How much security does Amazon Alexa provide?

Alexa – friend or foe? All facts about data protection at a glance

The opponents of Amazon Echo speakers described the integrated speech software Alexa shortly after its market launch as a "bug" and "data spy". Of course, this soon brought data protection officers, consumer centers, media representatives and technology experts to the fore, who tried to get to the bottom of things with very different tests. Accordingly, their investigative guidelines are also geared to very different factors. We explain what allegations are justified, what scandals fuel the Alexa privacy dispute, and what anyone can do to make the use of their language assistant safer.

Amazon offers more and more devices with integrated Alexa speech software

(Mariella Wendel / health home & smart) 

That Alexa can be turned off via the mute button, critics doubt

(Mariella Wendel / health home & smart) 

Alexa always has an open ear – even for family matters

(Amazon) 

Amazon's eavesdropping: Alexa listens under these conditions

When setting up their Echo speaker, only very few users pay attention to the preset functions. But only those who click on 'Alexa data protection' in the section 'Alexa data protection' can switch off the standard activated evaluation of voice commands. For what Amazon apparently harmlessly titled "Help to improve Alexa", is ultimately an analysis function. With this Amazon admits the right to randomly pass language sequences to Amazon employees. However, this does not mean that Alexa secretly turns itself on or that every user command is automatically passed on.

Echo Dot with Clock is recommended by Amazon as an alarm clock

(Mariella Wendel / health home & smart) 

This allows hackers and data thieves to spy on Alexa information

In practice, it is usually much easier and lucrative to crack a smartphone than the professional voice software from Amazon. However, there is a gateway that many users unknowingly open themselves. These are the additional activatable additional functions of the smart language assistant.

Researchers from the Security Research Labs (SRLabs) have proven through a practical Review how it is possible to secretly install malicious software using such extra features. They programmed a seemingly harmless horoscope skill, the code of which they added after release by Amazon to a malicious software. If a user enabled the skill and thought it had stopped using the Stop command, the application remained active, as the video below shows:

The Wi-Fi network is often less secure than the Amazon Echo

Especially in the bathroom nobody wants to be spied on by Alexa

(health home & smart editors)