I don't get the fear mongering. It seems infinitely more likely my computer is compromised than some single purpose device that doesn't load code from third party developers or visit random web pages.
If we're expecting that Apple/Google/Amazon/Microsoft are the people attacking us then they have easier ways. If we expect it's outsiders then how do they even get to my Alexa?
I agree with you. This hack requires physical access and is fairly complicated. It's probably much easier to walk into someone's house and drop a tiny wireless microphone somewhere hidden.
They raise the issue of having Alexa devices in semi-private places like hotel rooms[0].
I think people have an expectation of privacy in a hotel room. And I assume major hotels have security measures in place to catch consumer-level eavesdropping devices.
Rooting an Alexa device in this manner seems like something that could easily be done by a prankster requiring no specialized equipment.
Has anyone stayed in Wynn hotel in Vegas? Are the alexa devices just out in the open or built into the room somehow that might easily show tampering? Or, maybe they have only the latest version with the debug pads disabled?
If we're expecting that Apple/Google/Amazon/Microsoft are the people attacking us then they have easier ways. If we expect it's outsiders then how do they even get to my Alexa?