Be very careful when disposing of Amazon Echo.Researcher warns
Wi-Fi access points, personal information, etc. are stored inside smart speakers such as Amazon Echo, so you should be careful when disposing or destroying it, according to a paper by a researcher at Northeastern University. It became.
When researchers investigated the used Echo Dot purchased through eBay etc., it was said that 60% was not reset. In other words, the information used by the previous user remained as it was, and the user's account that was sent to eBay as a used one is at risk of unauthorized access.
MediaTek's "MT8516B" is used for the Amazon Echo Dot's SoC, eMCP is a package of RAM and eMMC for embedding for memory and storage, and Fire OS core is used for the OS. In other words, except for the fact that there is no display, the configuration is not much different from other general-purpose Android devices. Therefore, NAND data can be extracted from the test point.
Echo Dot can not be used unless it is connected to Wi-Fi, but if you extract the NAND data by the above method, you can also extract the SSID and PSK password setting information (wpa_supplicant.conf file) of the Wi-Fi that was connected before. .. And since Echo Dot does not associate the SSID of the connection destination with the MAC address, if you put the same setting as the extracted SSID / PSK password on an appropriate router, Echo Dot will connect to that access point. That is, the attacker could gain access to the Amazon account used by the previous user.
Once you're logged in to your account, Alexa will answer a nearby restaurant, for example, "What's a nearby restaurant?", So you can get a rough idea of where your previous users are. In addition, if you know the SSID and MAC address from the SSID logs that Echo Dot scanned in the past, you can use WiGLE, Google's Geolocation API, etc. to find out the location of the previous user in more detail.
By the way, if you disconnect the device and account from the Alexa app, you will not be able to access your Amazon account (however, the user information and SSID information stored in the Echo Dot will be omitted). However, if the device is not reset, the SSID and stored personal information will be extracted, and even if the device is reset, the information can be extracted if the attacker performs advanced restore processing.
In IoT devices such as Echo, there is little awareness that personal information is retained, so there are many cases where personal information is disposed of without being reset or unlinked. If you really want to dispose of it, selling it second hand is not a good idea, and destroying the chips completely is the best way to do it.