In the spring of last year, cybersecurity researcher Takeshi Sugawara walked into the lab of Kevin Fu, a professor he was visiting at the University of Michigan. He wanted to show off a strange trick he’d discovered. Sugawara pointed a high-powered laser at the microphone of his iPad—all inside of a black metal box, to avoid burning or blinding anyone—and had Fu put on a pair of earbuds to listen to the sound the iPad’s mic picked up. As Sugawara varied the laser’s intensity over time in the shape of a sine wave, fluctuating at about 1,000 times a second, Fu picked up a distinct high-pitched tone. The iPad’s microphone had inexplicably converted the laser’s light into an electrical signal, just as it would with sound.
Six months later Sugawara—visiting from the Tokyo-based University of Electro-Communications—along with Fu and a group of University of Michigan researchers have honed that curious photoacoustic quirk into something far more disturbing. They can now use lasers to silently “speak” to any computer that receives voice commands—including smartphones, Amazon Echo speakers, Google Homes, and Facebook’s Portal video chat devices. That spy trick lets them send “light commands” from hundreds of feet away; they can open garages, make online purchases, and cause all manner of mischief or malevolence. The attack can easily pass through a window, when the device’s owner isn’t home to notice a telltale flashing speck of light or the target device’s responses.
“It’s possible to make microphones respond to light as if it were sound,” says Sugawara. “This means that anything that acts on sound commands will act on light commands.”
In months of experimentation that followed Sugawara’s initial findings, the researchers found that when they pointed a laser at a microphone and changed the intensity at a precise frequency, the light would somehow perturb the microphone’s membrane at that same frequency. The positioning didn’t need to be especially precise; in some cases they simply flooded the device with light. Otherwise, they used a telephoto lens and a geared tripod to hit their mark.
As a result, the microphone interpreted the incoming light into a digital signal, just as it would sound. The researchers then tried changing the intensity of the laser over time to match the frequency of a human voice, aiming the beam at the microphones of a collection of consumer devices that accept voice commands.VIDEO: THE UNIVERSITY OF ELECTRO-COMMUNICATIONS; THE UNIVERSITY OF MICHIGAN
When they used a 60 milliwatt laser to “speak” commands to 16 different smart speakers, smartphones, and other voice activated devices, they found that almost all of the smart speakers registered the commands from 164 feet away, the maximum distance they tested. Smartphones proved trickier: An iPhone was only susceptible from a range of around 33 feet, and two Android phones could only be controlled from within around 16 feet.
In a second experiment, the researchers tested the power and range limits of their technique, downgrading to a 5 milliwatt laser—equivalent to a cheap laser pointer—and moving 361 feet away from their targets in a hallway. While their tests mostly failed at that range, they nonetheless found that they could still control a Google Home and a first-generation Echo Plus. In another test, they successfully transmitted their laser commands through a window onto a Google Home’s microphone inside a nearby building nearly 250 feet away.VIDEO: THE UNIVERSITY OF ELECTRO-COMMUNICATIONS; THE UNIVERSITY OF MICHIGAN
The “voice” commands carried on that laser beam, the researchers point out, would be entirely silent. An observer might notice a flashing blue spot on their microphone—if they were even home to see it. “Your assumptions about blocking sound aren’t true about blocking light,” says Daniel Genkin, a professor at the University of Michigan who co-led the team. “This security problem manifests as a laser through the window to your voice activated system.”