Siri? Are you seeing another man?

A group of computer scientists from Italy and Poland reckon they can use steganography to hide covert messages in users' voice commands to Siri.

What's interesting about the work, described in this paper at Arxiv, is that it doesn't involve installing new software on the target device. Rather, iStegSiri would exist as a man-in-the-middle between an iOS user and Siri in the cloud.

Since that demands access to the network channel from the user to Siri, and since it needs a jailbroken device, it's not yet a practical attack.

As the researchers told IEEE Spectrum, iStegSiri is a proof-of-concept designed to try and get the security community to pay better attention to steganography-based attacks.

In Siri, the iOS device captures, packetises and transmits a user's request to Apple's servers – and speech has a recognisable pattern of voice and silence.

iStegSiri looks at that pattern, and crafts the data it wants to transmit in a way that mimics those patterns. A third party with access to the network channel just needs to examine the conversation and extract the hidden data.

The researchers, Luca Caviglione, of the National Research Council of Italy and Wojciech Mazurczyk, Warsaw University of Technology, write: “We split the overall traffic into different components using a set of ranges for Siri’s protocol data units (PDUs). PDUs in the range of 800–900 bytes represented talk periods, while PDUs in the range of 100–700 bytes represented inactive periods.

“With this partition, we were able to arbitrarily encode 1 and 0 within the traffic”, the paper states. “The iStegSiri method can send secrets at a rate of about 0.5 bytes per second. For instance, a typical 16-digit credit card number can be transmitted in about 2 minutes”.

The paper notes that Google Voice, or even Shazam, could equally be used as the carriers of steganographically-hidden data.

Vulture South would add that a suitable modification to VoIP phones would also provide a vector for hiding data in what looks like voice, to evade data loss prevention systems.

The best place for countermeasures to something like iStegSiri, the paper states, is at the server side. Apple could, for example, “analyse patterns within the recognised text to determine if the sequence of words deviates significantly from the used language’s typical behaviours”. ®