Share

Radio Waves Can Control Siri, Google Now

You might want to reconsider next time you’re about to plug your headphones with a microphone into your iPhone or Android smartphone. The hack transforms the headphones into an ad-hoc antenna that can be used to convert electromagnetic waves sent by hackers into voice commands that Siri or Google Now would interpret as genuine.

Advertisement

Siri could be able to take orders from hackers standing up to five metres away, French researchers have claimed.

“The possibility of inducing parasitic signals on the audio front-end of voice-command-capable devices could raise critical security impacts”, the two French researchers, José Lopes Esteves and Chaouki Kasmi, write in a paper published by the IEEE.

Or as Vincent Strubel, the director of their research group at ANSSI puts it more simply, “The sky is the limit here”.

As smartphones become an inseparable part of our everyday lives, they also become the primary target for hackers around the world, looking for a way to steal data, use our devices for a botnet and place unwanted ads. Using this hack from 16 feet away requires a larger scale operation and hackers would need at least a van to house the necessary equipment.

The problem is that electromagnetic waves can tell either voice command service to eavesdrop on you, make your phone make calls to a paid number, navigate to infected websites or send spam. In other words, anything that can be done through the voice interface could potentially be done remotely and discreetly through electromagnetic waves. For one thing: Don’t leave headphones with a microphone plugged into your phone, and disable voice control enabled when the phone is locked.

Apple and Google did not immediately respond to ABC News’ request for comment on the report.

The researchers have also reached out to Apple and Google, according to Wired, suggesting both companies could create better shielding on their headphone cords, which would then force hackers to use a stronger radio signal. On iPhones, the default is that Siri is enabled from the lock screen.

Advertisement

Users concerned about such hacks should disable access to Siri from the lockscreen.

Hackers can now attack smartphones through earphones