Four short links: 7 September 2017
IoT Future, DolphinAttack, Grid Threat, and Personal Communicators
- A Tough Week for IoT (Matt Webb) — The native business model of Enterprise IoT is hardware-enabled SaaS. […] What “hardware-enabled” means is that although the hardware is necessary (it’s a sensor, or a camera, or whatever), it’s not core. It can be commodity.
- The DolphinAttack — In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. […] We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana, and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile.
- Hackers Gain Switch-Flipping Access to U.S. Power Grid (Wired) — Chien reasons that they may have been seeking the option to cause an electric disruption but waiting for an opportunity that would be most strategically useful—say, if an armed conflict broke out, or potentially to issue a well-timed threat that would deter the U.S. from using its own hacking capabilities against another foreign nation’s critical infrastructure.
- Orion Labs — Orion is a communicator with smarts on the back end—and they just released real-time translation. It’s hard to make good hardware, and harder to make good social software, so this is a hell of an accomplishment.