Sonic Siri

A Chinese research firm has discovered that all our our various voice assistants (Alexa, Siri, OK Google and Cortana) listen to frequencies well beyond the range of human hearing.  Therefore, if a malicious command is pitch-shifted above that range, our devices will hear it and execute it without any of us knowing about it.

Here's the video of it in action:



On the surface, this looks a bit scary: the parts are cheap, there are apps that will shift the frequency of any input (though it may need to be washed through the app a few times, but that's not hard, just time consuming).  And maybe it is scary, but there are some things that you can do about it.  Read on.

Reasons to be Concerned

First, as seen in the video, this absolutely does work.  Someone could be sitting in a Starbucks with this gear sitting in their backpack, the speaker exposed through an open pocket and ask your phone to do... almost anything.

"Hey, Siri.  Text my email address to XXX-XXX-XXXX."

"Ok, Google.  Unlock my car."  (Assuming you have a car with smart connections.)

"Hey, Cortana.  Send my itinerary to xxxxxx@xxxx.com."  (Assuming you either have your laptop on and Cortana enabled or are one of the five people with a Windows phone.)

These are all reasonable commands with an expectation that your voice assistant be able to actually do them.

Reasons NOT to be Concerned

There are several.  First, the researchers who did this were able to do select commands 100% of the time... in a lab.  Their success rate dropped off when they moved to real world areas.  They were only able to turn on Airplane mode 80% of the time in a cafe and 30% of the time on the street.  This also assumes that the voice assistant understands the request.  Most of them get confused a fair number of times, even for requests that have been successful in the past.

Secondly, this really only affects the smart assistant in your phones.  Yes, Alexa and Google Home and the rest can also pickup ultrasonic commands.  However, they are inside an ultrasonic shield: your home.  Ultrasonic frequencies are very bad at going through things.  Walls and glass and brick are all more likely to reflect ultrasonic frequencies than pass them.  And if your thinking, "But what about sonograms and things like that?"  Those do work, but they need a special transmitter that is mated to a non-rigid surface (the belly) via a special gel.  If that gel has even a small air bubble in it, trapped between the belly and the transmitter, then the imaging has major noise.

Finally, all of the companies responsible for these voice assistants are also working on individualizing the experience for multiple users.  Especially the home versions.  Not only do they have to try and recognize what is being said, but then match that to voice patterns to recognize who said it, thereby applying the "Alexa, we need more Super Salted Caramel Ice Cream" to my daughter's shopping list and not mine.  This means that the ultrasonic command needs to be in a voice that is recognized by the machine and, over time, will most likely be filtered out as not having the lower half of the harmonics that accompany a human voice.

Ultimately, this is interesting, but not nearly as frightening as the lack of due diligence shown by Equifax.