Controlling Siri and Google Now with a Yagi and USRP
Wired magazine have recently run a story that shows how French researchers have discovered a method for remotely controlling modern smartphones through an RF attack that targets the voice control functionality called Siri on the iPhone and Google Now on Android. The attack only works for phones that have voice commands enabled, and there must be a pair of microphone enabled headphones plugged in.
The attack is pretty simple in theory. It works by using a software defined radio to transmit a high power amplitude modulated CW signal that will be picked up by the microphone’s cable which acts like an antenna. The AM CW signal is modulated in such a way that the built in low pass filter in the microphone works as a demodulator and turns the signal into an audio voice command.
In their experiments they were able to use a USRP SDR, amplifier and directional Yagi antenna to cause a smartphone to load up their webpage. The same attack could probably be performed with a cheaper HackRF SDR.
A talk by the researchers was uploaded to Google earlier this month and is shown below.