Innovative IoT Hardware and the Fight for Privacy

uriotnews

You’ve probably heard the comment that if you want your privacy, then stay away from IoT. It’s easy to suggest not using such products at all. But what if they provide great convenience and you really like them? 

In exchange for that convenience, tech companies expect us to sacrifice our privacy. They expect us to invite always-on microphones into our living rooms, our kitchens, and even our bedrooms. They store our recordings indefinitely, hire human subcontractors to listen in, and sell our data to third parties. That’s a deal we’re not willing to take. We love our smart speakers, but we demand control over when they’re listening and what they hear. In short, we want both convenience and privacy.

A company from Canada called Pleasant Solutions, is bringing privacy back with their first B2C product and third-party solution against privacy breaches.  They’ve created a product called Paranoid, an add-on device that stops your smart speaker from constantly eavesdropping, but allows the smart speaker to continue being voice-activated and as useful as before.

Not everyone is so conscientious about user security and privacy. Check out  The Disastrous State of IoT Vulnerability Reporting.

At the heart of Paranoid is a small circuit board that blocks all audio input to a smart speaker, and allows it only after hearing the wake word: “Paranoid”. The circuit board is entirely self-contained, with no WiFi or Bluetooth connection to the internet (and, therefore, no access to potential hackers). When its onboard processor hears the wake word, Paranoid temporarily enables the smart speaker’s microphone— allowing it to function normally.

Why Not Just Mute Your Speakers?

One of the biggest problems with smart speakers, it’s that muting them disables their main feature: hands-free convenience. As a result, most users completely ignore the mute switch. Instead, they leave their smart speakers constantly on—and constantly listening. Paranoid offers a convenient alternative.

  • At the push of the physical button, Paranoid Home will say what percent of the time it has blocked eavesdropping. For example, “99.2% of listening was blocked this week”.

  • A little LED light turns on anytime Paranoid Home is allowing the smart speaker to listen.

  • Conversation mode is supported.

  •  Paranoid Home not only listens for the “Paranoid” wake word, but it also watches the behaviour of the smart speaker and cuts off listening if the smart speaker does not indicate to the user that it is listening (for example, with the smart speaker lights).

According to Thomas Stachura, Inventor of Paranoid and CEO:

“We are solving a tension between technology and privacy. We prefer to design products that do not require people to trust us before using it, because the design itself makes it impossible for us to take your data.”

The device is available in three separate configurations, each meeting differing needs and designed to suit different smart speaker models.

  • Paranoid Home Button – Paranoid activates a USB-powered button-pusher that physically turns off a smart speaker’s mute button, and then re-engages it after you have finished your voice command. The smart speaker requires a physical mute button and either does not say anything when mute is pressed or can be configured to say nothing (as opposed to saying “mute has been turned on/off” each time). As examples, Amazon Echo and Echo Dot (2nd and 3rd Gen) are supported.
  • Paranoid Home Wave – Paranoid discreetly generates noise and interference in close proximity to the smart speaker’s microphones to jam them. When the Paranoid device detects the wake word, it temporarily stops the jamming to allow the smart speaker to hear and respond to voice commands. (Note: the noise generated by Paranoid Home Wave will not be perceptible to the human ear or cause any sort of disruption or distraction.). As examples, Google Home and Google Home Mini are supported.
  • Paranoid Home Max – If your device lacks a mute button, or if you don’t trust the mute button, we recommend our internal configuration. The user takes or ships their smart speaker to service centers, where technicians physically cut the microphone and bypass the signal to go through the Paranoid circuitry. The device is then returned with Paranoid privacy built in.

The initial model will be available for $49 USD. A pack of 3 will be $129 USD.

Looking for a DIY Version? Take a Look at Project Alias

alias_selected-9-no-wire

Paranoid is not the first attempt to make voice-activated devices more private. You might recall Project Alias, a middle-man device designed to appropriate any voice-activated device. The device was created by Bjørn Karmann and Tore Knudsen and was made with a Raspberry Pi, 3D printing, Python, Tensorflow, Keras, Flask, Javascript, HTML, and CSS.

Equipped with speakers and a microphone, and Alias is able to communicate and manipulate the home assistant when placed on top of it. The speakers of Alias are used to interrupt the assistance with a constant low noise/sound that feeds directly into the microphone of the assistant. First, when Alias recognizes the user-created wake-word, it stops the noise and quietly activates the assistant with a sound recording of the original wake-word. From here the assistant can be used as normal.

alias_diagram_black

The wake word detection is made with a small neural network that runs locally on Alias, which can be trained and modified through live examples. The app acts as a controller to reset, train and turn on/off Alias.

The way Alias manipulates the home assistance allows to create new custom functionalities and commands that the products were not originally intended for. Alias can be programmed to send any speech commands to the assistant’s speakers, which leaves us with a lot of new possibilities. You can get the source code on GitHub.

Further Reading

Our IoT Security Best Practices Refcard

IoT Security Challenges and 5 Effective Ways to Handle Them

This UrIoTNews article is syndicated fromDzone