The researchers have done limited testing with iPhones, tablets, smart speakers, and smart displays but they believe that “all devices that use MEMS microphones susceptible to Light Commands attacks.”
Light Commands do have some limitations, like a malicious party needing to have a direct line of sight to a device and be able to very accurately position a laser on a device’s microphone.
However, the researchers have carried out attacks in moderately realistic conditions and the lack of authentication for voice assistants that can control smart home devices like door locks, garage doors, and more is certainly concerning.
More interesting, some of the tests were even done with just an $18 laser pointer, laser driver, and an audio amplifier for less than a $400 total.
I’ve had a lot of fun putting in smart lights and window shades, and automating various scenes throughout the day. But anything mission critical like locks, garage doors, and appliances remain strictly “dumb.”