Even if you do not use an Apple device, you more than likely know about it’s personal assistant, Siri. This wise cracking digital helper has been displayed on all media outlets. However, if you read the title of this article, do not assume you are safe if you don’t have an Apple device. Siri’s biggest rival, Google Now, is also vulnerable. We actually have the French to thank for bringing this exploit to light.
With mobile device personal assistants, French researchers have discovered a vulnerability. If you have a set of headphones plugged in, a hacker can take control of your personal assistant. In this exploit, the headphone jack operates as an antenna, and will effectively imitate the electromagnetic signals to make your device think it is coming from the microphone.
What that means is, if a hacker wants to take control of your assistant, they can do anything and everything you would normally do. Let’s take a look at what the potential is for disaster. Your phone could be made to dial the hacker’s phone, turning it in to a listening device. Your phone’s browser could possibly be sent to a malware site to infect it. Another option is, it could send emails, texts or update statuses on social media. These situations are all possibilities, but there are more that could cause harm.
The equipment used to replicate this exploit can be mobile, and the smallest version can fit in to a backpack. The backpack version only has a range of about 7 feet, though. However, a bigger version could be placed in a vehicle, and the range could be extended to over 16 feet. If you think you are safe because your phone requires a password, your assistant generally does not require one. As if this wasn’t enough, it is not just the newest phones or operating systems that have this vulnerability. The researchers found that the older phones are less complex to crack.
Now that this exploit has been made public, there are ways for this loophole to be closed. The hardware could of course be changed, but that may get expensive for companies or users. A software option that could be utilized, but that would not solve the immediate problem. In the mean time, be aware that this issue exists for almost everyone with a mobile device. Until this vulnerability is resolved, it might be wise to stay away from using headphones with your Apple or Android device.