Skip to main content

Shooby Shooby Do Yah ... now Google ... Turn Bill's Lights Off

Introduction

I drove from Edinburgh to Glasgow last and had a merry chat with my car companion.

As I was driving I asked them to "Play Banana Republic by the Boomtown Rats on Spotify", and then asked, "Tell me the latest tech news". But I was alone in the car, and every command began with "Okay Google".

I must admit when a great piece of useful technology comes along, I love it. There is no button to press, and there is no looking at the screen, and it works beautifully. All I have to do is match my sentences to the ones that my Google Assistant understands. For just now we are in a learning phase, and she is learning from me, and I'm learning from her. The world, as far as I can see it, is moving towards one which has Alexa, Siri and Now Google embedded into it. I believe this will become one of the greatest steps forward in the true integration of technology and humans.

 But, on the other side, we now have a little spy in our pocket, and she's listening to every single thing that you say. While her trigger is "Alexa ...", "Siri ..." or "Okay Google...", the agent is listening to every single thing you that say. If you have seen some of our reason IoT demos, we have a difficult conversation with Alexa, and we demonstrate how by working Porridge, she will trigger her listening process.

 Now researchers in the US and China have shown that it is possible to run commands on Siri, Google Now and Alexa with commands hidden in songs:


This has been dubbed the "Dolphin Attack". Along with hidden commands in music, they found that the assistants will listen to high-frequency signals which cannot be heard by the human ear. Their proof of concept song is here.

Come and see it in action ...

If you have seen some of our IoT presentations recently, we have been demo'ing Alexa and Siri having serious discussions with us - they basically refuse to let us do the things we want to do, and tell us to go away. We are now working on new demos which focus fully on the risks of using Alexa, Google Now and Siri. Why not come along and see the future?

 Here's a bit of fun with AI ...



Comments

Post a Comment

Popular posts from this blog

Getting Ready for the All Clear for Backdoors?

Introduction As GDPR heads towards an increasing application of encryption, the US may move towards legislating for a backdoor on crypto - named "responsible encryption". The justification revolves around cases such as for Syed Rizwan Farook who open killed 14 people in San Bernardino. Within the investigation, the FBI put considerable pressure on Apple to open the phone, but they refused. After this, the US government pushed through a court order to force Apple to produce a new operating system which could be unlocked, and again Apple refused and said that it was "a threat to individual liberty". Many now see strong encryption as the key weapon in a battle between perfect encryption and a Big Brother society, and where civil liberties are the ultimate target. And so to soften the tone of the debate, the term exceptional access was coined. Clear While President Obama dismissed the application of backdoors into crypto, it is now being pushed forward within the ...
Post a Comment
Read more

Twitter Password Reset and Media Panic Stories

  Introduction The Twitter data breach showcases the possible up-and-coming storm from the media on data breaches, especially that it still struggles to understand some of the technical elements involved in a breach. With the Facebook/Cambridge Analytica story making the news headlines, the media now know that they have a technically-related topic that the general public are interested in. And so Twitter is the most recent major Cloud Service Provider who has hit the headlines: So many in the media this was pushed as a major story, but it was just a typical story of someone making a mistake and which was quickly righted. The chances of any related data breach is minimal as it was only an internal processing mistake. For most companies the error would go unreported external, but in the days of the media chasing for cover-ups and evidence of bad practice, Twitter did the right thing and reported it. The media, of course, go for shock headlines, and which can panic users (and...
Post a Comment
Read more

The Domain Reminder "Scam"

Introduction You may know that I often follow-up on scamming emails, in order to investigate the true motive for their attempt. So here I would like to outline a scam which looks fairly passive but tricks the user in its usage of wording. The Scam First the scamming company search DNS records and locate a domain which is near to timing-out and gain the email address of the registered person. Next they draft an official looking email which looks like it knows lots of details about the domain and account holder, and which warns them about a domain which is expiring: But the wording is strange here, and there's nothing illegal in what they are offering. In quickly reading the email, it seems that they are warning you that your domain is expiring on 28 June 2017, and that it will be cancelled . But read more closely ... it is their offer of the SEO registration that will be cancelled on 28 June 2017! This is the same date as the domain is actually going to time-out, so they...
Post a Comment
Read more