Voice Recognition Software: The Next Big Security Threat?

Voice

A recent Forbes article warns that voice recognition software could be the next big security threat. Technology savvy smart phone users are likely familiar with the likes of Apple’s speech recognizing virtual assistant, Siri or Google’s answer to Siri, Google Now. Most, however, probably will not take too kindly to AVG’s Yuval Ben-Itzhak’s dire warning about the security risk posed by voice recognition software.

According to Ben-Itzhak, the risk is so great that users are urged to cease using speech recognition programs immediately. He was quoted in an interview with Forbes as saying,

Microphones should be disabled immediately and our current recommendation is that the user switch off features [involving voice commands].

Some people may be complacent about being able to ask your phone to send a text message or having a list of gluten-free recipes pop up at the sound of your voice. Others might be excited and wish for the days when making a call will mean talking to someone face-to-face on your smart phone screen. Some are likely to be disheartened about being told that voice recognition software is the next big security threat. Most people might find the actual history of voice recognition software pretty interesting.

It started as early as the 1950s when the “Audrey” System, was designed by Bell laboratories. Audrey could understand a single voice reciting digits but in 1962, IBM introduced a machine called the “Shoebox” which could understand 16 English words. In the 1970’s, the U.S. Department of Defense got involved and speech recognition developments began to move rapidly. It was then that “Harpy,” a system that could recognize over 1000 words, was developed.The 1980’s saw speech recognition efforts focused more on prediction.

Tech Hive writer, Melanie Pinola, writes about…”A new statistical method known as the hidden Markov model (HMM). Rather than simply using templates for words and looking for sound patterns, HMM considered the probability of unknown sounds being words.”  Dragon speaks was introduced in the 1990’s but with a $9000 price tag, making it somewhat unobtainable for many. In fact, advances in speech recognition technology stalled for a period until Google introduced a voice search application for the iPhone in 2008.

The next big thing was 2010’s introduction of the voice search feature for Android by Google, of course, and then came Siri. Designed to incorporate what she knows about you, Siri is at once playful as well as entertaining. In answer, Google launched Google Now and Microsoft has jumped into the ring with Cortana which promises the ability to integrate your home based technology, temperature controls and motion sensors, etc., with the voice controls on your smart phone.

With all the cool advances in speech recognition some will likely be devastated by Ben-Itzhak’s warning. He and his team, however, performed experiments to test just how far a person of nefarious intent could go by using his or her voice to activate someone else’s speech recognition software. It turns out that voice recognition software does not necessarily recognize just one voice.

According to Ben-Itzhak, “…There is something very basic here that everyone seems to have forgotten: authentication. If you have a smart TV at home, for instance, it will respond to a synthesized voice as well as yours.” He warns that voice recognition software will soon be embedded in everything from smart watches to refrigerators.

He likens leaving it as it is today to walking away from your computer, “Without a password and just allowing anyone to walk by, click and take an action.” Notwithstanding all the excitement generated by the newest technological advances, people everywhere should beware; voice recognition software could be the next big security threat.

By Constance Spruill

Sources:

Forbes

The Independent

CNET

Tech Hive

AVG

 

 

3 Responses to "Voice Recognition Software: The Next Big Security Threat?"

  1. Ravin Sanjith   October 7, 2014 at 10:34 am

    The article does not differentiate between SPEECH and SPEAKER recognition; the latter being the security product, while the former being criticised as a security risk.

    Very misleading!

    Reply
  2. Steve Hoffman   October 2, 2014 at 9:17 pm

    While this article has an interesting account of voice technology history, it merges two entirely different technologies into one–speech recognition! Voice recognition (the ability to identify a unique person based upon their 200 different characteristics of speech) and Speech recognition (translating the spoken words of many people into text or data strings). This article does a disservice to the author and publisher. There are many great resources about voice recognition on the web. One I particularly like was presented on TEDx and worth viewing at: http://www.youtube.com/watch?feature=player_embedded&v=tkNx80RUtEc

    Reply
  3. Dan Miller   October 2, 2014 at 9:14 am

    This article is totally off-base and misleading. Turning the microphone off on your phone turns it into a texting device and mobile browser. Indeed, using the mobile phone for any voice-based services can expose people to fraud. But this article conflates a number of technologies that can, indeed, be very useful to individual wireless subscribers while, at the same time, ignoring the fact that voice-based authentication methods (using voice biometrics) would solve the very issues that Ben-Itzhak shows so much concern about.

    Reply

Your Thoughts?