New dawn in cyber warfare could target oil and gas sites – News for the Oil and Gas Sector Energy Voice
Former member of hacktivist group Anonymous, Mike ‘sting3r’ Jones discusses a new cyber threat to Big Oil and how the sector might combat it. 2017 brought a …
Enlarge (credit: Amazon)
The success of Internet of Things devices such as Amazon’s Echo and Google Home have created an opportunity for developers to build voice-activated applications that connect ever deeper—into customers’ homes and personal lives. And—according to research by a team from the University of Illinois at Urbana-Champaign (UIUC)—the potential to exploit some of the idiosyncrasies of voice-recognition machine-learning systems for malicious purposes has grown as well.
Called “skill squatting,” the attack method (described in a paper presented at USENIX Security Symposium in Baltimore this month) is currently limited to the Amazon Alexa platform—but it reveals a weakness that other voice platforms will have to resolve as they widen support for third-party applications. Ars met with the UIUC team (which is comprised of Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Assistant Professor Adam Bates, and Professor Michael Bailey) at USENIX Security. We talked about their research and the potential for other threats posed by voice-based input to information systems.
There have been a number of recent demonstrations of attacks that leverage voice interfaces. In March, researchers showed that, even when Windows 10 is locked, the Cortana “assistant” responds to voice commands—including opening websites. And voice-recognition-enabled IoT devices have been demonstrated to be vulnerable to commands from radio or television ads, YouTube videos, and small children.
Read 12 remaining paragraphs | Comments
Who’s been collecting the voice prints of millions of people saying “My voice is my password”? Why has it become tougher for law enforcement to scoop up cellphone data? And who’s been turning up your central heating?
All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.
Enlarge / Depending on your language preferences, the answer to this prompt remains “no.”
Apple’s most recent fall event centered on excitement about the iPhone X, face recognition replacing Touch ID, OLED displays, and a cellular-enabled Apple Watch. But instead of “one more thing,” people living in Poland, Lithuania, Slovakia, Czech Republic, and many other places all over the world certainly noticed one missing thing.
Siri learned no new languages, and it’s kind of a big deal.
Touch screen works splendidly as an interface for a smartphone, but with the tiny display of a smartwatch it becomes a nuisance. And smart speakers that Apple wants to ship by the end of the year will have no screens at all. Siri—and other virtual assistants like Google Assistant, Cortana, or Bixby—are increasingly becoming a primary way we interact with our gadgets. And talking to an object in a foreign language at your own home in your own country just to make it play a song makes you feel odd.
Read 45 remaining paragraphs | Comments