I sometimes write articles describing investigations similar to this one. Do you think this article’s structure is appropriate?
Or would it be better to reduce the need for comments like this one by putting the conclusion much earlier in the piece? I understand not putting the conclusion in the title, but perhaps in the first paragraph, in the spirit of BLUF [0]?
> The SOC (system on chip) controller seems to be connected to the flip flop resets, which makes sense as the product powers on with the microphone enabled as default....
It sounds like you could press mute, walk away and it could reset unmuting itself in the process without you realizing. You would need to constantly monitor that LED for assurance it is still muted. It’s not clear to me from the article how the SOC is connected to the flipflop reset. i.e. can the flipflop reset be initiated via software?
A mechanical switch that can’t so easily and unexpectedly lose its state would be preferable. There are probably good reasons they didn’t do that (aesthetics, cost, reliability?)
Yes that is the technical conclusion. But maybe the most important thing is that we have to do an actual teardown of the product in order to have some confidence that Amazon is not lying on it's Echo capabilities.
To be clear, I am not saying we should trust Amazon & Co, I'm saying that if that's the level of trust we have with home assistance devices, why even bother with the stuff ?
The stakes are so high for Amazon to tell the truth here. If they were lying then there would be outrage among users, media, competition, etc.
I’ve dealt with many people from Amazon in my professional life and based on their handling of customer data I believe Amazon take seriously the trust customers place with them. Amazon believe the Alexa and Echo platform will grow their retail and service relationships with customers.
I don’t think they would throw that away to fool us all into believing a fake mute button - for what?
To me it's unfathomable to have such a device around. I even feel uncomfortable with my neighbor having one (which I _hear him talking to).
I assume it's like reading the side effects of medication and think they are other people's problems somehow. How do people trade core privacy for setting the alarm or getting the weather report by voice command. I don't respect them. Same with off the shelf IP cameras in one's bedroom. Hello?
Air gapped speech recognition and FOSS, or this should never, ever become a thing.
We have options of either to trust the company or some other auditor. We can try getting some laws made to ensure honesty, but I personally don't like that route this early in the technology.
What we need a completely independent organisation like EFF to audit and certify basic guarantees around privacy/safety. The companies should also prefer this route as it would give take some heat off in EU/Congress without creating bureaucratic bottlenecks.
One problem I see that such an organisation can act as front for the cartel to prevent entry of new startups/players.
You're right, but how to do it otherwise? With the camera, there is at least the option of installing a mechanical shutter that can be easily seen (and understood) by users. With audio, I can't think of any similar solutions at the top of my head.
Of course, technically, not even this hardwired circuit is complete proof that there is no trickery going on. If Amazon really wanted, they could simply hide a second mic at some other place inside the device.
I think the only solution that would really solve this was public auditing of the whole device.
This. It's why it's so important for laptops to permit a physical slider to block the integrated camera. It is a low-cost, low tech way to verify that the camera is not picking up usable images.
The real problem is that we don't have something analogous for microphones. The best we could do is some kind of humming device that you could turn on near the sensor that would drown out any noises it might otherwise pick up (and also be unobtrusive).
> But maybe the most important thing is that we have to do an actual teardown of the product in order to have some confidence that Amazon is not lying on it's Echo capabilities.
Isn't it also the most obvious thing?
To be confident something is true, you need to confirm it. How else would the universe and human perception work?
I'd want the source and the build chain for all the mcus on that board, you can turn many things into a microphone. I wouldn't put it past FAANG to get cute with it.
Disclosure: I'm an Amazon Devices PE, but not on Alexa devices.
Jeff (and others) have spoken publicly about this in the past, and this teardown is correct. The hardware is designed such that, if the privacy LED is on, the microphone is unpowered. In order to compromise that, one would need to physically alter/damage the hardware.
> The SOC (system on chip) controller seems to be connected to the flip flop resets, which makes sense as the product powers on with the microphone enabled as default....
To compromise it, one just needs control of the SOC (which Amazon has) to turn the light off and the mics back on.
The fact that the mike defaults to on after power on is completely understandable from a user interface perspective, but from a security perspective it makes the mute switch useless. Why? Because any attacker that has penetrated far enough to be able to control the SOC in order to snoop can also trigger a SOC reset in order to make sure that the mike is enabled before they start snooping.
A physical switch would have been a better choice, if it was actually for security instead of security theatre.
> The fact that the mike defaults to on after power on is completely understandable from a user interface perspective
A compromise would be to play a message after turning the device on, requiring user to take action and unmute it or leave muted. This shouldn't be a problem in most scenarios as Echo is meant to be powered once and run for a long time, so it would be just a minor inconvenience.
The R line for the flip flops goes to the SoC, but we don’t know if it’s tied to SoC’s reset line or if it’s a GPIO on the SoC. In the former case, you’d have to reset the SoC to turn on the mic. In the latter, you can just turn on the mic without reset. In either case, the LED always shows the true state of the mic.
But there’s still a security flaw in this method. If somebody from Amazon will decide to record you, they just send a reboot command to Echo. After reboot mic’s state will be changed back to normal I.e. powered.
From using an echo at home, the unmuted state is only during the bootup process during which there's no processing or recording of audio going on anyway. If it shutdown muted mine starts up muted, even if the power cord is removed.
in the same vein, what about the overlooked 1mm x 1mm chip that holds logic such as {{ if red_led==active then pushAudio('udp://amazon.com/jeffsBathroomSpeaker') }}
> The SOC (system on chip) controller seems to be connected to the flip flop resets
> The 'mute' button appears to be very real and functional. When the button glows 'red' the power is removed from the microphones.
Does the microphone take any time to boot up? How far could a malicious SoC get by toggling "reset" on and off very fast? If you toggle the microphone on and off at 96kHz with e.g. a 1% duty cycle, then you'd be able to sample the level from the microphone at 96kHz, and the LED would still be glowing at 99% of its usual current (which would be visually indistinguishable from 100%). This would allow the SoC to record audio at full quality, and still leave the LED glowing.
Very nice writeup, I love the combination of fun writing style and hand drawn schematics with things quickly escalating to decapping chips.
Also nice to see that the led is a real one, even if the micro does have the ability to override the mute switch... I guess the 80's scifi movies with red glowing eyes to indicate the 'evil' subroutene was activated got it pretty close!
This is a really great breakdown of what’s going on in device. I really appreciate the case removal to look at the inside of the chips, as well as the general explanation of the circuits involved.
Nice to see electronupdate here. For those who don’t know, he also has a YouTube channel[0] where he does teardowns of random ICs. It’s quite interesting seeing the die shots. I’m assuming this post is a continuation of his “part 1” post/video from a week and a half ago[1] about the Echo Flex.
His videos are definitely not scripted (and barely edited), which can be off putting to some (hearing “umm”s among other things), and he doesn’t go into the detail that Ken Shirriff (@kens) does, but they’re interesting nonetheless.
You'd think that he'd be better at interpreting IC markings by now, though....
Part 1 is not "ICFJ", it's "CFJ". The line is the pin 1 marking. This one is the harder of the two; however, if you've been doing this a while, you'd recognize this SOT23-5 as coming from TI, whose online marking code lookup returns "SN74LVC1G14DCK" in just a few seconds. (Incidentally, that means the actual marking is "CF" with a lot/date code marker of "J"; the random-looking lines above and below the text are also a lot or date mark.) No acid needed!
Part 2 isn't marked "COOR", it's "C00" with lot/date code "R". That's decodeable by eye as a TI LVC2G00 dual NAND gate.
The third part, the one marked "JW", is probably an ON Semiconductor dual transistor, but those guys are always harder to track down. The fourth one, the SOT-323 (?) marked "39R"... that one will be hardest of all.
The parallel flops are probably hardening against bit flips from ESD events. There aren't any other active protection devices and phantom flips probably showed up at some point during testing of earlier prototypes.
Colour me impressed! I would have expected a digital pin be used to control the microphone in software, which I wouldn't have been nearly as satisfied to see. Really nicely presented breakdown too.
Interesting read. But if I owned one, I would destroy the trace going to the mic, specifically the one giving power, and install my own physical switch as a physical power switch.
It's likely there are microphones in Echo that even an electronics expert can't "recognize" as a microphone. Any object that is flimsy and can 'vibrate' due to sound, can have it's position used to alter an electrical signal, and anything monitoring that signal can convert the signal easily back into sound. Even a non-data carrying wire with current can do this.
I think we should appreciate that while this isn't the best or most secure design (I'm not that happy with the host controlling the reset), it at least has an LED that shows the microphone status, which can't be controlled by software.
I think this is the very bare minimum we should require from all our digital devices.
The reverse engineering work here showed that "LED is electrically tied to the signal which controls the microphone's power", which means there's no software way to turn the microphone on while keeping the LED red.
Measuring the current of the microphone would only tell us that at a specific moment, the microphone is off and the LED is red. But that might be a software switch, in which case nothing would prevent Amazon to turn the microphone from time to time while keeping the LED red.
[+] [-] jessriedel|5 years ago|reply
> But, basically if one presses the switch it causes the flip-flops to change state and to then either add or remove power from the microphones.
> The 'mute' button appears to be very real and functional. When the button glows 'red' the power is removed from the microphones.
[+] [-] pansa2|5 years ago|reply
Or would it be better to reduce the need for comments like this one by putting the conclusion much earlier in the piece? I understand not putting the conclusion in the title, but perhaps in the first paragraph, in the spirit of BLUF [0]?
[0] https://en.wikipedia.org/wiki/BLUF_(communication)
[+] [-] oops|5 years ago|reply
It sounds like you could press mute, walk away and it could reset unmuting itself in the process without you realizing. You would need to constantly monitor that LED for assurance it is still muted. It’s not clear to me from the article how the SOC is connected to the flipflop reset. i.e. can the flipflop reset be initiated via software?
A mechanical switch that can’t so easily and unexpectedly lose its state would be preferable. There are probably good reasons they didn’t do that (aesthetics, cost, reliability?)
[+] [-] HourglassFR|5 years ago|reply
To be clear, I am not saying we should trust Amazon & Co, I'm saying that if that's the level of trust we have with home assistance devices, why even bother with the stuff ?
[+] [-] rubyfan|5 years ago|reply
I’ve dealt with many people from Amazon in my professional life and based on their handling of customer data I believe Amazon take seriously the trust customers place with them. Amazon believe the Alexa and Echo platform will grow their retail and service relationships with customers.
I don’t think they would throw that away to fool us all into believing a fake mute button - for what?
[+] [-] KraftKacke|5 years ago|reply
I assume it's like reading the side effects of medication and think they are other people's problems somehow. How do people trade core privacy for setting the alarm or getting the weather report by voice command. I don't respect them. Same with off the shelf IP cameras in one's bedroom. Hello?
Air gapped speech recognition and FOSS, or this should never, ever become a thing.
[+] [-] blackoil|5 years ago|reply
What we need a completely independent organisation like EFF to audit and certify basic guarantees around privacy/safety. The companies should also prefer this route as it would give take some heat off in EU/Congress without creating bureaucratic bottlenecks.
One problem I see that such an organisation can act as front for the cartel to prevent entry of new startups/players.
[+] [-] xg15|5 years ago|reply
Of course, technically, not even this hardwired circuit is complete proof that there is no trickery going on. If Amazon really wanted, they could simply hide a second mic at some other place inside the device.
I think the only solution that would really solve this was public auditing of the whole device.
[+] [-] SilasX|5 years ago|reply
The real problem is that we don't have something analogous for microphones. The best we could do is some kind of humming device that you could turn on near the sensor that would drown out any noises it might otherwise pick up (and also be unobtrusive).
[+] [-] BurningFrog|5 years ago|reply
Isn't it also the most obvious thing?
To be confident something is true, you need to confirm it. How else would the universe and human perception work?
[+] [-] dbuder|5 years ago|reply
[+] [-] chaboud|5 years ago|reply
Jeff (and others) have spoken publicly about this in the past, and this teardown is correct. The hardware is designed such that, if the privacy LED is on, the microphone is unpowered. In order to compromise that, one would need to physically alter/damage the hardware.
[+] [-] e9|5 years ago|reply
[+] [-] Daho0n|5 years ago|reply
[+] [-] dom96|5 years ago|reply
[+] [-] sneak|5 years ago|reply
To compromise it, one just needs control of the SOC (which Amazon has) to turn the light off and the mics back on.
[+] [-] appleflaxen|5 years ago|reply
Which we already knew.
The problem is that many people don't trust the good faith of the company you work for, and by extension they won't trust you either.
[+] [-] omnicognate|5 years ago|reply
[+] [-] tobr|5 years ago|reply
[+] [-] jeffrallen|5 years ago|reply
A physical switch would have been a better choice, if it was actually for security instead of security theatre.
[+] [-] dvfjsdhgfv|5 years ago|reply
A compromise would be to play a message after turning the device on, requiring user to take action and unmute it or leave muted. This shouldn't be a problem in most scenarios as Echo is meant to be powered once and run for a long time, so it would be just a minor inconvenience.
[+] [-] rahimiali|5 years ago|reply
[+] [-] jstanley|5 years ago|reply
[+] [-] bobuk|5 years ago|reply
[+] [-] knaik94|5 years ago|reply
[+] [-] 867-5309|5 years ago|reply
[+] [-] mlyle|5 years ago|reply
[+] [-] harrisonjackson|5 years ago|reply
[+] [-] johnghanks|5 years ago|reply
[deleted]
[+] [-] jstanley|5 years ago|reply
> The SOC (system on chip) controller seems to be connected to the flip flop resets
> The 'mute' button appears to be very real and functional. When the button glows 'red' the power is removed from the microphones.
Does the microphone take any time to boot up? How far could a malicious SoC get by toggling "reset" on and off very fast? If you toggle the microphone on and off at 96kHz with e.g. a 1% duty cycle, then you'd be able to sample the level from the microphone at 96kHz, and the LED would still be glowing at 99% of its usual current (which would be visually indistinguishable from 100%). This would allow the SoC to record audio at full quality, and still leave the LED glowing.
[+] [-] _flux|5 years ago|reply
..and it says 10 ms max turn on time, so 100 Hz.
Of course, a typical or minimum turn on time could be better, but I imagine it it were better, it would be advertised as well.
[+] [-] danhor|5 years ago|reply
[+] [-] osamagirl69|5 years ago|reply
Also nice to see that the led is a real one, even if the micro does have the ability to override the mute switch... I guess the 80's scifi movies with red glowing eyes to indicate the 'evil' subroutene was activated got it pretty close!
[+] [-] mlyle|5 years ago|reply
[+] [-] sircastor|5 years ago|reply
[+] [-] colejohnson66|5 years ago|reply
His videos are definitely not scripted (and barely edited), which can be off putting to some (hearing “umm”s among other things), and he doesn’t go into the detail that Ken Shirriff (@kens) does, but they’re interesting nonetheless.
[0]: https://youtube.com/c/electronupdate
[1]: https://youtu.be/gYPLunFMIEI
[+] [-] exmadscientist|5 years ago|reply
Part 1 is not "ICFJ", it's "CFJ". The line is the pin 1 marking. This one is the harder of the two; however, if you've been doing this a while, you'd recognize this SOT23-5 as coming from TI, whose online marking code lookup returns "SN74LVC1G14DCK" in just a few seconds. (Incidentally, that means the actual marking is "CF" with a lot/date code marker of "J"; the random-looking lines above and below the text are also a lot or date mark.) No acid needed!
Part 2 isn't marked "COOR", it's "C00" with lot/date code "R". That's decodeable by eye as a TI LVC2G00 dual NAND gate.
The third part, the one marked "JW", is probably an ON Semiconductor dual transistor, but those guys are always harder to track down. The fourth one, the SOT-323 (?) marked "39R"... that one will be hardest of all.
[+] [-] kevin_thibedeau|5 years ago|reply
[+] [-] Prcmaker|5 years ago|reply
[+] [-] bonoboTP|5 years ago|reply
I'd expect the light to be green when I'm safe from spying.
[+] [-] torgian|5 years ago|reply
[+] [-] WClayFerguson|5 years ago|reply
[+] [-] jwr|5 years ago|reply
I think we should appreciate that while this isn't the best or most secure design (I'm not that happy with the host controlling the reset), it at least has an LED that shows the microphone status, which can't be controlled by software.
I think this is the very bare minimum we should require from all our digital devices.
[+] [-] Krasnol|5 years ago|reply
[+] [-] sunds|5 years ago|reply
Could the feedback from the transistor be used to debounce via the data line as well?
[+] [-] Geminidog|5 years ago|reply
[+] [-] monsieurbanana|5 years ago|reply
Measuring the current of the microphone would only tell us that at a specific moment, the microphone is off and the LED is red. But that might be a software switch, in which case nothing would prevent Amazon to turn the microphone from time to time while keeping the LED red.
[+] [-] njdullea|5 years ago|reply
[+] [-] jaywalk|5 years ago|reply
[+] [-] fctorial|5 years ago|reply