... l it is fairly easy to defeat it with a low-pass filter on the microphone ...
You can certainly try to defend against it, but you can't fully protect yourself against an attack of this type. The fourier-aliasing attack aside, any sufficiently loud noise will generate harmonics and sub-harmonics if the microphone has an even slightly non-linear response somewhere within the signal's spectrum. You can do it with the ultrasound as in this report; you can do it with infrasound, or you can do it with a sharp whistle. The ultrasound case is dead easy, as you are relying on the lowest-order non-linearity, and use your microphone to generate a difference frequency of two high-frequency signals. The last two are harder to control to produce the desired output signal, since you are relying on higher-order non-linearities - but still easy enough if you have access to the same hardware the target has.
Depending on where they are placed, low-pass and band-pass filters may defend against the attack (if they are placed before the non-linear element), or they can facilitate it: if the filter is placed after the non-linear element, it will cut the abnormally-strong signal at the unexpected frequency, so that you'll never know anything was wrong in the first place. The already-generated harmonics will just pass through ...
The only sure-fire defence is to completely cut the output if the input at any frequency (measured as early as possible in the device) exceeds the design limits. Naturally, this defence immediately becomes a denial-of-service vulnerability, and so it goes.
Biting the hand that feeds IT
