Researchers in the National Security Agency computer security (ANSSI) just unveiled an unusual flaw they discovered in the iOS and Android systems. Using simple radio waves, they claim indeed be capable of injecting voice commands in Android and iOS devices.
Their technique, detailed in their publication disseminated by the IEEE, requires that the smartphone is connected to the headphones have a microphone. Then it is to send radio waves in order to deceive the microphone, which will activate voice commands in the same way as if the user uttered the words "Ok Google" or "Tell Siri". Once the activated voice command, the same technique can be used to pass any instruction on the phone so quite quiet.
This method can cause quite unusual attacks, since it requires a certain proximity to the target, but physical access to the device is not required. "We present an intelligent use of electromagnetic interference, which have a greater impact on an information system than a conventional denial of service", explain the authors.
No comments:
Post a Comment