This ‘Smart’ HomePod Feature Is Actually a Massive Security Risk

Apple’s highly anticipated smart speaker, HomePod, is finally available to purchase. But while it’s received mostly positive reviews so far, some tech pundits have highlighted a serious security flaw that you should know about if you’re thinking of buying the speaker.

In its review, The Verge pointed out that one of the HomePod’s main “smart” features is actually plagued with a serious security vulnerability.

According to Nilay Patel, the ‘Personal Requests’ feature – which accesses user information to read out text messages, set reminders, create lists and other functionalities – isn’t as safe as it should be.

He found that Apple hasn’t implemented personal voice recognition, meaning anyone using the same Wi-Fi network can access your messages and contact people saved in your contacts list.

It’s a scary thought really, and Patel expressed this in his review. “And, in the worst omission, Siri on the HomePod doesn’t recognize different voices,” he said. “This doesn’t sound like a big deal, but if you just click yes during all the setup prompts, literally anyone can ask the HomePod to send or read your text messages.”

Patel explained that people nearby can also trick  the feature. “I tried it with the HomePod behind a closed door and it picked up my voice and it happily read my texts aloud, a nightmare for anyone who lives in a dorm,” he warned.

Amazon’s Echo and Google’s Home both trump the Homepod when it comes to security. They can recognise different voices, so it may be worth deactivating the feature until Apple issues a bug fix.