This article is more than 1 year old
'Alexa, listen in on my every word and send it all to a shady developer'
Amazon fixes up app security hole affecting always-listening Echo assistants
Amazon has shored up a security weakness in its technology to stop apps for Alexa-powered Echo personal assistants from secretly eavesdropping on folks.
Alexa skills – software add-ons for the chatty voice-controlled assistant – could, once installed, have abused an Amazon-provided software development kit to continually listen in on people talking near an Echo and send transcripts off to miscreants, according to infosec biz Checkmarx.
Someone would have to enable the malicious skill for their microphone-equipped Echo, activate the add-on with a verbal cue, and then chat away while the gadget continued to listen in. The software should be forced to stop spying after a short period of time, however it was possible for a skill to keep the mic hot for longer than people nearby would expect, allowing the skill to potentially siphon off their conversations.
Amazon told El Reg on Thursday it has addressed this exploitable flaw. Here's a video demonstrating the problem:
Israel-based Checkmarx homed in on the way Alexa skills listen for commands to do stuff. By telling the skill to delay turning itself off, a shady developer could keep the device active and listening for up to 16 seconds. This can be done simply by telling the skill to listen for a "re-prompt" command, and leaving that re-prompt word undefined.
"Within a valid skill with legitimate intent functionality (for example a calculator skill that calculates math actions according to user input), the input can be captured to an external log, accessible to the skill developer," Checkmarx explained this week.
That log, intended to be used by the developer to understand how their Alexa skill is being used, could instead be abused to eavesdrop on users. In other words, a developer could tell their Alexa skill to keep listening for commands after performing a function, and then collect all of the audio gathered.
"Surprisingly the reprompt can be defined with an empty output-speech that the user cannot hear nor will notice," Checkmarx stated.
"This will extend the lifetime of the skill by 8 seconds, even if there's silence on the user's side." ®