Researchers Discovered that Alexa can be Used for Eavesdropping

Alexa can now take your orders to shop on Amazon
Alexa can now take your orders to shop on Amazon

A new discovery made by the Checkmarx researchers carries a not-so-good news for Alexa users. Turns out that Amazon Alexa has the potential to be hacked through the use of a malicious skill that can enable the attacker to listen in on the users’ conversation without them knowing about it. Additionally, Google has decided to redesign Gmail so that more productivity features, as well as extra security,  could be implemented.

Thanks to researchers at Checkmarx, we now know that Alexa can have a certain amount of privacy issues. Checkmarx decided to publicly disclose this discovery on April 25. According to them, the voice assistant created by Amazon, Alexa, can be used for recording the users’ conversations through malicious applications.

The discovery of Alexa’s flaw

As of yet, the researchers can’t confirm that anyone has actually discovered this flaw and took to exploiting it. The flaw itself is not the part of the devices’ hardware. Instead, it can be achieved through the misuse of Alexa’s skills.

As you might know, Alexa’s use can be extended through the use of different skills that add extra functionalities. Through their research of what the skills can offer, Checkmarx researchers discovered that there are several parameters that can be considered unbounded.

Through the exploit of these parameters, someone skilled with creating malicious software can use them for transcribing everything that the unaware users say. This will work even after the user has finished their communication with the device.

This mitigating feature is already set in place by the devices’ creators, and its function is signaled by the blue light that is coming from a LED ring on top of the device. However, by expanding the recording session of Alexa, the attacker might continue the devices work without the user noticing it.

Google decides that Gmail needs more features and security

Even more productivity and security features were added to Gmail, according to Google. The most important one of the recent updates includes a confidential mode which can now be used for protecting content with sensitive nature. This will allow Gmail users to decide how long is their email’s expiration date, as well as the ability to revoke an email that was already sent. On top of that, extra authentication through the text messages will be needed as well.

Emails will now also have the protection that will prevent them from being printed, copied, forwarded, or even downloaded. More of these updates also include Nudging, which will have a job of reminding users to respond to messages that are deemed important. A new Smart Reply system will provide three short message-responses that the user will be able to send instantly. Also, there will be High-Priority notifications, which will minimize the interruptions of the user by only informing them of the most important emails.

The creation of Calendar invitations will also be much faster, as well as managing the items from the Tasks side-panel, which acts as a to-do list.

By Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. He holds a master degree and actively writes about crybersecurity, cryptocurrencies, and technology in general. Raza is the co-founder of SpyAdvice.com, too, a site dedicated to educating people on online privacy and spying.

4 comments

  1. 198295 310343Soon after study a few with the blog posts on your own site now, we really like your way of blogging. I bookmarked it to my bookmark web site list and are checking back soon. Pls consider my web-site likewise and make me aware in the event you agree. 1088

  2. 878678 30792I truly like this blog website, will definitely come back once more. Make certain you carry on creating quality content material articles. 790966

Leave a comment

Your email address will not be published. Required fields are marked *