Here’s a confession: during the entire period of my iPhone ownership, I have used Siri exactly twice. This probably isn’t exactly the most titillating disclosure, since I’m sure most of you feel about the same, so I’ll sweeten the pot with this fact: Both times, I’ve been making an “open the pod bay doors” joke. I am an enormous dork.
Siri definitely isn’t the most useful software feature for most users, but one group may find her to be particularly helpful—hackers. Yes, a pair of French security researchers have figured out how to silently, wirelessly hack Siri—and other voice-activated agents such as Google Now—in order to control your phone.
Here’s how it works: When your headphones are plugged into your device, they can be used like a radio antenna. With a transmitter and some sneaky coding, you can apparently send radio waves that the headphone wire will pick up and transfer to your mic. Siri will then interpret this as a command.
Although these signals only work from within a radius of sixteen feet, that’s still enough to do damage. Let’s say you set up a 900 number, and then tell everyone’s phone in a 16-foot radius to call it. You could make a lot of evil money very quickly that way. Siri can now control your web browser, so a hacker could use his voice to command your phone to go anywhere on the internet, including some very nasty sites. Malware, eavesdropping, and telling your phone to text needy messages to your ex are all some of the potential nastiness that could result.
As our phones become increasingly integrated into our daily lives, maybe these voice activated assistants will turn into features that we actually use, as opposed to the most boring part of this year’s Apple keynote. However, as they continue to evolve, they’ll exhibit a known behavior of complex systems—they’ll be increasingly easier to hack.