Light Commands: DARPA funded research points out an impressive way to hack smart voice devices at a distance

Remember the movie Superman III with Richard Pryor? Richard’s character works at a firm that controls weather satellites, and he figures out a way to reverse how they work so the satellites can control the weather. Pretty funny, right?

Well, I just read about an incredible hack that is making me think of that. One of the first ways spies used lasers was to listen to conversations in rooms (by detecting vibrations on windows). Now with this new hack, lasers can be used to send sound into rooms, specifically to target your voice operated devices like Amazon Echo, Google Home, Siri, etc etc.

This DARPA funded research is really really interesting. Imagine an attacker from blocks away telling your voice system to unlock your doors or open the garage door, or break into other systems or start your vehicles.

From the paper titled Light Commands: Laser-Based Audio Injection on Voice-Controllable Systems:


Light Commands is a vulnerability of MEMS microphones that allows attackers to remotely inject inaudible and invisible commands into voice assistants, such as Google assistant, Amazon Alexa, Facebook Portal, and Apple Siri using light.

In our paper we demonstrate this effect, successfully using light to inject malicious commands into several voice controlled devices such as smart speakers, tablets, and phones across large distances and through glass windows.

Some defensive measures are being worked by the big providers. But for now, to defend against these attacks, turn off your voice control systems. Or move them into rooms where there are no windows.

For more see:

Related Posts:

DARPA’S Cyber Tools: We have had our hands on DARPA’s distribution platform for cyber defense tools

DARPA Official: Human-Robot Teams Key to Disaster Response

Arati Prabhakar and DARPA: Track the future of research in DoD

Connect Here

What do you think?

Satya Nadella: Staying out of politics, focusing on tech, helped Microsoft win Pentagon cloud contract

With a Laser, Researchers Say They Can Hack Alexa, Google Home or Siri