Security flaws in Amazon Echo that let hackers gain root access cannot be patched

IoT

Security flaws in Amazon Echo that let hackers gain root access cannot be patched

IoT

Security flaws in Amazon Echo that let hackers gain root access cannot be patched

New research has revealed that the 2015 and 2016 models of the Amazon Echo feature security vulnerabilities that can be exploited by hackers to turn them into spying tools.

Security vulnerabilities in the 2015 and 2016 models of the Amazon Echo cannot be patched by software updates, leaving them vulnerable forever.

This major security flaw was revealed by security researcher Mark Barnes at MWR InfoSecurity via a blog post published yesterday. According to Barnes, a hacker can 'gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering'.

Proposed bill in U.S. Congress to ban sales of unsecured IoT gadgets

This way, the hacker can gain remote access to an Amazon Echo device, stream live microphone audio to remote services without alerting users and steal customer authentication tokens. The said vulnerability is present in both 2015 and 2016 models of the Amazon Echo.

What's worse is that the said vulnerability cannot be patched using software upgrades, thus leaving the devices vulnerable for eternity. Barnes said that this is due to the fact that the vulnerabilities occurred because of a couple of design flaws, namely exposed debug pads on the base of the device and a faulty hardware configuration setting which allows the device to boot from an external SD Card.

He added that Amazon fixed both design flaws in the 2017 model of the Amazon Echo so the vulnerability has been contained to the older models. The 2016 models of Amazon Echo devices have their model numbers ending with '01' while the 2017 models have their model numbers ending with '02'.

Pacemakers found to contain 8,000 vulnerabilities including lack of encryption

To give some respite to owners of older Amazon Echo models, Barnes added that to gain root access to these devices, hackers need physical access to them to ensure that their microphones are turned on. To ensure their privacy is not at risk, users can thus prevent hackers from exploiting their speakers by turning off a physical mute button at the top of the devices that disables the microphone.

Considering how expensive it is for manufacturers to initiate product recalls and fix design issues, Barnes suggests that they should give a priority to physical security of IoT devices throughout the development life cycle, including the planning stage.

'Physical attacks should also be incorporated into any security assessments as early as possible to increase assurance of the product and save money on not having to produce new hardware prototypes later in product development,' he said.

Commercial drones highly vulnerable to cyber-attacks and criminal misuse

Motherboard spoke to Amazon following the publication of Barnes' research findings and found that it is possible for hackers to pre-hack older Amazon Echo models and then sell it on the secondary market. Amazon has thus advised its customers to purchase Amazon Echo devices only from Amazon or a trusted retailer.

"Customer trust is very important to us. To help ensure the latest safeguards are in place, as a general rule, we recommend customers purchase Amazon devices from Amazon or a trusted retailer and that they keep their software up-to-date," the company said.

Shares
The following two tabs change content below.

Jay Jay

Jay has been a technology reporter for almost a decade. When not writing about cybersecurity, he writes about mobile technology for the likes of Indian Express, TechRadar India and Android Headlines

Comments