Preview Mode Links will not work in preview mode

Thanks for joining us! Let me know if there are any topics you'd like us to cover by sending an email to me at craigpeterson . com!

Oct 25, 2019

Welcome!  

Today, we are going to discuss Smart Speakers and how hackers are able to eavesdrop into your home using them to phish for information.

For more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

Is someone eavesdropping on your Smart Speaker?

---

Automated Machine-Generated Transcript:

Craig Peterson
Hey, welcome back, Craig Peterson here on WGAN. And online at Craig Peterson calm. Now, you might be wondering about these pale blue batteries. If you do a search for them, you'll find them on Kickstarter. They may be out in the market now but they're about $30 for a box of four of them. And they are going I think they're going to just go like crazy. It's out of Hong Kong near as I can tell. Some really good, very cool stuff. You might look them up lithium polymer type batteries. Okay, moving on here. Let's talk about Google Home. This is absolutely fascinating. And I'm glad that digital trends.com put an article up on this which I have at my website, of course at Craig Peterson dot com but we've all been concerned about Amazon Lexile listening to us and maybe Google Home listening to us. And, you know, there's pros and cons to all of this. I'll be obviously you want an assistant and that's why the assistant is in your house in the first place, right? Oh look, one of these little batteries just turned green. That means it's fully charged up to three of them fully charged, they have only been charging for a short while so that's kind of cool. Anyhow, for those people who are watching right now, but these pale blue batteries as in the Blue Earth, right. So we have them because we want them and we want them to be helping us out a little bit. So what Amazon does is on the Alexa as they have a light, they might have a light ring as they have on the echo. And Amazon's been very, very good about making sure that it can't record for more than 30 seconds. And also that it does the processing of your voice for the initial wake up command on the device. And that light has to be on physically on the echo in order for that microphone to be working in recording right in basic recording mode. So it's listening all the time. But it's not recording. It's not sending anything up to the internet. That's obviously a good thing, right? So what happens here now with Google Home is they don't have the same restrictions in place the same safety features that Amazon has. And what they're talking about here is a company called SR Labs. And I'm familiar with them. We've quoted them on the show here before. And SR Labs did some tests and they did some tests looking for what they expected to be vulnerabilities. What are the vulnerabilities of these devices as Google closes The holes, you know, where does this all set? Now they were able to collect personal data, including user passwords and eavesdrop on users. Now, I don't want to just poke here at Google Home. Because this could be similar things could happen on your Alexa or your other smart device that's out there. So for instance, all of these devices have basically apps that you can download and use. And they're called different things on the different platforms. But for instance, on my Alexa, I have it so I can say red alert and it'll play like from the original Star Trek, you know, the light so flash will go red, it's really kind of cool. And you can develop those many people have many businesses have and they made it available for you. And now, you know, that's kind of cool.

But the problem with these is that sometimes the developers have snuck bad stuff into them. And specifically, one of the things they've snuck into some of the Alexa apps, if you will, is that they are asking for more information than they need. So they, they'll ask for the password. So you can say, Okay, well in order to not change your password, and people are giving the password and now remember, here's the biggest problem with people giving the password if it was one password, and it was only ever used for that one app. Great, right? Who cares? So the app already has my password, who cares if they get my password because they already have my password. But the problem is, so many people use the same password over and over again. So that's Problem number one, these apps get your password because you just gave it to them. And Problem number two is they're asking you for a password. And if they say oh, you know that's incorrect, please try again. You're going to give basically, let's see, I have three passwords. So I'm going to give them all three passwords and they now have it. So that is a problem. But these trigger words that you used to feel like so which can be Alexa can be a computer, there's a third one that eludes me right now. And it will respond. But those are trigger words. But with the Google Home, that's not the case. As long as the device hears someone talking, it can and will keep voice recording going possibly infinite infinitely. So if if you have it in your kitchen, and there's a conversation going on the radios playing in the background, which I'm sure a lot of you guys have going on right all of the time. And you have the Google Home in there, and there is an app running. It's going to be streaming the data up to the app. This is a real real problem. And according to what SRL lab Found in digital trends.com is reporting the safety checks that are run by Amazon and Google are part of the problem that allows these types of vulnerabilities to exist. And in fact they're saying SR Labs also found that even if Google or Amazon reviews a third-party app and or skill which is what they're called over on the Alexa for safety in the past is the app can be changed after the say to review and can be used at that point to fish you or to eavesdrop on users kind of think about the Boeing the max eight jet right? That whole jet has not been type-accepted certified as an entire unit since that what the 60s 70s and they just made incremental changes slowly incremental changes. Yeah, yeah. incremental change, the world changes. And then you end up with the problem they have now which is the max eight jet. has an issue because they made yet another incremental change. And it wasn't tested overall, as well as maybe it should be. So it's the same type of thing here looks like, which is Google and Amazon, they review it. And then the app developer, the developer comes out with a slightly different version. It's just a bug fix or whatever. Google and Amazon cannot spend the time to constantly review and, and fix these things. So then you end up with some serious problems. Okay. So here you go. The best strategy to avoid the hackers eavesdropping on your data. Number one, don't have these devices, period, right. If your device asks you for a password, don't answer. Now we're saying app and skill. These are things that run essentially on The Alexa or on the Google Home device. And with the Alexa and this is true for home as well. You can control and configure the devices and log into them using the app. So Google has its own little app for the Google Home stuff that I've used that before. And Amazon has its own little Alexa app to control the Alexa that's where you should be putting your information in. And you should not be giving it to the device itself when it asks most Yeah, exactly the same most require you to go to the app link your accounts.

There you go. And there's a smart speaker the Google Home the Alexa, they're not going to ask you for a password so they can do updates, okay. And then don't say sensitive information out loud. There are people in government who are saying that since these devices are always listening, they should listen for potential arguments. Be That might be happening in the home. That's a different thing. Now we're going down a whole other path, very political, something, obviously, I'm not very fond of that path because it just leads to, you know, crazy government control so many times. So just be careful what you say around them. And in many cases, it's easier just to unplug it when you're not using it. But it'll get safer as time goes on. All right, when we get back, we're going to talk about these futuristic cars. You're already talking about these pale blue, futuristic batteries. Well, what are the problems that we're seeing already? With these electric cars, including the Tesla just this week? A 48-year-old anesthesiologist died? will tell you why and how and what some of the dangers are you listening to Craig Peterson, of course right here on WGAN and online at Craig Peterson, calm. That's Peters on SOM stick around. We'll be right back.

Transcribed by https://otter.ai

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553