Triggering Smartphones With Ok Google

Think a few moves ahead. How can this tactic be used against you? How can you use it yourself?

Earlier this week, Burger King released a broadcast television ad that opened with an actor saying, “Ok, Google, what is the Whopper?” thereby triggering any Google Home device in hearing range to respond to the injected request with the first line from the Whopper’s Wikipedia page. Google very properly responded to the injection attack by fingerprinting the sound sample and blocking it from triggering responses. However, it seems Burger King and/or its ad agency are either unwilling or congenitally incapable of getting the hint, and has released an altered version of the ad to evade Google’s block. According to spokesperson Dara Schopp, BK regards the ad as a success, as it has increased the brand’s “social conversation” on Twitter by some 300%. It seems that Burger King thinks that malware-laden advertising infesting webpages is a perfectly wonderful idea (in principle, at least), and has taken it to the next level by reaching through your TV speakers and directly messing with your digital devices. You may wish to consider alternate vendors for your burger needs.

Want Your Own Stingray? You Can Buy One has them for under $2000. Do a search for “IMSI catcher.”

I’m not advocating that you break the law with it; I’m just a fan of ensuring that the playing field is as level as possible.  I’m not responsible for your search being fruitful or constructive.

You’re welcome.

Also,  read the latest Schneier report.


Site Issues

UPDATE 0806 MST: All fixed.

There seems to be some issue with logging into the site. Thankfully, I have a backup account/method to get in. Pretty sure it’s a mod security thing. At any rate, I’ll be working on it today. You may not be able to log in but never fear, you’ll be able to send me hate mail again soon. 😉

In the meantime, go do something productive.