Following some news, the question on our minds right now is: are Google home speakers safe? According to a security expert, certain Google Home smart speakers may have been taken over. This can be done easily in order to remotely listen in on private conversations.
Thank you for reading this post, don't forget to subscribe!Security expert Matt Kunze found the problem. He was rewarded with a prize of $107,500 for responsibly disclosing it to Google.
Kunze was looking into his own Google Home mini speaker for potential problems. He also detailed in a blog post how he was able to establish a second Google account for the gadget. Which would be sufficient to be able to listen in on conversations.
READ MORE: New Jobs For Tech Workers
Are Google home speakers safe: including errant accounts
The attacker must first be within the wireless range of the target device. And the attacker must also listen for MAC addresses with Google-related prefixes.
The device can then be disconnected from the network and put into setup mode by sending death packets. In the setup mode, they ask for device details, utilize that information to attach their account to the device, and presto! They can now walk away from the WiFi and spy on the device owners online.
However, the danger goes beyond merely overhearing talks. Many owners of smart home speakers link their gadgets to other smart devices, like door locks and smart switches. The researcher also discovered a way to misuse the “call phone number” command, causing the victim’s device to call the attacker at a predetermined time and stream live audio.
The flaw was identified in early 2021 and fixed by April 2022. To fix the problem, Google developed a new invite-based approach for account linking that blocks any accounts that haven’t been linked to Home.
However, Google Home users are encouraged to update the endpoint’s firmware to the most recent version as soon as possible to ensure there is no risk.
Leave a Reply