As Alexa, Google Home, Siri, and other voice assistants have become fixtures in millions of homes, privacy advocates have grown concerned that their near-constant listening to nearby conversations could pose more risk than benefit to users. New research suggests the privacy threat may be greater than previously thought. The findings demonstrate how common it is for dialog in TV shows and other sources to produce false triggers that cause the devices to turn on, sometimes sending nearby sounds to Amazon, Apple, Google, or other manufacturers. In all, researchers uncovered more than 1,000 word sequences—including those from Game of Thrones, Modern Family, House of Cards, and news broadcasts—that incorrectly trigger the devices. “The devices are intentionally programmed in a somewhat forgiving manner, because they are supposed to be able to understand their humans,” one of the researchers, Dorothea Kolossa, said. “Therefore, they are more likely to start up once too often rather than not at all.” That which must not be said Examples of words or word sequences that provide false triggers include Alexa: “unacceptable,” “election,” and “a letter” Google Home: “OK, cool,” and “Okay, who is reading” Siri: “a city” and “hey jerry” Microsoft Cortana: “Montana”
Our setup was able to identify more than 1,000 sequences that incorrectly trigger smart speakers. For example, we found that depending on the pronunciation, «Alexa» reacts to the words “unacceptable” and “election,” while «Google» often triggers to “OK, cool.” «Siri» can be fooled by “a city,” «Cortana» by “Montana,” «Computer» by “Peter,” «Amazon» by “and the zone,” and «Echo» by “tobacco.” In our paper, we analyze a diverse set of audio sources, explore gender and language biases, and measure the reproducibility of the identified triggers.
Data is currency, and consumers are willing to hand over their information in exchange for “free or convenience,” Schneier said. Companies such as Facebook and Google want the data so that they can sell more stuff. Users hand it over to play games, to get email, or some other benefit. “I like to think of this as a feudal model. At a most fundamental model, we are tenant farming for companies like Google. We are on their land producing data,” he said. By handing the data over, users have an expectation of trust that Google, Facebook, and other data brokers will do the right thing with the personal data. However, this becomes a power play when governments get involved. Governments don’t need to collect the data themselves when corporations are already doing it. “The NSA woke up and said ‘Corporations are spying on the Internet, let’s get ourselves a copy,’” Schneier said. Most NSA surveillance “piggybacks” what the companies are already doing, he said.