Our ears are the original nexus of information security. The environments we're in are constantly streaming valuable information to us. All we have to do is listen properly. "Let he who has ears" and all that. Join me as we explore the fascinating world of audio security.
3. tl;dr Alexa won
● Google Glass was discontinued in 2015
● “10s of millions” Alexa units sold for Christmas in 2017
● Amazon owns 70% of the smart speaker market
● Amazon is hiring more developers for Alexa than Google
is hiring for everything
● Amazon is hiring 4x more for Alexa than Apple is for Siri
4.
5. What’s exciting
about audio
interfaces?
● The future is hearables
● Serves as a mental enhancement
● Conversational computing
● Personal digital assistants
● Everlasting life
● Burglar alarm
● Health tracking
● Mind reading
● Less ads?
6. This isn’t a return to radio
● The personal computer
revolution made TVs
interactive
● Hearables make our
audio space interactive
12. How speech to text works
● Audio is sampled and fingerprinted
● Multiple fingerprints along
a sliding window guard against noise
● Overlap between image and audio
classification
17. The sound of silence
● Voice assistants need to also tackle the far field voice
problem
● Cell phone makers try to solve this problem in reverse
● Everything is noise at some point
● Silence is surprisingly noisy
● Breathing is 10db, a whisper is 30db, conversation is 60db
● Absolute silence drives us insane
18. What’s sent to the cloud?
● Raw audio is not continually piped to the cloud
● A stream of fingerprints
● Over a secured connection
● Skills are also required to use secured connections
19. Once you have the text, then what?
● Deciphering text from
speech is just the first
challenge
● Natural language
processing is the second
● The goal is a flexible
taxonomy
Speech to text
Text to intent
Intent to action
20. Conversation as UX
● Programming languages help us express machine code
● Apple’s Knowledge Navigator came out in 1987
● Clippy was annoyingly pendandic
● Google’s assistant can now make a reservation for you
● Slack apps are a natural fit for voice user interfaces
21. Alexa, tell Cloud to eat my shorts!
(Skill) (Intent) (Slot)(Hotword)
Speech Synthesis
Markup Language
(Action)
23. How voice assistants go bad
● Alexa is an Android
● Side channel commands
● Over privileged
● Data capture/exfiltration
● Teaching users bad infosec habits
24.
25. Roll your own voice assistant
● Lots of reasons to roll
your own voice
assistant
● Learn how sound is
processed
● Voice style transfer
● Keep all data on-prem
● Sound event detection
26.
27. Some big challenges to solve
● Sub and super-sonic side channels
● Voice identity
● Voice authorization
● App identification
● App authorization
● Conveying sensitive information
28. Generative Adversarial Network
● One network generates, another network evaluates
● This is how voice style transfer works
● GAN pipelines are currently very brittle
29.
30.
31. Model development
● Speech
○ LJ Speech - LibriVox
○ Blizzard Challenge 2017
○ Ryerson Audio-Visual
Database of Emotional
Speech and Song
● Sounds
○ Urban Sound Dataset
○ Google’s AudioSet
● Big need for portable models
32. Biggest attack vector is social engineering
● Personality is the UX of audio
● Concern over how children interact with Alexa
● Cortana turned into a Hitler loving sex robot
● There’s an ongoing debate over the gender of voice assistants
● Almost half of US cell phone calls will be scams next year
● Example: Enkeltrick or grandparent trick est 1968
● Another fun example is Soupy Sales in 1965
33. Weaponized personality
● Audio interfaces are
increasingly being used for
counseling
● Sarcasm as a service
● Bottom line, don’t trust the
voice in your head
34. How to steal a voice
● Legitimate uses
include Roger Ebert
regaining his “voice”
in 2010 with the help
of CereProc
● Voice cloning as a
service - Lyrebird
and Adobe VoCo
38. Thanks for coming!
es Widner
kai5263499
es@manwe.io
tps://github.com/kai5263499/audio-security-awesome
Editor's Notes
2013 - the showdown
Her - https://www.imdb.com/title/tt1798709/
Snowden’s PRISM leak, listening through Samsung TVs
A year before Echo came out
$180 vs $1500 for experimental goggles
Siri had been out for 2 years by now
Talk is part of a homeland security series we’re putting together
https://voicebot.ai/2018/01/10/amazon-alexa-smart-speaker-market-share-dips-70-u-s-google-rises-25/
https://www.fastcompany.com/90212065/the-future-is-ear-why-hearables-are-finally-techs-next-big-thing
https://www.forbes.com/sites/quora/2016/12/05/voice-first-technology-is-about-to-kill-advertising-as-we-know-it/
https://www.theverge.com/2018/5/8/17332070/google-assistant-makes-phone-call-demo-duplex-io-2018
https://www.ibtimes.co.uk/app-talking-dead-woman-brings-best-friend-back-life-ai-chatbot-1585318
https://www.usatoday.com/story/tech/talkingtech/2018/08/03/new-alexa-skill-could-scare-off-potential-burglars/899544002/
Be Right Back Black Mirror Episode https://www.imdb.com/title/tt2290780/
https://stethee.com/
https://www.newyorker.com/elements/lab-notes/the-belt-that-listens-to-your-bowels
https://www.techradar.com/news/mits-mind-reading-device-brings-us-closer-to-sending-texts-with-our-brains
Internal name for Siri was HAL https://www.xconomy.com/san-francisco/2010/06/14/the-story-of-siri-from-birth-at-sri-to-acquisition-by-apple-virtual-personal-assistants-go-mobile/?single_page=true
https://www.cbsnews.com/news/6-year-old-brooke-neitzel-orders-dollhouse-cookies-with-amazon-echo-dot-alexa/
https://www.cnn.com/2017/07/10/us/alexa-calls-police-trnd/index.html
https://www.cnn.com/2017/03/07/tech/amazon-echo-alexa-bentonville-arkansas-murder-case/index.html
https://arstechnica.com/information-technology/2018/08/researchers-find-way-to-spy-on-remote-screens-through-the-webcam-mic/
https://motherboard.vice.com/en_us/article/kzyd4m/researchers-used-sonar-signal-from-a-smartphone-speaker-to-steal-unlock-passwords
https://www.semanticscholar.org/paper/Audio-Steganography-Using-LSB-Edge-Detection-Kaur-Behal/643136de45e9110d3e0dfa03e653d1c9ca0376f4
https://www.theverge.com/2018/2/2/16965484/amazon-alexa-super-bowl-ad-activate-frequency-commercial-echo
https://www.reddit.com/r/amazonecho/comments/5oer2u/i_may_have_found_how_amazon_prevents_the_echo/
https://medium.com/@micaksica/exploring-the-amazon-echo-dot-part-1-intercepting-firmware-updates-c7e0f9408b59
https://vector.libsyn.com/058-why-siri-needs-to-be-a-platform-with-brian-roemmele
https://courses.csail.mit.edu/6.857/2017/project/8.pdf
Vijay from Pindrop