Keeping Voice-Activated Smart Home Device From Talking to the Wrong People

The introduction of voice-activated smart home solutions – like Amazon Echo and Dot, Google Home, and Apple's HomePod – have brought with them the dream of convenient Star Trek-like interfaces where a user's spoken wish is their command. But at the same time, these devices have served as a Trojan Horse, increasingly inviting in security issues and unintended consequences. The greatest security vulnerabilities created by these products are due to the fact that, while they prominently feature advanced voice recognition, they cannot really tell who's talking. The dangers this presents are compounded when the devices feature the ability to make purchases (with few safeguards under default settings), as well as control smart home features (lights, thermostats, locks, etc.) that users do not want malicious actors to be able to manipulate. These factors have contributed to a number of actual events, which land somewhere between fascinating and frightening as to the level of harm they represent – but all should certainly provoke concern.