MWR Labs has been able to demonstrate a hack on older Amazon Echo speakers that turns the device into an always-on spy sitting right in your home. Detractors of the way Amazon crafted it's speakers to always listen for your voice will use this as an "I told you so" moment.
In addition to potential access to what is being said inside your home, the attack can also allow the hacker to steal customer authentication tokens and have persistent remote access to the device. MWR Labs says that the hack is made possible by two design choices Amazon made with the hardware of the Echo speaker including exposed debug pads the Echo base and hardware configuration settings allow booting from SD cards.
The hack allowing the Echo to be turned into a "wiretap" inside your home built on previous work where researchers figured out how to boot into a generic Linux environment from an external SD card. That external SD card image is available on github along with details on the debug pins. MWR Labs says that once you remove the rubber base of the Echo you will find 18 debug pads and details on what each of those pads do are available online.
Once the researchers connected to the exposed pads, they were able to watch the device boot and glean details on its configuration. The team does note that during the boot sequence, said sequence cannot be interrupted and no shell or login prompt is offered. The team says that the MCU inside the Echo speaker is a TI product and before it boots from the internal eMMC unit it always tries to boot from an SD card connected to the exposed debug pads.
Once rooted, the team was able to interact with audio buffers and coax the Echo speaker into streaming the audio heard via TCP/IP to a remote service. The team was able to sample the data and save it as a wav file or play it out of the speakers of the remote device. The hack didn't affect normal functionality of the Echo. The team says that the vulnerability has been confirmed on 2015 and 2016 Echo speakers, but the 2017 version isn't vulnerable to the attack.