The so-called " SurfingAttack " in fact allows any operation that normally we do with voice interfaces Siri or Google Assistant without the victim noticing. "We want to increase the awareness of this threat," said Ning Zhang, assistant professor of computer science and engineering from the McKelvey School of Engineering. "I want all people to know." A low-cost system, The research group, formed by experts also of Michigan State University, University of Nebraska-Lincoln and the Chinese Academy of Sciences, has conducted experimental tests using a microphone to be placed under a table, a piezoelectric transducer (PZT) - which converts electricity into ultrasonic waves, and a waveform generator to send out the right signals; all managed through a specific software installed on a laptop. After that, it was enough to leave the smartphone placed on the surface of the salver.
You have to remember that the ultrasonic waves are sound waves with a frequency that humans cannot hear, instead of the microphone of the smartphone. Then, it was enough to send - taking advantage of the transducer and as the middle of the table - commands "voice" encoded in the ultrasound to detect, on the part of the speech interfaces of the smartphone, the reaction waiting. Consider, for example, the request to lower the volume, in order to proceed subsequently to a query that does not attract the attention of the victim. Siri or Assistant have provided a list of messages, start calls, snapped a selfie, revealed the contents of the SMS (including a verification code of a bank, etc.
"If you know how to play with the signals, you can manipulate them in such a way that when the phone interprets sound waves arrive, they will think that you are profanely a voice command," stressed Zhang. A bit like a dialogue with the assistants voice in a sort of mode, virtually silent. Difficult in an environment with a minimum of interference to the victim you may realise of something, except the screen turned on. The team has tested the 17 different models of phones , including iPhone, Galaxy and Moto. All except Huawei Mate 9 and Galaxy Note 10+ are proven to be vulnerable to the attacks of the ultrasonic waves. A further analysis has confirmed that the "resistance" of these two terminals is due to the curved design and the materials used which seems to dampen the signals. How to defend yourself from the SurfingAttack Zhang explained that the tests were carried out by using, as a medium, various types of materials: metal, glass and wood. All of them have given positive response; only the plastic has been shown to affect a bit the results. It has not served to place the phone in different ways, change the orientation of the microphone and not even leave objects on the table to dampen the force of the waves. "It worked again. Also at a distance of up to 30 feet (9 meters, Ed.)", said the researcher.
The cases of the smartphones have only slightly affected the success rates of the attacks. Place the water on the table, potentially to absorb the waves, had no effect. At the end, a defense is ideal, according to the researchers, could be to adopt a software capable of analysing the received signal to distinguish between ultrasonic waves from human voices authentic, or intervene in the design phase on the design of mobile phones. And until all this will not be available? The only answer is in the use of a soft fabric to increase the "mismatch impedance". In other words, place a tablecloth on the table.
"The Republic will fight always in defense of the freedom of information, to its readers and to all those who have at heart the principles of democracy and civil coexistence"Carlo Verdelli SUBSCRIBERS TO REPUBLIC © Reproduction reserved Today on the Count: “our sacrifices for the good of all. We follow the rules, and Italy will raise up” The fear of fear Coronavirus, the duel with the Regions and the leak. But the government does not exclude other restrictions on The Country's Upside-down of the coronavirus family is divided between North and South: “there is No lightness”