Amazon Echo Hacking Wiki(github.com)
github.com
Amazon Echo Hacking Wiki
https://github.com/echohacking/wiki/wiki
14 comments
The most interesting content (to me anyway) is here: https://andrerh.gitlab.io/echoroot/
That page lays out the path/story of originally creating the software needed to root the original Echo.
That page lays out the path/story of originally creating the software needed to root the original Echo.
2016, "A Survey of Various Methods for Analyzing the Amazon Echo", Military College of South Carolina, https://vanderpot.com/Clinton_Cook_Paper.pdf
Our research sets out to look at how this system of interconnected smart devices affects our privacy.. and how can we show this with a practical analysis and vulnerability analysis of our own smart devices.
2019, "Smart Home Personal Assistants: A Security and Privacy Review", Kings College London, https://arxiv.org/abs/1903.05593 Even though the attack surface of SPA is conspicuously broad and there has been a significant amount of recent research efforts in this area, research has so far focused on a small part of the attack surface.. this is the first.. characterization of the security and privacy issues and countermeasures of SPA.
2022, "A survey on security analysis of Amazon Echo Devices", U of Texas, Miami U, Kent State, https://www.sciencedirect.com/science/article/pii/S266729522... We conclude that though numerous privacy concerns and security vulnerabilities associated with the device are mitigated, many vulnerabilities still need to be addressed.The "hack" they missed was the one where amazon sends recordings of your home to thousands of contractors overseas in places like Costa Rica and Romania where they spend all day listening to people having sex, children talking to each other, and acts of domestic violence in between the countless recordings of people asking for a timer to be a set or for a light to be turned on.
Does anyone know if Amazon can push patches down to these devices? Or are they forever vulnerable once the issue is discovered?
Yes, they update firmware and the version is reported in the Alexa app.
GPL source code for Echo devices: https://www.amazon.com/gp/help/customer/display.html?nodeId=...
GPL source code for Echo devices: https://www.amazon.com/gp/help/customer/display.html?nodeId=...
i really want some information like this on rooting my echo show. i don’t care for it as an alexa device but the hardware seems nice and useful to hack on if you take amazon out of the picture.
Blink cameras are another Amazon product with unique hardware (low energy cameras) and software with room for improvement.
These would be tough as they are based on a proprietary ASIC which is poorly documented even for internal developers. Ask me how I know.
Thanks for the insight, albeit disappointing.
Would be a nice Bluetooth microphone.
Also interested if anyone has done anything with the discontinued Glow.
Also interested if anyone has done anything with the discontinued Glow.
The first-party audio processing uses the onboard DSP, which only has proprietary drivers for 2.6.x kernels. This project doesn't support that. You can access the microphone at least and send the data to another, more powerful comouter for processing.
[deleted]
I have done it myself, but I don't know enough to really dig in and take over the sound stuff like I'd want to. It runs tinyalsa iirc.