Hackers can use lasers to silently “speak” to any computer that receives voice commands, these include smartphones, Amazon Echo speakers, Google Homes, and Facebook’s Portal video chat devices. Former Computing Community Consortium (CCC) Council member Kevin Fu, from the University of Michigan, and his collaborator Takeshi Sugawara, from the University of Tokyo, discovered that it is possible to make microphones respond to light as if it were sound.
This means that anything that acts on sound commands will act on light commands. They found that when they pointed a laser at a microphone and changed the intensity, the light would somehow perturb the microphone’s membrane at that same frequency. The trick lets them send “light commands” from hundreds of feet away. This means that this trick has the ability to possibly “open garages, make online purchases, and cause all manner of mischief or malevolence.” Even scarier, “the attack can easily pass through a window when the device’s owner isn’t home to notice a telltale flashing speck of light or the target device’s responses.”
Fu has been working in the security and privacy device space for many years. He co-chaired a Leadership in Embedded Security Workshop with Wayne Burleson (UMass Amherst) and Farinaz Koushanfar (UCSD), to envision the future of embedded security research and education, in August 2018 that was co-located with the 27th USENIX Security Symposium. The workshop report is coming soon.
See this WIRED article to learn more.