Your iPhone Can Be Targeted With Laser Pointer – Here’s How
Visible assistants like Siri and Alexa make our lives incredibly simple — but they can leave us in great danger, too. According to researchers from the University of Michigan and the University of Electro-Communications, Tokyo, security violations of the microphone of assistants may put our devices (and our privacy) at risk. Their research, published in a paper last year, has shown that hackers can capture voice-controlled devices such as iPhones using simple tools such as laser pointers.
How the laser pointer can get into your iPhone
Believe it or not, devices with visual aids like Siri respond to light waves in the same way they do to sound waves, the research found. By pointing a microphone through a laser, researchers could trick a machine into accepting commands as if they were hearing certain words. “It’s just like ‘talking’ over a bright light, in such a way that the microphone ‘hears’ but your ears can’t,” said Randy Pargman, executive director of Binary Defence, a cybersecurity company.
After spending seven months investigating robberies on devices powered by Google Home, Amazon’s Amazon, and Apple’s Siri, researchers found that they could transfer simple commands from hundreds of meters away with items ranging from $ 14 laser signals to flashlights. Don’t miss these other secret cybersecurity criminals who don’t want you to know.
What this means for personal security
If the criminal hires a voice-controlled assistant, he can access anything that requires a voice command. Those who use Siri to simply keep a shopping list or tell the weather are at a lower risk, according to Pargman. But this attack “greatly affects people whose security is connected to voice commands,” he said. The hacker will be able to turn off home security systems, order items online using stored credit card information, or access medical devices synced with the server.
This attack can also work by laser lighting through a window, raising concerns about safety when users are not at home. In another incident, researchers successfully sent light commands through a Google Home window inside a building more than 200 feet [200 m] away. You may also be surprised to learn these 7 shocking things criminals can do if they have your email address.
Did this really happen? Your iPhone Can Be Targeted
Happily, researchers say they do not know of any situations in which an attacker used light commands to control the device. Although research has shown this process in a few real-world cases, Pargman noted that it would be difficult to replicate. “It requires the right combination of a sophisticated attacker who would make a huge effort to break into a house and a victim with multiple security devices connected to their digital assistant,” he said. “It requires a digital assistant to be placed near the window, visible in the immediate area [where] the attacker can set your equipment.”
In hopes of preventing future attacks, the authors of the study shared their findings with companies whose products are at risk, including Amazon, Apple, and Google. The companies said they would investigate a potential security issue but assured users that such attacks were minimal. Find out which smart device in your home is most vulnerable.
How to Protect Your iPhone
Are you worried about your privacy? To protect your iPhone from explicit commands, Pargman recommends keeping it away from windows and avoiding it out of the reach of others. “If the laser does not have a direct path from the outside to the microphone, it cannot be used,” he said. This can go for other voice-controlled devices like Alexa and Google Home.
Users should also think carefully about the privacy implications of having a voice-controlled device at home, according to Pargman. Anyone from cybercriminals to bring in-child visitors can give instructions to a visual assistant, so “be wise about how much control you give over your safety and the things you care about,” he advises.
With that said, you can be sure that the chances of a laser hijacking of your device remain minimal. “I think students are more likely to see this process come from a spy movie or a novel than to experience this kind of attack,” Pargman said. Watch out for these red flags while someone is checking on your phone — no need for a laser indicator.