Despite the boom and the active commitment that many users make to connected devices in general and smart speakers in particular, you sweat about whether or not they are safe and are still present. Much more so when studies appear that indicate that the Amazon Echo they store information about their owners even when they have been factory reset. Therefore, are they really insecure?
The fear of connected devices
Despite the fact that more and more users embrace connected devices such as smart bulbs, locks and sensors for doors or windows, thermostats and, mainly, smart speakers among others, it is true that there is still a lot of fear and mistrust regarding their use within the home.
In the case of smart speakers even more, because they include microphones that are there to hear everything what we say when asked or maybe not. Because we have already experienced controversies in which they not only listened to practically everything that was said, it is that the recordings could also be accessible to the personnel of the company that manufactures them.
Well, despite the fact that those problems about unauthorized eavesdropping have already been solved, it seems that there is always something new and the latest is a research carried out by Northeastern University and it splashes directly to the Amazon Echo.
This team of researchers decided to purchase several of the company's speakers on the second-hand market. When they received them, they were surprised that more than 60% of them came without factory reset. Therefore, they kept all the information and even access to services that could pose a major problem for its previous owner.
Of course that is a human oversight, because they did not care in reset or erase the Amazon Echo, but what would happen if we told you that even after being respected from the factory they continued to keep information from the previous owner.
Well that's what happened in the Flash memory of the Echo there is still data such as those that give access to the WiFi network, smart devices connected to the device, etc. That is, information that should not be there. But that implies that are they really insecure and should we forget about them in our day to day?
Are they really insecure?
From the information provided by Northeastern University: at first you have to think that they are certainly not secure devices. But, secondly, when you see the process to gain access to that data, things change.
In order to know data like the ones described above through the Flash drive of an Amazon Echo, it is necessary desolder the chip from the board of the device and then place it in a special reader. It is not something that you can do from home in just 30 minutes with a simple USB cable.
So yes, the data is there, but the risk is greatly reduced. So it should still be considered that it is not so much a risk as an opportunity to continue improving a device like these Amazon Echo through formatting processes at a lower level so that everything is ready.
Surely Amazon will do something, although they have already commented that the really important data such as the user account and your password or credit card is never shared, because It's not information that's on the speaker.
So, we are not going to tell you what you should do or not, surely you have criteria and reasons to make the decision you want, but you should think about how many times we are giving all that information by ourselves (many times without being aware of it). and the use they could make) and it is not through a smart speaker.
Of course, our recommendation for any type of device that you are going to sell is that you consult the product information to perform the factory reset and erase as indicated by the manufacturer. It will save you trouble.