Smart Speaker Attachment Protects Users from Eavesdropping

Danish engineers have developed an attachment for smart speakers that protects users from being eavesdropped on and also allows them to rename their voice assistant. Most of the time, the device plays white noise directly into the speaker’s microphone, but it stops when it hears the user’s activation word. A description of the project was published on the website of one of the developers, Bjørn Karmann.

How Smart Speakers Work

The vast majority of smart speakers operate in a similar way. In standby mode, their algorithms constantly analyze sounds from the microphone, listening for an activation phrase such as “Alexa,” “OK Google,” or others, depending on the manufacturer. Developers of smart speakers claim that, in this mode, the algorithms run only on the device itself and do not send recorded audio to company servers. After the assistant hears the activation phrase, it starts listening for further commands and connects to company servers for processing. However, since most smart speakers use proprietary algorithms, it’s difficult to verify if the device truly works this way.

Open-Source Solution for Privacy

Engineers Bjørn Karmann and Tore Knudsen created an open-source device and software that guarantees user conversations are not recorded by the smart assistant. The device is a 3D-printed attachment for a smart speaker. Inside, it contains a Raspberry Pi single-board computer, a module with two microphones, and two speakers. Before use, the user sets their own activation phrase by saying it several times. During this process, the device records voice samples and trains a neural network algorithm to recognize the phrase.

How the Device Works

While operating, the device constantly emits a low-level noise, and because its speakers are placed right next to the smart speaker’s microphones, this is enough to block them. At the same time, the device listens for the user’s activation phrase. Once it hears the phrase, the speakers stop playing noise and quietly say the original activation phrase of the smart speaker, such as “OK Google,” allowing the user to interact with the voice assistant.

Open Instructions and Growing Concerns

The developers have published detailed assembly and setup instructions, as well as 3D printing models, on Instructables, and the source code for the software is available on GitHub.

Smart speakers have become so widespread that, for example, about a quarter of households in the United States have at least one such device. As a result, information security researchers are paying increasing attention to this technology and highlighting its vulnerabilities. For instance, researchers have already learned how to give voice assistants commands that are inaudible to humans or even embed hidden commands into audio that sounds normal to people.