This weekend I went Granada to speak in JASyP (Jornadas de Anonimato, Seguridad y Privacidad) about Virtual Voice Assistants. If you are near Granada or yo are curious about security and privacy, I recommend you to contact with the organization behind this event, @inter_ferencias. They are awesome!
Some months ago Interferencias released the CFP of JASyP 2019. I already talked about Certificate Transparency there in 2017 and it was a great experience where I met awesome people. Last year I couldn't go but this year I couldn't miss it. I decided to send a paper about Virtual Voice Assistants, this days data is as valuable as oil and this kind of smart assistans have access to 'unlimited' private data about our daily life.
In this talk the first fourth points are about privacy, what is privacy, why we need it, what happens when we haven't any privacy, what are the new ways to attack our privacy and what happens when we industrialize these methods.
Then, the second part of the presentation explains what is a virtual voice assistant, which are the devices related to them, a privacy risk analysis and some annotations from a software and hardware security review performed on Google Home and Apple HomePod.
Finally, I explain some new privacy projects for Virtual Voice assistants like 'Project Alias'. Alias is a proof of concept which aims to solve some privacy issues like the active listening of the hardware assistants.
If you are concerned about privacy and security, I encourage you to take a look on the slides of the talk.
Thanks for reading this post. If you have any question, annotation or you only want to say hello... you can contact me in Twitter, a comment in this post or using smoke signals =P
Don't doubt asking me any question using the comments or my mail in the home page.