As we acquire more voice activated smart devices, there's always the risk that they could be eavesdropping on day-to-day conversations. We've already seen reports of spying TVs, and now MWR InfoSecurity has exposed a vulnerability in Amazon Echo that can turn it into a listening device without affecting its functionality. Exploiting the vulnerability does require physical access to the device. By removing the rubber base at the bottom of the Echo, the research team was able to access the 18 debug pads and directly boot into the firmware of the device, via an external SD card, and install persistent malware…
[Continue Reading]