Hackers Send Secret Commands To Siri From 16 Feet Away - News9.com - Oklahoma City, OK - News, Weather, Video and Sports |

NEWS

Hackers Send Secret Commands To Siri From 16 Feet Away

Posted: Updated:
APPLE APPLE

Researchers in France have demonstrated they can get Siri to do their bidding while she's nestled not-so-safely in your pocket.

In a paper published by IEEE, Chaouki Kasmi and José Lopes Esteves from the French Network and Information Security Agency, created a "silent remote voice command" technique that uses a pair of plugged-in headphones to whisper in Siri's ear without you knowing it. The commands can be sent via radio from as far as 16 feet away, Wired reports. The headphones act as an FM antenna.

It also works against Android phones with Google Now enabled. 

The hack sends electromagnetic waves from a radio antenna that are picked up by the microphone in headphones or ear buds and converted into digital signals that can command the phone to do a number of things that might be useful to a hacker with an agenda. Kasmi told CBS News an attacker could activate Wi-Fi and Bluetooth to turn the phone into a midrange location tracker, or use the phone for audio spying (that is, eavesdropping), by having it call his own phone, letting everything you say or hear be heard on the other end.

It can also tell the phone to place a call or send a text to a paid service, or post compromising information to social media for the purpose of phishing or damaging your reputation.

And for advanced maneuvers, Kasmi explained, "The exploitation of the voice command interface is used as a first step to further compromise the device: The attacker can force the target to visit a malicious web page which exploits a vulnerability to compromise the target's operating system. As an example one could think of installing a malicious application, or further exploiting vulnerabilities on the wireless interfaces."

The large version of the antenna can send the signal from 16 feet away, according to Wired, while a backpack sized version is powerful enough for a hacker to sidle up within six and a half feet. Making one isn't particularly challenging and the parts only cost a couple hundred dollars.

"To design such an emitter, open source software for software-defined radio is publicly available," Kasmi said. "Thus, the design of the source is very simple and cheap with regards to open source software and hardware."

Protecting yourself is fairly basic, too. For one thing: Don't leave headphones with a microphone plugged into your phone, and disable voice control enabled when the phone is locked. Google Now voice control is not available from the lock screen by default, but Siri is. To disable it, find the Passcode or Touch ID & Passcode section in settings and deactivate Siri under the heading "Allow Access When Locked."

© 2015 CBS Interactive Inc. All Rights Reserved.

Special Features

iPhone App

Get breaking news, weather, sports & video directly on your iPhone.

Politics

Breaking political news & the latest headlines from the state capitol & D.C.

Radars

See where weather is happening using our live interactive radars.

Technology

Spend your money wisely with reviews of new tech gadgets & the latest news in technology.

TV Schedule

Need to know what's on TV? Check out our television schedule.

Live Radar

WARN Interactive
Powered by Frankly
News 9
7401 N. Kelley Ave.
Oklahoma City, OK 73111
News9.com is proud to provide Oklahomans with timely and relevant news and information, sharing the stories, pictures and loves of Oklahomans across our great state.
All content © Copyright 2000 - 2017 KWTV. All Rights Reserved. For more information on this site, please read our Privacy Policy, and Terms of Service, and Ad Choices.