VOICE ACTIVATED ASSISTANTS POSE PRIVACY CONCERNS
Voice Activated Assistants, aka Digital Assistants, like “Alexa” and “OK Google” have become very popular. Over 20 million homes already have a voice activated assistant installed in their homes.
These digital assistants may be the latest rave in cool technology, but the devices have created new privacy concerns and security vulnerabilities. They could potentially expose personal data like your bank account info and your contact list. So, while it may be fun to own one, be aware that voice activated assistants pose a risk, if a cyber-criminal is able to hack into it.
The digital security firm Symantec released a report about voice activated assistants. The report states that “The range of activities that can be carried out by these speakers, means that a hacker or even a mischief-minded friend could create havoc, if they were able to gain access”.
WHY? IT’S ALWAYS LISTENING!
The user must first use a wake-up command such as “Alexa” or “OK Google” to activate the digital assistant. Therefore, the device must always be listening, waiting to be activated by that command. This can cause unintentional or accidental triggering. Even a radio, TV or streaming video, playing in the background, might inadvertently set it off.
Once the device is awake, it will record what is said and then sends that recording to a server, where it is stored. However, you do have the option to listen back to these recordings and delete them if you wish.
Symantec’s threat researcher sees a potential danger from these ‘always listening’ digital assistants. He states, “Someone could hack into these devices remotely and then turn them into a listening device”. “Some of them even come with cameras, so they can also see what you are doing”.
Pam Dixon, executive director of the World Privacy Forum, cautions against allowing your digital assistants to store passwords, your contact info or credit card data. Additional dangers include the fact that the device may come with a purchasing option, which is usually turned ON by default. You should set a security PIN or disable the feature.
CRIMINALS CAN TAKE CONTROL
Voice Activated Assistants are designed to be hubs that can control other devices or appliances in your home. These other external devices are referred to as the “Internet of Things” (IoT). Gadgets like lights, cameras, thermostats, coffee makers, alarm systems and door locks are all part of the Internet of Things.
Be aware that the convenience of these IoTs, may create new vulnerabilities. For example: if you connect your door locks or alarm system to your digital hub, then a burglar could command your digital assistant to “open the door and turn off the alarm”. Additionally, any device connected to the internet is vulnerable to Malware. Always be sure to change the default password and assign a stealth password to each of them.
TIPS TO KEEP YOU SAFE
- Be careful which accounts you connect. Don’t connect things you don’t need to use, like your address book or calendar.
- Always use long strong passwords and enable 2-step authentication if it’s available. Remember that anyone with access to your account can listen in remotely, play back recordings, change settings and access personal information.
- Be sure that your voice activated assistant is linked to your private home or office Wi-Fi network. Password protect your Router.
- Devices made by Amazon and Google both offer voice recognition, so use that feature. But realize it’s not foolproof.
- Remember to put the device on Mute when you go on vacation.
To learn more about the danger posed by these gadgets, read my prior article about the Internet of Things.