Tag Archive for: conversations

Google Home smart speaker bug could have allowed hackers to spy on your conversations

/in


A security researcher has won a $107,500 bug bounty after discovering a way in which hackers could install a backdoor on Google Home devices to seize control of their microphones, and secretly spy upon their owners’ conversations.

Vulnerability hunter Matt Kunze initially reported the problem to Google in early 2021, after experiments with his own Google Home smart speaker noticed the ease with which it added new users via the Google Home app.

Kunze discovered that connected users could send commands remotely to paired Google Home devices via its cloud API.

In a technical blog post, Kunze described a possible attack scenario:

  1. Attacker wishes to spy on victim. Attacker can get within wireless proximity of the Google Home (but does NOT have the victim’s Wi-Fi password).
  2. Attacker discovers victim’s Google Home by listening for MAC addresses with prefixes associated with Google Inc. (e.g. E4:F0:42).
  3. Attacker sends deauth packets to disconnect the device from its network and make it enter setup mode.
  4. Attacker connects to the device’s setup network and requests its device info.
  5. Attacker connects to the internet and uses the obtained device info to link their account to the victim’s device.
  6. Attacker can now spy on the victim through their Google Home over the internet (no need to be within proximity of the device anymore).

According to Kunze, a malicious hacker who has successfully linked his account to the targeted Google Home device can now execute commands remotely: controlling smart switches, making purchases online, remotely unlock doors and vehicles, or opening smart locks by brute-forcing a user’s PIN.

Kunze even determined that he could exploit a Google Home speaker’s “call <phone number>” command, effectively transmitting everything picked up by its microphone to a phone number of the hacker’s choice.

Thankfully, Kunze’s responsible disclosure of the vulnerabilities to Google mean that none of the security flaws should be possible to exploit any more.  Google fixed the security holes in April 2021, although details have only been made public now.

Of course, that does mean that for some years millions of people were…

Source…

Can the New EarSpy Hack Eavesdrop on Your Phone Conversations Through Vibrations?

/in


Eavesdropping on Phone Conversations Just Got Easier.

Eavesdropping on Phone Conversations Just Got Easier. (Representational image)

Photo : iStock

Mobile security is a constantly evolving field, with new vulnerabilities constantly emerging. Imagine mobile security as a highway: just as new potholes can form on a highway every day, new vulnerabilities can appear in mobile security. The effectiveness of mobile security also depends on users taking care to protect their devices and avoid compromise, much like how the smoothness of a drive on a highway depends on drivers taking care to avoid accidents.
A group of researchers from several reputable American universities have recently developed a new attack method called EarSpy, which is designed to capture what users say through their phone’s speaker by analyzing vibrations caused by the user’s voice.

This attack can even work when the phone is held up to the ear, and was found to be very effective at identifying the gender of the speaker and the words spoken when tested on newer models of the OnePlus phone. In one particular set of tests using the OnePlus 7T, EarSpy was able to correctly identify the gender of the speaker in 98.66% of samples.

Across multiple phones, sample sets, and analysis models, gender recognition was fairly accurate, with the lowest reading being 65.53%. EarSpy was also able to detect the speaker’s identity with a top accuracy rate of 91.24%, nearly three times better than a random guess.

However, the accuracy of EarSpy in understanding the exact words spoken was lower. When tested using samples of actors reciting a sequence of digits, the best performer achieved a hit rate of only 56%. Despite this lower accuracy, the researchers noted that this is still five times more accurate than making a random guess.

The authors of the research paper also pointed out that while the impact of speakerphone vibrations on raw accelerometer data is relatively low and algorithmic word detection using this data is spotty, adversaries using the EarSpy attack can still determine key components of the conversation, such as who is speaking and what is being spoken about. In theory, EarSpy could be leveraged by malware that has infiltrated a device to relay accelerometer data back to the…

Source…

Signal adds encrypted group calls to keep your conversations secure

/in


Signal on Monday announced the launch of group calls which, like everything else on the platform, is end-to-end encrypted. The new feature, which builds on other group chat functionality introduced in October, is rolling out to to Signal on Android and iOS.

Starting a group call in Signal is easy. Now, when you open a group chat, you’ll see a video call button at the top. Once you start a call, the group will receive a notification saying that a call has started. That’s essentially how it works on every messaging app that supports group calls.

“Signal Group Calls are one of many features that we have designed with Signal Private Groups as a foundation, using our RingRTC library for handling frame encryption and the logic around setting up and joining calls,” the company wrote in a blog post.

According to Signal, group calls are only supported in the new style groups. However, legacy groups will be automatically updated to new groups in the coming weeks. Back when the new group features were released, Signal added mentions, admins, and group permissions.

The company said group calls are currently limited to five participants, but the company is hoping to expand that number soon. That’s quite limiting if you have a large group of friends or family you want to chat with, and is far fewer than what Google Meet and Zoom accommodates. These services also offer end-to-end encryption.

If you’re an existing Signal user, the addition of group calls makes the service that much better. It may not serve as a mainstream threat to Google Meet or Zoom, but the platform has many other features that make it a great app for communication — and everything is end-to-end encrypted, so there’s the added benefit of security.

Signal’s free group calling features are available on Android and iOS beginning today.

Source…

Hear me speak at “Conversations from the Vault” in London

/in

You may already be going to be there without realising it, as the event is happening at the same place as IDC’s Identity & Privacy Conference.

Graham Cluley