the board seem to think people swallow their lies.

We have products now that aren't even fit for purpose. They are fake implements which look like a functional object, but costs of production have been shaved so much that what you have is a competition to make the cheapest illusion, and it breaks in the packet or is flawed in its purpose. The throw away society, the desire to keep selling the same thing, means industry is quite happy to build malfunction into the product and to build sealed unrepairable units.

But consumers still buy without complaining, so it is the consumers who are just as much to blame.
The producers who don't behave ethically are numerous, the severe wastage and pollution by them is seriously appalling, it seems like China is leading the world in this, seen the latest? with the millions and millions of new push bikes piled up on rubbish heaps? How about we have the big mouth sticky beak politicians have some summits over China's shocking attitudes?

Companies don't care, because consumers are pathetic. Silent and wishy washy.
I actually had a bit of an attempt to point out to a cellphone company that their current advert contains offensive discrimination recently. There is a line in the ad where they show a taxidermy hippo with big teeth, and then a slightly deranged looking trenchcoated man with missing teeth. The voice over says, "Big teeth, say run - No teeth, also says run". It is offensive to people with missing teeth in a way which unnecessarily has the potential to be hurtful. Especially to children, and the rates of children losing adult teeth in NZ have been skyrocketing with all the sugar parents feed them.

The reply I got was a brief, sorry you found a bit of the ad offensive, and then saying they were making a joke about the teeth, "stating the obvious" .. but actually instead of being sincere they just said they thought it was all a great joke, then they continued to preach some philosophical advertising slogan about 6 degrees of separation and that they see NZ as having 2degrees of separation.. because it is 2degrees the company. I haven't heard back again after spelling out how appalling their attitude in response is and to not insult my intelligence by spouting their pathetic attempt at philosophy at me.

lol. There is a severe lack of ethics, and as a mass, consumers are somewhat to blame for not doing what I did there. We shouldn't have to I agree, but, we do have to.

Our phones can listen to us, why not Alexa and the others?

I've never been reactionary or prone to fear or paranoia. It doesn't matter. I can approach subjects like this as rationally as possible and people will laugh it off. I have a lifetime of experience having people tell me after the fact that they should have listened.

After the fact is too late.

Too bad.

If I have to fill in age location gender forms, I either opt out of going or doing what I was going to, or fill in false data.

I think it is prudent to be erratic and uncooperative whenever possible. lol

It will keep happening as long as people continue to say nothing about it, but we'd need a large amount of people to withdraw trade with companies before it would have an effect.

Americans already can’t drive a stick shift, or read paper maps. Why not a self driving pram?

Lisa M Harrison states that Leelu communicates with her via Siri. She said that the communication is analogue, not digital.???

Lisa M Harrison states that Leelu communicates with her via Siri. She said that the communication is analogue, not digital.???

There is analog-to-digital and digital-to-analog conversion taking place for the sake of the audio quality and the voice recognition, but Siri itself is most decisively digital. ;)

I don’t understand the dynamic there, with Lisa & Leelu.

https://www.youtube.com/watch?v=E-kHms8OqLA

Dt, If you click onto the above video, Lisa starts talking about. It doesn't take long. At the end she replays her recording of the message, which is very short. I think I set it right.

Leelu is a female from another place/dimension who made contact with Lisa last year (I think), who has kept in touch with her.

We all are observed on 24/7 everywhere and it's almost impossible to escape, that is the reality we live in. You can only take some steps which will give you mostly the illusion that you're having your privacy in case you worry about these kind of things. Sometimes I wonder how might my profile be looking in in the data centers, in case I've been included too. Would it say dissident? :winner: