2-Factor Microphone Mute/Unmute for Siri / Alexa - to Enable/Disable Active Listening

mshanann on 04/12/2018 - 12:34

This is probably the wrong forum - but I thought I would throw it out there.

I assume there are many people like myself whom are yet to buy in to the Alexa, Siri - amazon echo / google home style devices due to not wanting any active listening device permanently present in the home due to privacy concerns.

Does anyone know of any device that provides some type of 2-factor mechanism that can be used to physically mute/un-mute these devices - i.e hardware hack?

I'd love a device like this clapper https://www.instructables.com/id/How-to-make-a-Clap-Clap-on-… that would have a little LED light that could clearly show whether the home automation device microphone is physically enabled.
2 claps of the hand in ready succession could quickly toggle the state of the microphone.

The device would need to be standalone and have no network requirements - such that completely isolated. It would have some type of relay that would physically open/close the microphone circuit, and could be toggled on/off - either via hand-free clapping style , or potentially infra-red or even radio-frequency remote.

What do you think?

Electrical & Electronics

Comments

  • HighAndDry on 04/12/2018 - 13:10

    that would physically open/close the microphone circuit

    Considering you'd literally have to open up and solder something into the mainboard of the smart device, I'm thinking this would be too much work for normal people.

    How about a remote-enabled powerpoint that you plug the smart device into? No power = no eavesdropping.

    • mshanann on 04/12/2018 - 13:19

      Yeah I expect a hardware hack - I don't think it would overly complex on the smart device side. Far simpler than mod chips or anything like that.
      In terms of power on/off - that seems overkill and way too slow.

  • dazweeja on 04/12/2018 - 13:24

    Connect the Alex/Home to a router with a packet sniffer and see if it's sending back audio at times when it hasn't been activated with a hotword. Streams are probably encrypted but you can still (roughly) determine audio by the volume/frequency of packets. My guess is you'll find that it isn't spying on you because it would be so easy to tell if it was.

    • mshanann on 04/12/2018 - 13:29

      There is constant bickering and arguments in our household with kids/wife/me etc. I don't want anything listening in unless I instruct it :) Not to mention confidential conversations.

      • mshanann on 04/12/2018 - 13:39

        I assume you also are referring the activation on/off of these devices doesn't require a network connection. Is there any documentation anywhere that states it constantly discards and erases any passive audio it records when not in 'active' mode? You think the size of a mono MP3 file just recording human voice at some low bit-rate at maybe 64 kb/s - it doesn't take up much memory to buffer a heap of conversation.

        Bitrate File size
        per second File size
        per minute File size
        per hour

        64 Kbps 8 KB 480 KB 28.8 MB

        These devices don't need to real-time send stuff back to the mothership. They can do it anytime.

        They also likely use SSL certificate pinning - so you are unlikely to be able decrypt the payload they send even using MITM approach like a fiddler proxy with custom certificate authority.

        These companies are evil and I'm in the industry.

          • dazweeja on 04/12/2018 - 14:47

            @mshanann: Yes, that's what I'd expect to see. I wouldn't expect to be able to decrypt but transmission of audio is obvious by volume/frequency of packets. I don't presume that the transmission would be real-time either. You would want to monitor over a few days at least while conversing normally without using a hotword. In this time, you would expect frequent keep-alive/metrics/update checks but if the total over the period was in the tens of megabytes (assuming no firmware update), that would indicate an issue. As for discarding of passive audio, if the previous test indicated that it was never sent, that wouldn't concern for me at all.

            I'm not exactly sure of the proposed benefit to Amazon/Google/Apple for taking this massive risk to reputation to collect unauthorised audio? They have so much access to authorised audio in the first place.

  • coxjon on 04/12/2018 - 15:58
    +1

    I don't know how valuable this will be for you but it seems kind of relevant, but Apple Watch only listens for Siri when the display is on so that's a handy notification (plus it's there in the room with you at all times)

  • adam on 05/12/2018 - 16:16

    Alexa devices have a mute button on the top, but if you don't trust them then this mightn't be enough for you.

    However consider that we already know (from Snowden and other leaks) that authorities can listen in on your on-hook landline telephone, your mobile phone (using the phones baseband regardless of what O/S you're running), probably your internet-connected TV, likely your PC and many other devices. Given that we know they can & do already listen in on these devices I don't know why you'd be worried about an Alexa device with the mute button pushed.

Login or Join to leave a comment
Login Join