X

Lasers can seemingly hack Alexa, Google Home and Siri

Researchers took over smart speakers, phones and tablets by shining lasers at their microphones.

Sean Keane Former Senior Writer
Sean knows far too much about Marvel, DC and Star Wars, and poured this knowledge into recaps and explainers on CNET. He also worked on breaking news, with a passion for tech, video game and culture.
Expertise Culture, Video Games, Breaking News
See full bio
Sean Keane
2 min read
echo-dot-3-amazon-event-2

Smart speakers like Amazon's Echo Dot can be manipulated with lasers, researchers found.

 Ben Fox Rubin/CNET

Smart speakers have long been linked to privacy issues and hacking concerns, but researchers discovered an unexpected vulnerability -- their susceptibility to lasers. A team based in Tokyo and at the University of Michigan said they could take over Amazon's Alexa, Google Assistant and Apple's Siri by hitting the devices' microphones with beams of light.

The team's paper, published Monday and previously reported by The New York Times, revealed that researchers tricked a Google Home into opening a garage door from 230 to 350 feet away, by focusing lasers with a telephoto lens. 

"Microphones convert sound into electrical signals. The main discovery behind light commands is that in addition to sound, microphones also react to light aimed directly at them," the researchers wrote.

The lasers basically trick the microphones into making electrical signals as if they're hearing someone's voice. A hacker could seemingly use this method to buy stuff online, control smart home switches and remotely unlock and start a car that's linked to the speaker.

In addition to the smart speakers, the researchers tested this method on the iPhone XR, Samsung Galaxy S9 and Google Pixel 2. They had to be much closer to take control of these devices.

The researchers have let Amazon, Apple, Google , Ford and Tesla know about this potential security issue, the Times noted.

"We are closely reviewing this research paper. Protecting our users is paramount, and we're always looking at ways to improve the security of our devices," a Google spokesperson said in an emailed statement.

Amazon echoed this sentiment, noting that it's engaging with researchers to better understand their work.

"Customer trust is our top priority and we take customer security and the security of our products seriously," a spokesperson for the e-commerce giant said in an email.

Apple didn't offer comment, while Ford and Tesla didn't respond to requests for comment.

First published Nov. 5, 3:59 a.m. PT.
Update, 8:37 a.m. PT: Adds Amazon comment.

Watch this: Here's what Amazon revealed about Alexa privacy to a US senator