Good Thinking

App thwarts voice hackers using phone's compass

App thwarts voice hackers using phone's compass
As voice-recognition devices become more prevalent, voice hacking will likely increase
As voice-recognition devices become more prevalent, voice hacking will likely increase
View 1 Image
As voice-recognition devices become more prevalent, voice hacking will likely increase
1/1
As voice-recognition devices become more prevalent, voice hacking will likely increase

The ability to control our gadgets with voice commands brings a lot of convenience, but it also brings something else: the opportunity for voice hacking. By using recordings of our voices, hackers could gain access to our phones or any other device featuring voice recognition software. Researchers at the University at Buffalo (UB), however, have figured out a way to use the compass in smartphones to prevent such a practice.

In particular, the app relies on the magnetometer inside many smartphones – the tiny piece of tech that detects the Earth's magnetic field and tells you if you're heading north, south, east or west. Because algorithms exist to thwart voice hackers attempting to mimic or synthesize your voice, the UB researchers focused on the most common way a hack would take place: someone playing a recording of your voice into your phone.

The speaker through which a hacker would play a recorded voice also gives off a magnetic field, so the team's app uses the phone's magnetometer to sense that field. For it to work, the device holding the recorded voice would have to be pretty close to your phone's earpiece, but that's likely the only way a voice hack could be effective. The current system also requires that the phone is moving during the attack so that the magnetometer can detect subtle shifts in the magnetic field coming from the speaker.

The team is currently refining the system with the intent of making an app available shortly.

"We cannot decide if voice authentication will be pervasive in the future," said Kui Ren, director of the Ubiquitous Security and Privacy Research Laboratory (UbiSeC) at UB, and one of the study's lead authors. "It might be. We're already seeing the increasing trend. And if that is the case, we have to defend against voice replay attacks. Otherwise, voice authentication cannot be secure."

The study describing the system won "the Best Student Paper Award" at the 37th International Conference on Distributed Computing Systems held in Atlanta this week, which is organized by the Institute of Electrical and Electronic Engineers.

Source: University at Buffalo

1 comment
1 comment
over_there
so if the hacker is very careful to hold the speaker very close while moving the phone they wont beable to access it but if its held still or hold the speaker back a bit they will get straight in. Thats completely useless