Echo Security Glitch Found

British researchers have found a security vulnerability in Amazon Echo speakers that would allow hackers to install malicious software and listen in on your conversations.

However, to do so they would need physical access to the device, plugging an SD card into the speaker base, for example. Doing so would enable unscrupulous types to get into your Amazon account and make use of the system’s necessary habit of awaiting a wake word, which would normally be “Alexa,” the name of the voice-activated assistant.

The problem is found in Echo speakers sold in 2016, not including the newer Echo Dot. The researchers advise avoiding secondhand sales of those units, checking the seal on the box, and not placing the Echo in a hotel room or office. Amazon also recommends buying the units from Amazon or a trusted retailer and keeping the security up to date.