Skip to main content
  1. Home
  2. Mobile
  3. News

Hackers can control Google Now and Siri through your headphones

John Casaretto
By

apple homekit bug siri idevices switch
Image used with permission by copyright holder
Many people love their voice assistants, whether it be Siri, Google Now, or Cortana. However, they may not be the most secure feature on your smartphone. As it turns out, it is possible to control both Siri and Google Now through silent radio signals from as far away as 16 feet. A pair of French information security researchers at ANSSI discovered the trick, Wired reports.

The scenario involves targeting a phone that has microphone-enabled headphones plugged into its headphone jack. The hackers use a laptop with the open-source GNU Radio software onboard, a USRP software-based radio, an amplifier, and an antenna to generate electromagnetic waves. The attacker can then exploit the headphone wire itself, simulating audio to make it seem as though it is coming from the microphone. From there, the attacker can control the phone remotely from as far as 16 feet away and ask the digital assistant to perform any action that it’s capable of doing. That includes making calls, navigating the Web, sending texts, and so on.

Recommended Videos

Hackers could even turn your phone into a listening device to spy on your communications, send the browser to a site with malware, or issue spam and phishing messages through your email and social media accounts. The simple brilliance of the hack shows once again how hackers can help expose problems with some of the most common and trusted technology.

Related

Of course, the hack does have its limits. Hackers can only target phones that have microphone-equipped headphones or earbuds plugged in. It doesn’t work if users don’t have Google Now enabled from their lockscreens, or if they have Google Now programed to respond only to their voice. Now that Siri only responds to the voice of the phone’s owner in iOS 9 on the iPhone 6S, it won’t work on the new iPhones, either. Additionally, anyone who looks at their phone regularly would probably see unauthorized voice commands being carried out on their phone — it’s not exactly a discrete hack.

Regardless, the researchers have pointed out that it’s still a vulnerability that could be exploited easily, especially in public spaces where people congregate.

To protect users’ phones against hacks, the security community frequently recommends that users disable the voice-activated assistants from appearing on the default screen, though most people aren’t willing to sacrifice the convenience of the feature. Additionally, the researchers suggest that if Apple and Google allowed users to set their own activation word like the Moto X does, hackers wouldn’t be able to activate Siri or Google Now, unless they knew your specific name or phrase. Of course, that’s something the tech giants will have to consider — not the user. In regards to this particular headphone jack hack, the researchers suggest microphone cords with heavier shielding inside.

For some time, security advocates have been preaching about the hackable potential of our phone’s voice-activated digital assistants. Quite recently, an embarrassing hack of the iOS 9 lock screen involved tricking Siri into giving up contacts and other information. That flaw has since been fixed in a recent update, but the question of voice assistant hackability is still a serious one.

Editors' Recommendations

Topics
John Casaretto
John Casaretto
Former Digital Trends Contributor
John is the founder of the security company BlackCert, a provider of SSL digital certificates and encryption products. A…
Does the Google Pixel 7a have a headphone jack?
Google Pixel 7a in Snow on a lamp post

The Google Pixel 7a is Google's latest addition to its midrange A-series smartphones. It's likely to be one of the best options for anyone who wants a strong handset with pure Android, solid performance, and an exceptional camera.

But we can't touch on the hardware without addressing one of the most common questions about any new smartphone. Namely, does the phone have a headphone jack? Smartphone manufacturers have been on a crusade against the venerable port in recent years, and the headphone jack has been excised from the vast majority of the phones you can buy today. So, does the Google Pixel 7a include a headphone jack, or will you need other ways to listen to music, audiobooks, and podcasts?
The Pixel 7a does not have a headphone jack

Read more
Have the Android 14 beta on your Pixel? You need to download this update now
Google Pixel 7a held in hand showing home screen

Google revealed a bunch of new goodies during its opening keynote for Google I/O 2023, showing off its latest advancements in AI with Bard, as well as the brand new Pixel Fold and Pixel Tablet. There was also a sneak peek at upcoming features in Android 14, including new lock screen clocks, shortcuts, and generative AI wallpapers.

If you have a Pixel phone, like the new Pixel 7a or the older Pixel 7 or Pixel 7 Pro, then -- surprise -- Google is rolling out the Android 14 Beta 2 starting right now.

Read more
Forget ChatGPT — Siri and Google Assistant do these 4 things better
AI assistants compared with ChatGPT.

“Hey Google, Arbab!” I utter these lines to Google Assistant, which automatically takes me to my Twitter DMs with my friend Arbab. That chain of actions happens because I customized one such shortcut for Google Assistant on my phone. Putting the same prompt before ChatGPT, I get the predictably disappointing response: "I'm sorry, but as an AI language model, I do not have access to personal contact information such as phone numbers or email addresses.”

That’s just one of the dozen walls that you will run into if you seek to embrace ChatGPT while simultaneously ditching mainstream options like Google Assistant. One wonders why ChatGPT – considered by evangelists as the pinnacle of a consumer-facing AI in 2023 – fails miserably at something as fundamental as sending a message.

Read more