Any hackers in here? Hack a Google Home?

Just wondering if I can change the main program in a Google Home, or is it hard coded? It must allow updates to the software, so can I fool it this way and give it an altered version?

Reply to
Commander Kinsey
Loading thread data ...

I'd be very surprised if the updates did not have to be cryptographically signed by Google. Since you would have no way to sign a substitute program, it is unlikely that you'll be able to replace the software via the usual update process.

Depriving people of control of things they own is perhaps the most egregious use of cryptographic signing that exists, but until legislators get involved (don't hold your breath), that's where we stand.

This is not to say it's impossible to do, but will probably require considerable technical knowledge, and time, if it can be done at all.

Sylvia.

Reply to
Sylvia Else

I have virtually no knowledge of hacking, but isn't the program in there kinda like an OS? Or the only program running under the OS? No matter what Microsoft put in Windows, they cannot stop me deleting it and inserting Linux onto my desktop. Why can't I do the same with the Google Home?

Reply to
Commander Kinsey

Make sure you are fully aware of what you can ALREADY do!

formatting link
formatting link
HTH

Reply to
David Brooks

It really comes down to what code the system runs when it starts, whether that's called a BIOS, a boot loader, or whatever (hereinafter boot loader). If the boot loader is not willing to load and run code that's not been signed with a signature that it will accept, then that's a significant obstacle. You'd have to replace the boot loader, which could involve physically removing a ROM and supplying a different one (whose code you got from....?), or re-flashing it (ditto), if it allows itself to be re-flashed, and again you have the issue of whether the replacement needs to be signed.

Your Google Home may well not even have a separate boot ROM - everything could be on a single chip.

As for PCs so far, the likes of Microsoft have not been able to persuade/cajole/threaten/bribe the manufacturers of CPUs, laptops and motherboards to allow only programs signed by said likes to run, and this is why you can install other software.

Sylvia.

Reply to
Sylvia Else

Yes I'm aware of the phone app. Actually you don't even need a Google Home, you can just use your phone!

And I've already used the phone app to get free Spotify music, bypassing the £10 per month fee which lets you choose tracks :-)

Reply to
Commander Kinsey

Not that it's any use. A burglar needs to be in your home to hack it to get into your home. Er.... catch 22.

Indeed, I wonder why the Google Home is resistant to the same hack? I guess the thermostat is a simpler device.

Indeed. This stupid rental idea of software like MS Office is insanity. Anything within my property should be mine to keep forever. And that includes my neighbour's wife tied up in the garage.

Reply to
Commander Kinsey

Well, there's nothing wrong with the concept of software rental, any more than of the rental of anything else.

But you know when you're getting into a rental agreement. For much locked-down hardware, there's no indication at the time of purchase that the contract is anything more than a transfer of ownership. Yet in some cases, the vendor continues to apply updates, even when the new owner tells them not to.

Sylvia.

Reply to
Sylvia Else

Remote execution of (arbitrary) code is the most valuable type of hack and also the hardest to achieve. Even if you do achieve it the mechanism used is often fixed quickly by the vendor as it's the most critical vulnerability.

Reply to
Chris

Here is one place to start... Find out what is inside of a Google Home Mini which should be close to the other GOogle Homes... Good to know what you are trying to deal with before you try anything.

No a lot to see here but...

formatting link
Same guy... A closer look into some of the parts.
formatting link

You might be able to start from scratch on firmware by knowing what the processor is (ARM of course) but I'm sure it is code read protected and so you would have to write EVERYTHING yourself or find libraries for that part. Marvel I think.

I wish that the Google Homes were stereo like the Amazon Echos and Alexas are.

boB

Reply to
boB

It is tried from time to time. Usually the US Justice Department brings an anti-trust case, which stops this train. But this only happens if the then President allows the Justice Dept to bring such a case.

A big fight in the US is John Deere not allowing farmers to repair their million-dollar harvesters and combines. Multiple states have enacted right-to-repair laws (often by referendum) to prevent this kind of abuse.

I voted for just such in Massachusetts. Not that I am a farmer, but we do need competition to maintain discipline in the vendor ranks.

Joe Gwinn

Reply to
Joe Gwinn

I disagree. If I rent a lawnmower from you, I return it the next day so you can rent it to someone else. But if I rent software from you, you don't need it back, as it isn't eh only one. It's just a copy of it. If I don't give it back, you still have it!

But how do I avoid it? I have pirate MS Office, the old proper real one. When I thought my Powerpoint wasn't working, I looked it up and MS tried to sell me it on that horrid phone-type Metro app thing, which looked like I had to store the files on their server! So not only do I rent it, but they get to see my personal stuff! No thanks. My software and my files on my hardware in my property please. I don't believe in god and I don't believe in the cloud.

Tesla is worse. I heard of the following: Tesla sell cars in a base model, and if you want to upgrade at the time of purchase, or later, they just "turn on" the function, which was already in the car!!! Like air conditioning or faster acceleration. So when you buy the base model, that hardware is in your possession! But you can't use it! Even worse, if you buy it, then sell your car, advertised as having air conditioning, then Tesla notices it belongs to someone else, they turn it off again! Then the new owner buys the same thing. Again! Tesla sold one physical item twice! WTF?!

Reply to
Commander Kinsey

Can you not get two google home speakers and call one a left speaker and one a right? Once they're told this, they will output two channels? It is pointless to have stereo on a single unit in one place in your room (although mine is hard wired into my stereo!)

Reply to
Commander Kinsey

I would just buy from a different make. John Deere would lose sales and stop messing about.

Reply to
Commander Kinsey

On Oct 16, 2022 at 3:41:07 PM MST, ""Commander Kinsey"" wrote snipped-for-privacy@ryzen.home:

Perhaps at some point in your life you will invent something of value.

Reply to
Snit

You know better than that.

Electronics never work the way you want. It's a given.

Google can mix-down stereo to MONO and send to all your units. Sending MONO cuts their data traffic in half. Bonus.

Only if the unit had a 1/8" jack on it, might someone at Google be tempted to send stereo.

Paul

Reply to
Paul

Well Google must be lying then....

formatting link
"For an immersive music and media experience, you can connect 2 speakers to set up stereo sound."

Reply to
Commander Kinsey

Even though the speakers have Bluetooth, Bluetooth won't allow one host device, to drive two mono speakers. I believe I've already tried this. That page only describes a Wifi method.

There is also no description of telling "L" from "R". The instructions should have allowed selecting one device, declaring it "L", selecting a second device, declaring it "R", and then... not losing the bloody settings a day later.

That page seems to leave it as an exercise for the reader, to put the speakers in the correct orientation, after carrying out the Google procedure.

This isn't as seamless as it looks. You can imagine if you'd bolted the two speakers to the ceiling, and "L" and "R" needed to be swapped, you'd be just a bit annoyed.

In that sense, these speaker ideas (I own a couple mono BT speakers), are less than ideal, compared to wired solutions.

Because your device has two microphones on it, that immediately removes it as a candidate in my house. This is a no-microphone house. I don't want to hear "What was that ? I didn't catch all of that. You'll have to speak up" coming out of any miniature trouble-makers.

The computer speakers in this room, I set them up once, wired "L" to "L" and so on, and they've never needed setup (or batteries changed) since then. Now that's convenience.

Paul

Reply to
Paul

Why use bluetooth?!

Eh? It's quite clear: "The lights on one of the speakers should start to flash white. Tap Left or Right to match the location of the speaker that blinks "

No, you just set them up again.

They say nothing until you say "hey google".

But you had to wire them. And what if those speakers are all over the room? Wires to be hidden neatly over the whole room?

Reply to
Commander Kinsey

Wifi nowadays is pretty good. Anyway, a long speaker cable picks up hum and introduces resistance.

Which is easier than the longer run of cable to connect the speaker cone to the amp on the other side of the room.

No difference.

Should be easy enough to do. Think how your satnav does it.

And he can disconnect the mic inside the box and just have it as a speaker.

That is only required if you have another person in the house who doesn't want to listen to your music. Otherwise just leave them all on.

I don't scurry. Phonecalls are not urgent to the degree of seconds. I go to the phone, then call them back or ignore it if they didn't wait long enough. I also don't want phonecalls if I'm not in the living room.

I just walk towards the door and look on the camera near it. Most people I do want to answer the door to, since I have a no salesman notice up. Only Irish ignore it, and I like yelling abuse at them.

So you created a nag transmission system?

Reply to
Commander Kinsey

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.