In early 2019, Amazon had shipped over 100 million Echo devices and became the leading company in smart speakers. The “Smart Audio Report” by NPR and Edison Research stated that by the end of 2019, over 60 million American consumers, aged above 18 years, owned at least one smart . speaker Also, the Statista Global Consumer Survey—conducted in the third quarter of 2020—shows that Amazon’s Echo was the most popular voice-activated in the market with a share of 20.8%, while other smart speakers, including Google Nest and Apple’s HomePod, were other major players. speaker Along with smart speakers, virtual assistants such as Alexa have also gained popularity during the past few years. More and more people have grown comfortable with the idea of installing a listening device in their homes. As per Amazon’s latest announcement, Alexa controls over 100,000 smart home devices. All in all, smart speakers and virtual assistants have come a long way since their launch. Moreover, by 2025, it has been estimated that the global smart market could be valued at over $35.5 billion. speaker Though smart speakers and virtual assistants’ popularity is still rising, cybersecurity professionals continue to take the thought of security with a pinch of salt. Owing to sheer curiosity and the enticing opportunity of owning a futuristic device, people tend to overlook privacy concerns. So, is there any possibility of security threats? Do the privacy concerns and security outweigh the benefits of owning a smart ? This blog elucidates the advantages as well as security risks of owning a smart in 2021. speaker speaker How Smart Speakers Make Lives Better? Whether it is Amazon’s Echo or Google’s Nest, these smart speakers have made our lives better than ever. Not only do they enhance the appeal of a house, but they also aid in the smart home movement. Smart speakers make day-to-day activities easier and increase the efficiency of performing tasks. While the advantages could differ from one case to another, smart speakers have been an enticing option for all, especially the millennials. Here’s a list of advantages that smart speakers have to offer: Better Convenience and Organization Everyday tasks are usually boring, and smart speakers can make such tasks more convenient, like asking any question, making a call, saving a reminder, or scheduling an appointment. Also, smart speakers can control the lights in a room, thermostat temperature, and so much more. A few voice commands let one do multiple tasks in no time in a smart home. These voices in a box device are a blessing in disguise for the differently-abled people, who can independently use voice commands to control their environment. For instance, a person who has paralysis can give a voice command to turn on the lights in a room via the smart speakers. Emergency Management Smart speakers can act as security tools by identifying the sounds of forced entry of burglars or intruders into a home. Many emergency management organizations use smart speakers for mass notification systems as they can sense an impending emergency through sound and send notifications to all connected devices at a go. Moreover, many security vendors opt for smart integration as instantaneous connectivity makes the devices more accessible. speaker Time and Energy Saving Setting reminders with the help of a smart is one of the many benefits that can potentially help save time and energy. Such smart speaker-set reminders can help boost the employees’ confidence and improve their productivity in a working environment. speaker Smart speakers are built on Artificial Intelligence (AI); so, if an office-goer uses a smart , it can easily record the user’s daily habits and organize a day’s schedule accordingly. Thereby, saving the person valuable time. Also, smart speakers can go a long way in promoting sustainability and energy saving as it allows people to use only what is needed. Thus, reducing electricity consumption and its related costs. speaker Are Smart Speakers Dangerous? Just as the internet, Bluetooth headsets, and smartwatches have become part and parcel of our lives, smart speakers are on the way to becoming a necessity too. Owing to the range of benefits they have to offer, the smart market will boom in the coming days. However, nothing is perfect, and here comes the major issue with smart speakers—their security flaws. speaker Under certain conditions, smart speakers can be hacked because of the two major concerns: Smart speakers always listen to their surrounding environment. Smart speakers can become potential hubs of vulnerability due to their ability to connect to multiple devices at once. So, let us explore the type of risks that one might have to take while using a smart . speaker Privacy Issues The two major leading smart manufacturers are also two of the biggest data-centric companies—Amazon and Google. They continue to face an increasing number of data breaches and cybercrime in recent days. Since the COVID-19 pandemic outbreak, remote work policies have increased; thus, increasing the number of data breaches. speaker According to a report formulated by IBM and the Ponemon Institute—constituting the feedback from 3200 IT and security professionals—the global average cost of a data breach has touched a whopping $3.86 million per breach in the year 2020. The ability of smart speakers to gather large amounts of information instantaneously makes it a potential security threat. Not to mention that bugs in software updates can easily transform smart speakers into surveillance devices. Children or Neighbor Proximity Anyone can command smart speakers to make them do anything. This disastrous feature is vulnerable to loud neighbors and children having no idea about what they are doing. The following are some instances: : While sipping on a beer, the neighbor shouts to his wife to order some pizza. However, the smart , hearing his voice, assumes you (the Lactose intolerant resident) placed the request. And, 20 minutes later, you hear a knock at the door with 5-boxes of cheese pizza. Bombs away! Neighbor speaker :  A child looks at a toy on Amazon and shouts, “Alexa, order me 50 Barbie dolls.” This might result in unwanted purchases and reckless shopping habits among children who shop without their parents’ knowledge. Children : For instance, in September 2017, a parrot named Buddy mimicked its owner and ended up ordering gifts on Amazon even though it was a bunch of gibberish commands. Pets : For people living in an apartment with mischievous neighbors (amateur or professional hackers) holding the knowledge of your recently purchased smart , they can send commands in ultrasonic frequencies. Also, according to , it has been found that it is possible to send inaudible voice commands at frequencies inaccessible by humans. Not to mention that hackers can control devices silently through electromagnetic waves too and trigger commands instantaneously. Hackers speaker research Wi-Fi and Smart Speakers Wifi is the new breeding ground for hackers. When using voice assistants or any IoT-based devices, one must ensure that the Wi-Fi connection is encrypted. It is advisable to use WPA2 encryption and strong passwords for this purpose. Also, regular updating of your Wi-Fi driver will reduce the probability of vulnerabilities. The recent (Key Reinstallation AttaCKs) attack is one such example that proves how Wi-Fi networks can allow attackers to exploit or inject or modify any data, resulting in manipulated web pages or introducing malware into devices. KRACK Another thing to keep in mind is not sharing passwords with visitors who might temporarily use Wi-Fi. That is why setting up a guest network will be a much safer option. According to an ISTR Special Report by Symantec, an insecure Wi-Fi connection and a Google Home device can be a deadly combination because API calls can be made to interact with Google Home devices through Chromecast, an advanced built-in technology that allows users to stream their favorite entertainment and apps from a mobile phone, or laptop to their televisions or speakers. Here are a few instances of API calls that can be made. The following shows the Method (POST, GET, and POST GET) and its URL and Description: : POST : /setup/set_eureka_info URL 1 : Modify various settings, such as the device name, family mode, etc. Description1 : /setup/forget_wifi URL 2 : Delete specific Wi-Fi settings resulting in the device going offline Description 2 : /setup/assistant/alarms/volume URL 3 : Increase/decrease/mute the alarm volume Description 3 /setup/reboot URL 4: : Reboot or factory-reset the device Description 4 : /setup/assistant/notifications URL 5 : Enable the ‘Do Not Disturb’ mode Description 5 : GET : /ssdp/device-desc.xml URL 1 : Reveal the name of personal device Description 1 : /setup/eureka_info?options=detail&params=version,name,build_info,device_info,net,wifi,setup,settings,opt_in,opencast,multizone,audio,detail URL 2 : Discloses important details, such as device name, proxy settings, Wi-Fi name, and location Description 3 : /setup/configured_networks URL 3 : Disclose any saved name of Wi-Fi network Description 3 : POST GET : /setup/scan_wifi; /setup/scan_results URL 1 : Disclose nearby Wi-Fi network names Description 1 : /setup/bluetooth/discovery; /setup/bluetooth/get_bonded URL 2 : Enable Bluetooth discovery Description 2 Similarly, simple requests can disclose the names of all configured Wi-Fi networks from a single Google Home device, for instance: : http://192.168.0.XX:8008/setup/configured_networks Request : [{“ssid”:”NotForFreeloadingWIFI”,”wpa_auth”:1,”wpa_cipher”:1,”wpa_id”:0},{“ssid”:”YouCantUseMyWifi”,”wpa_ auth”:7,”wpa_cipher”:4,”wpa_id”:1}] Response Furthermore, there are also commands that can reboot the device: curl -H ‘Origin:https://www.google.com’ -H ‘User-Agent:com.google.android.apps.chromecast.app/1.24.37.7 (Linux; U; Android 6.0.1; SM-J510FN Build/MMB29M)’ -H ‘Content-Type:application/json’ -H ‘ContentLength:16’ -H ‘Host:192.168.0.XX:8008’ -H ‘Connection:Keep-Alive’ -H ‘Accept-Encoding:gzip’ -X POST ‘http://192.168.0.XX:8008/setup/reboot’ --data-binary ‘{“params”:”now”}’ In a Nutshell Smart speakers are gaining more popularity day by day. It has already become one of the most important everyday objects. Most importantly, it is an artificially intelligent device and might be a precursor to the era where humans would be living with robots. The perils associated with smart speakers cannot be ignored. However, privacy remains the biggest concern. Smart speakers can become permanent unauthorized eavesdroppers in households if one is not aware of the potential risks.

Waves

Amazon

Apple

BUNCH

Smart Speakers: A Blessing Or A Curse?

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

3 Stories To Learn About Amazon Echo

3 Ways to Find a Lost Phone Using Amazon Alexa

A Smart Home with SG NextBus using Google Home & Amazon Echo

AI Assistants and the last mile problem

Alexa apps: Dive In, Move Along, Wait for Now?

“Alexa, Donate $5000 to St. Jude” — a Chat with my Coworker’s Echo

3 Stories To Learn About Amazon Echo

3 Ways to Find a Lost Phone Using Amazon Alexa

A Smart Home with SG NextBus using Google Home & Amazon Echo

AI Assistants and the last mile problem

Alexa apps: Dive In, Move Along, Wait for Now?

“Alexa, Donate $5000 to St. Jude” — a Chat with my Coworker’s Echo

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps