Is someone else controlling your virtual personal assistant?

By Barb Darrow
September 8, 2017

Here’s something gadget freaks might want to know: Researchers in China and the U.S. have found that hackers can take control of Amazon Echo, Google Home, and other connected home devices and phone-based personal assistants by issuing commands that people cannot hear.

Think of this like a dog whistle that your pooch can hear but you cannot. Given that these target devices—which people use to order take-out food, check their bank accounts, and make phone calls—have become hugely popular, this is a bit concerning.

The technique, which Zhejiang University researchers dubbed the DolphinAttack—dolphins also hear high frequencies people can’t—can also take control of Apple aapl Siri running on iPhones or MacBooks as well Microsoft msft Windows 10 machines. Basically, the researchers “translated” spoken commands into higher non-audible-to-human frequencies and played them back to the devices.

Their research was picked by Fast Company. Another team at Princeton University was also able to take control of devices using ultrasound commands, according to the BBC.

Related: Amazon Really Wants Alexa to Rule Your Home

The slightly reassuring news here it is that to succeed, the attacker must get physically close to the target device, and put another speaker capable of transmitting ultrasonic sound near it, according to the Princeton group.

The Chinese team said they were able to use the technique on iPhones, Google goog Nexus devices, Amazon amzn Echo home speakers, and cars. And, they noted ominously, they don’t think that list is comprehensive.

Get Data Sheet, Fortune’s technology newsletter.

Summing it up, the Zheijiang team wrote that this work should serve as a “wake-up call to reconsider what functionality and levels of human interaction shall be supported in voice controllable systems.”

SPONSORED FINANCIAL CONTENT

You May Like