Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

Research: Alexa and Google Assistant smart speakers eavesdrop on owners

Moupiya Dutta
Moupiya Dutta
She finds it interesting to learn and analyze society. she keeps herself updated, emphasizing technology, social media, and science. She loves to pen down her thoughts, interested in music, art, and exploration around the globe.

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

Researchers found a new vulnerability affecting both Google and Amazon smart speakers that could allow hackers to eavesdrop and even phish on unsuspecting users.

The two vulnerabilities occur because both companies make their speakers smarter by allowing third-party developers to create apps or “skills” for them. On the other hand, Apple’s HomePod is safe as the company doesn’t allow this type of third-party access.

The vulnerability is a better reminder to be more alert towards the third-party software that you use with your voice assistants and to delete any that you’re unlikely to use again. Though there’s no evidence that such vulnerability has been exploited, SRLabs have disclosed their findings to both Amazon and Google before bringing it to the open.

The third-party apps should keep the microphones active for only a short time after the smart speaker asks the user a question. If you don’t reply within a few seconds, the microphone should be switched off again. However, malicious apps can leave the microphone activated and hence recording what it hears for much longer.

In a statement, Amazon said it has put new mitigations in place to prevent and detect skills from being able to do this kind of thing in the future. It said that it will take immediate action whenever this kind of behavior is identified.

Google also stated that it has review processes to detect this kind of behavior, and has removed the actions created by the security researchers. A spokesperson also confirmed to the publication that the company is carrying out an internal review of all third-party actions, and has for the time being disabled some actions while this is taking place.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic