As we have seen time and time again, not every device stores our sensitive data in a respectful manner. Some of them send our personal data out to third parties, even! Today’s case is not a mythical one, however — it’s a jellybean Amazon Echo Dot, and [Daniel B] shows how to make it spill your WiFi secrets with a bit of a hardware nudge.
There’s been exploits for Amazon devices with the same CPU, so to save time, [Daniel] started by porting an old Amazon Fire exploit to the Echo Dot. This exploit requires tactically applying a piece of tin foil to a capacitor on the flash chip power rail, and it forces the Echo to surrender the contents of its entire filesystem, ripe for analysis. Immediately, [Daniel] found out that the Echo keeps your WiFi passwords in plain text, as well as API keys to some of the Amazon-tied services.
Found an old Echo Dot at a garage sale or on eBay? There might just be a WiFi password and a few API keys ripe for the taking, and who knows what other kinds of data it might hold. From Amazon service authentication keys to voice recognition models and maybe even voice recordings, it sounds like getting an Echo to spill your secrets isn’t all that hard.
Whether you own any Amazon surveillance devices or not, we know how much you value your privacy. So consider this your friendly reminder that Amazon Sidewalk is going live in a few weeks, on June 8th. A rather long list of devices have this setting enabled by default, so if you haven’t done so already, here’s how to turn it off.
Don’t know what we’re talking about? Our own Jenny List covered the topic quite concretely a few months back. The idea behind it seems innocent enough on the surface — extend notoriously spotty Wi-Fi connectivity to devices on the outer bounds of the router’s reach, using Bluetooth and LoRa to talk between devices and share bandwidth. Essentially, when Amazon flips the switch in a few weeks, their entire fleet of opt-in-by-default devices will assume a kind of Borg hive-mind in that they’ll be able to share connectivity.
A comprehensive list of Sidewalk devices includes: Ring Floodlight Cam (2019), Ring Spotlight Cam Wired (2019), Ring Spotlight Cam Mount (2019), Echo (3rd Gen), Echo (4th Gen), Echo Dot (3rd Gen), Echo Dot (4th Gen), Echo Dot (3rd Gen) for Kids, Echo Dot (4th Gen) for Kids, Echo Dot with Clock (3rd Gen), Echo Dot with Clock (4th Gen), Echo Plus (1st Gen), Echo Plus (2nd Gen), Echo Show (1st Gen), Echo Show (2nd Gen), Echo Show 5, Echo Show 8, Echo Show 10, Echo Spot, Echo Studio, Echo Input, Echo Flex. — Amazon Sidewalk FAQ
Now this isn’t a private mesh network in your castle, it’s every device in the kingdom. So don’t hesitate, don’t wait, or it will be too late. Grab all your Things and opt-out if you don’t want your doorbell cam or Alexa machine on the party line. If you have the Alexa app, you can allegedly opt out on all your devices at once.
When Amazon released the original Echo, it was a pretty simple affair. Cylinder, some LEDs on top, done. Then they came out with the Echo Dot, which was basically the same thing, but shorter. It seemed like there was a pretty clear theme for awhile, but then at some point Amazon decided it would be a good idea to start producing Echo devices in every form factor imaginable, from wall plugs to literal sunglasses, and things got a lot more complicated. As a perfect example, take a look at this teardown of the third generation Echo Show 10 by [txyzinfo].
Granted the base still looks a bit like the Echos of old, but the family resemblance stops there. As you can probably gather from the name, the Show features a high resolution 10.1 inch LCD panel, greatly improving the number and type of advertisements Amazon is able to force on the user. In true Black Mirror fashion, there’s even a brushless motor in the base that allows the machine to rotate the display towards the user no matter how hard they try to escape.
The teardown is presented with no commentary; in both the video below and on the Hackaday.IO page, all you’ll find are clear and well-lit images of the device’s internals. But for those who are just interested in what the inside of one of these $250 USD gadgets looks like, that’s all you really need.
At this point, it doesn’t seem like [txyzinfo] is trying to reverse engineer the Show or figure out how it all works, and looking at the complexity of that main board, we’re not surprised. Still, it’s a marvel to look at all the hardware they packed into such a relatively small device.
Like many of us, [Michael] needed a way to let the family know whether pants are required to enter the room — in other words, whenever a videoconference is in progress. Sure he could hang a do not disturb sign, but those are easy to forget. There’s no need to worry about forgetting to change status because this beautiful wall-mounted sign can be controlled with Alexa.
Inside the gorgeous box made from walnut, curly maple, and oak is an ESP32, some RGB LEDs, and three MOSFETs. [Michael] is using the fauxmoESP library to interface the ESP32 with Alexa, which emulates a Phillips Hue bulb for the sake of using a protocol she already knows. [Michael] can change the color and brightness percentage with voice commands.
The sign is set up as four different devices — one default, and one for each color. Since talking to Alexa isn’t always appropriate, [Michael] can also change the color of the LEDs using sliders on a website that’s served up by the ESP. Check out the full build video after the break.
We are always surprised that Amazon or Google doesn’t employ Kelsey Grammer — TV’s Frasier — as a spokesman for their smart home devices. After all, his catchphrase was, “I’m listening…” Maybe they don’t want to remind you that the device could, theoretically, be sending everything you say to them or a nefarious hacker or government agency. Sure, there’s a mute button and it lights up a red LED.
But if you are truly paranoid, that’s not enough. After all, the same people want to eavesdrop on you would be happy to fake a red light. [Electronupdate] had the same thought and decided to answer the question: does the mute button really mute your microphone? The answer required not only some case opening and analysis, but there was even some IC decapsulation.
We were impressed with the depth of the analysis. The tiny SMD parts are marked confusingly, and if you are really paranoid you don’t believe them anyway. But looking at the actual circuit die is pretty unambiguous. The parts in question turned out to be a Schmitt trigger, a flip flop, and a NAND gate.
WiFi just isn’t very good at going through buildings. It’s fine for the main living areas of an average home, but once we venture towards the periphery of our domains it starts to become less reliable. For connected devices outside the core of a home, this presents a problem, and it’s one Amazon hope to solve with their Sidewalk product.
It’s a low-bandwidth networking system that uses capability already built into some Echo and Ring devices, plus a portion of the owner’s broadband connection to the Internet. The idea is to provide basic connectivity over longer distances to compatible devices even when the WiFi network is not available, but of most interest and concern is that it will also expose itself to devices owned by other people. If your Internet connection goes down, then your Ring devices will still provide a basic version of their functionality via a local low-bandwidth wide-area wireless network provided by the Amazon devices owned by your neighbours. Continue reading “Amazon Sidewalk: Should You Be Co-Opted Into A Private Neighbourhood LoRa Network?”→