19 December 2019

International cybersecurity expert warns of festive smart speaker privacy risk

International cybersecurity expert warns of festive smart speaker privacy risk

A photo of Professor Karen Renaud smiling

An internationally renowned cybersecurity expert is urging people to secure their smart speakers festive season, as tech experts tip the devices to be among this year’s most popular Christmas gifts.

Devices such as the Amazon Echo and Google Home have become useful additions to many homes, but can also cause a whole host of unintended problems.

Abertay University Professor Karen Renaud (pictured) is encouraging people to be aware of this, and says there are simple steps you can take to mitigate the risk.

She said: “Firstly, I want to say that I am not discouraging people from using these devices. They are very convenient and have the potential to change lives for the better.

“What I’m saying is that you should set up these devices in a way that protects your privacy as much as possible, and stops people from abusing them.

“If you get a smart speaker for Christmas, I would encourage you to take these steps immediately. If you’re using one now, it’s never too late to update your settings.”

She is encouraging people to take the following simple steps:

  1. Change your smart speaker’s “wake word” – the word that tells it to start listening.

“If you keep the name of the device as it was issued then anyone can wake it and ask it to do whatever they want it to do.

"I would suggest that you use a random, unusual name so that it is effectively locked to other people so that, for example, someone shouting through your letterbox would not be able to control it. It’s very easy to change its name through the corresponding smart speaker app."

  1. Switch off voice based ordering.

“Once again you can do this through the app, and taking this step can help prevent unexpected and unwanted expenses.

“There have been cases of children ordering toys for themselves, and there was even a story of a PARROT ordering something! Voiced based ordering means that anyone who knows the wake word can order anything. You lose an element of control, but It’s very easy to take back.”

  1. Know where the mute button is.

“While these devices are on they are listening to everything you say or do, and there are always going to be cases where you’d rather that doesn’t happen.

“If you press the mute button, it won’t be listening in to these private conversations.” 

  1. Turn on the explicit filter/family friendly mode – if you want

“With some smart speakers, family friendly mode is not a default setting. While that doesn’t mean you’re going to hear your device spluttering out swear words, it could have unwanted consequences.

“If a child asked it to tell them a joke, the response might be a little ruder than you’d want. Also, choosing this option will stop your device from playing explicit songs or radio stations.” 

  1. Got guests over? Pack your device away.

 “If you’re having a party and you have guests over that you don’t know particularly well, you might want to pack your smart speaker away. It’ll take orders from anyone, not just you.

“Having said that, changing the wake word as I’ve suggested is an excellent way of preventing unauthorised people from using your device."

To find out about studying Ethical Hacking at Abertay visit: https://www.abertay.ac.uk/course-search/undergraduate/ethical-hacking/

For further cybersecurity advice visit: http://karenrenaud.com/advice.html 


Share This