It’s still in its early days in India, nevertheless smart speakers such as the Amazon Echo are finding takers, with many willing to try it out. Amazon Echo and even the Google Home ( both are three device series) are voice-enabled smart speakers that let you control a lot of things with your voice.
You don’t need to type anything, and tasks like turning on the TV or playing music will be done in no time. Both these devices come to life with voice assistants like Alexa (for Amazon) and Google Assistant for Google, as the name suggests.
How to Protect Smart Speakers
But like all smart devices, even these two will only be of any worth if you connect them to internet (mobile data or Wi-Fi), Which make us try to understand how safe or foolproof devices like the Echo and Google Home really are.
A recent report by Symantec highlighted the nitty-gritty of a smart speaker, its implications, and how this internet-enabled device could be misused, even by your kid.
Now, you must be wondering how can a kid pose problems for a device like this. Well, anything which is connected to the internet carries a threat, and for a voice-enabled product, the danger heightens even more.
The fact that smart speakers are always listening brings up a lot of privacy concerns, there’s a risk of anybody (even your neighbour) speaking out loud to the Echo/Home, asking it to do your task.Candid Wueest, Principal Threat Researcher, Symantec
Wueest is part of a team at Symantec that has been studying the security implications of voice-enabled speaker, and finding ways to control them.
First up, he makes it clear that whatever the Echo or Google Home record via Alexa and Google Assistant, respectively, all of them are sent to the back-end server only when you trigger the wake-up word, which is ‘Hey Alexa’ for Amazon, and ‘Okay Google’ for the Google Home.
It’s important to note that the recordings are only sent to back-end servers once the wake-up word has been heard, and they are also sent over an encrypted connection.Candid Wueest, Principal Threat Researcher, Symantec
He further adds that if you’re paranoid enough, then both devices let you delete the recordings as well. That should make you feel better.
Voice Command – Works For All
The thing with voice command is, they don’t work like passwords. Trigger words can be said by anyone, and the smart speakers, not only respond, but abide by his/her command.
Anyone who is in speaking distance can interact with a voice-activated smart speaker. This means a visiting friend could check what’s on your calendar or a curious neighbour could add an alarm for three o’clock in the morning by shouting through your locked door or someone could order via Pantry without your knowledgeCandid Wueest, Principal Threat Researcher, Symantec
Now that’s a big grey, which Wueest has been quick to point out, and he feels like developers need to ensure that the voice isn’t misused. The only way to work that out is to use voice (a specific one) as the substitute for password.
One feature that might help you avoid unwanted purchases in the future is voice recognition, which is able to distinguish between different voices and link them to their corresponding accounts.
Hopefully, Google and Amazon among others can fix this loophole before someone falls prey to such mishaps.
Secured Internet a Must
Smart speakers, by connecting to the internet leave them vulnerable to hackers and the best way to keep them safe is by securing the Wi-Fi router connected with the device.
Someone with unsupervised physical access to your smart speaker could potentially modify the device or its settings to their benefit, just as important it is to secure the home Wi-Fi network and all other devices connected to it. Malware on a compromised laptop could attack smart speakers in the same local network and reconfigure them, without the need for a password.Candid Wueest, Principal Threat Researcher, Symantec
Just to be super careful, if you were planning to give Echo or Google Home the power to open your main door, then don’t (you can’t be lazy AF). Wueest suggests you should not connect security functions like opening door locks to voice-activated smart speakers and we concur with him 100 percent.
Getting excited for new products like smart speaker is understandable, but you need to make sure that the steps to safeguard its use are put in place. After all, it’s your data and your money which can get misused by anyone who’s devious.
(Breathe In, Breathe Out: Are you finding it tough to breathe polluted air? Join hands with FIT to find #PollutionKaSolution. Send in your suggestions to fit@thequint.com or WhatsApp @ +919999008335)
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)