Sign In

Communications of the ACM

ACM TechNews

Google Assistant on Android Devices Could Be Tricked Into Taking Photos, Videos


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The flaws affected Android devices using app permissions.

Google Assistant voice commands had a vulnerability that could have allowed malicious apps to take photos and videos, according to researchers.

Credit: Robert Rodriguez

Researchers at cybersecurity company Checkmarx reported flaws in the Google Assistant on Android devices that would allow hackers to take photos and videos without users' knowledge.

The flaws affected Android devices using app permissions; a demonstration showed a malicious weather app would appear to give forecasts while instructing Google Assistant to shoot photos or video via a background voice request.

Checkmarx alerted Google and Samsung to the issue in July, and the companies released a patch in a Play Store update.

Checkmarx's Erez Yalon said the vulnerability also could have permitted location tracking and eavesdropping, since most photos automatically log global positioning system coordinates in image metadata.

From CNet
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account