from the always-listening-to-our-customers dept.
Synchronizing email, texts, calendar, bookmarks, contacts, notes, git? Done.
Synchronizing what ads you heard when you had your phone in your pocket, and you tablet on the train, and you computer on your desk? Also done.
ArsTechnica (UK) has an article about synchronizing consumer and friend's device use without consumer involvement.
The ultrasonic pitches are embedded into TV commercials or are played when a user encounters an ad displayed in a computer browser. While the sound can't be heard by the human ear, nearby tablets and smartphones can detect it. When they do, browser cookies can now pair a single user to multiple devices and keep track of what TV commercials the person sees, how long the person watches the ads, and whether the person acts on the ads by doing a Web search or buying a product.
Cross-device tracking raises important privacy concerns, the Center for Democracy and Technology wrote in recently filed comments to the Federal Trade Commission. The FTC has scheduled a workshop on Monday to discuss the technology. Often, people use as many as five connected devices throughout a given day—a phone, computer, tablet, wearable health device, and an RFID-enabled access fob. Until now, there hasn't been an easy way to track activity on one and tie it to another.
"As a person goes about her business, her activity on each device generates different data streams about her preferences and behavior that are siloed in these devices and services that mediate them," CDT officials wrote. "Cross-device tracking allows marketers to combine these streams by linking them to the same individual, enhancing the granularity of what they know about that person."
According to TechCrunch, Silverpush says it "isn't receiving any actual audio data" from some 18 million smartphones.
(Score: 1) by Flyingmoose on Saturday November 14 2015, @11:25PM
I can hear high frequencies up to what that kind of speaker can produce. If I start hearing squealing from a device, I'll never visit that website again.
(Score: 4, Informative) by Ethanol-fueled on Saturday November 14 2015, @11:38PM
Sharp equalizer rolloff below 20 Hz and above 20 KHz. Doable with software and hardware(in the case of using a TV without a graphic EQ with its built-in speakers, use the audio output and set up low and high pass filters appropriately. If using just a PC it could easily be done with software. You could also set a noise gate with a certain frequency as a trigger to be sure that no barely-audible pulses are sent during periods of so-called "silence."
It is, after all, only a TV show or website you're visiting -- hardly the domains of the audiophile. You and your family can afford to lose a little low and high end for casual entertainment, and the noise gate may actually improve the experience.
If you know what you're doing you can perform spectral analysis and see for yourself what the bastards are up to.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @06:49AM
That shit is used as a sonic weapon [wisegeek.com] in places. (Including my local mall)
A well-designed digital audio circuit will have sharp roll-off above 20kHz anyway. Otherwise you can get aliasing that causes noise in the audible range (due to niquist's theorem (sample rate must be at least double the highest frequency component of the signal)). Note: I am fudging a bit here since the audio output is often analog (sampling is where you get aliasing).
Of course, with the introduction of Blus-ray and AACS, 192kHz sample-rate is now a thing. This allows altrasonics up to 96kHz. I suspect HDCP may use ultrsonic noise for traitor tracing (to facilitate device revocation), but have not investigated the issue as thoroughly as I would like.
So called "HD audio" devices can not have a roll-off at 20kHz on the off chance somebody want to encoced an FM stero broadcast into each audio channel. (I exaggerate by 4kHz)
(Score: 4, Insightful) by anubi on Saturday November 14 2015, @11:27PM
I keep hearing all these reports of these companies designing all sorts of ingenious ways of snooping on me.
Its bad enough ( but unintrusive enough ) for them to partner with charge card companies to see when I put my money where my mouth is.
However, I find it very annoying not only to have my own stuff "hacked" for their purposes, but to have the costs of said "hacking" folded into the cost of whatever it was I was going to buy.
The fact they are hacking into my stuff at all to me is the same as my buying a locksmith kit and snooping into someone else's house.... even if I did not take a thing.
Do you think the Judge will let me off because I didn't take anything? Actually, I think my doing such a thing is a damned good reason for getting shot!
If I am ever on a Jury case on this, I will back anyone shooting a prowler in his house or defending his property.
If I got caught reprogramming some businesses' stuff behind their back, even if I printed tiny light grey text on the back of my light blue payment check to the effect they gave permission for me to do so, I would probably face jail time. And for damned good reason.
Two sets of law seem to apply... one for business class, and the other for peons that have to take whatever the business class prints up and often hides in mounds of tinyprint business drivel. Their drivel applies, but mine does not.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 5, Informative) by frojack on Sunday November 15 2015, @04:57AM
However, I find it very annoying not only to have my own stuff "hacked" for their purposes
Before you get all incensed, lets first ascertain if this is true.
After all, you have to hack two systems:
1) you have to get a constant listener onto a a significant percentage of phones in your target ares. You would have to induce a lot of people to download a common app, and launch that app while watching TV.
Then you have to make sure the sound broadcast is not at audio frequencies above the capabilities of the microphone and the cell phone's circuitry.
2) second, you have to embed this sound in advertising, and the PAY BIG money to air those ads. BUT: You have to somehow get this sound into an advertisement for broadcast over a network that you can not be sure carries sounds of that high frequency. I don't know if that is possible. The sound channel on NTSC is crammed into 25mhz FM, which is exactly 1/3 of the bandwidth of FM radio. (Into that 25mhz they have to allow for stereo, and or maybe up to 5 different languages).
However, when TV went digital sound went to AAC. (128 kbit/s, or 320 kbit/s ) So it MIGHT be possible for the broadcast to actually carry the high pitched sound.
But can the TV speakers and sound system realistically reproduce sound of that frequency?
The story suggest this as a possible mode of surveying devices. But somehow this gets assumed into existence.
In actuality the article says:
The user is unaware of the audio beacon, but if a smart device has an app on it that uses the SilverPush software development kit,
That's a big IF?
The article says several companies are WORKING on this. Nobody has deployed it. Certainly not into a regulated broadcast environment.
So maybe calm down. Write the FCC or your congressman or something.
No, you are mistaken. I've always had this sig.
(Score: 3, Interesting) by Hyperturtle on Sunday November 15 2015, @04:01PM
That big if you mention is only how the user knows its happening. You need to install the developer app to have any idea this is going on.
If you do not install the developer app, there is No Indication that this is happening.
And I thought there was already established precedent. The only convenient example I have that everyone can look up would be the new Google router. $200 for device that requires you to install an app to configure what few settings it lets you touch.
Google intends to do the same things via communication with sound, via with their IoT stuff called weave/thread. Even their onhub thing has a microphone and speaker. Not many routers that just route need something like that.
The ars technica article misses a lot of the point; that really loud initial setup sound it makes is just a first impression thing. Google is not known to loudly collect data and draw your attention to that fact.
Nor is this Vizio application -- they're using existing protocols, they didn't make it up. Their app is just their special way of doing it. Anyway, anyone that wants to remote control their TV or program it to record or whatever is going to install the app on something.
There will be no indication to the user, aside from specifically targeted ads, that anything is happening that would be tracking them.
Unless they install the developer version of the application for the TV/ad delivery program.
Note this isn't just related to ads. the entire IoT ecosystem can depend on this, and you wouldn't want updates each time a status message is logged.
This is treated the same way, and people are being treated like they are just there to be manipulated as part of the IoT.
This is becoming an issue like how paid toliets were a thing, once upon a time. Free Market, they called it. People rebelled to put an end to pay toliets -- I wish we'd all rebel to put an end to this sort of tracking, being built into everything we own, and even costing us extra when the data charges and electricity used is added up by our spending, not the spending of those reaping the profits of how we were monetized.
(Score: 3, Insightful) by frojack on Saturday November 14 2015, @11:32PM
Unless you are running an app, what exactly on the phone would be listening for these sounds?
No, you are mistaken. I've always had this sig.
(Score: 2, Interesting) by Anonymous Coward on Sunday November 15 2015, @02:07AM
An Android phone I have here came with a service called Google Services Framework which has permission to "record sounds" (among many other permissions).
(Score: 2) by frojack on Sunday November 15 2015, @04:05AM
Yes, when you say "ok Google" when searching. But you have to ASK the google search app to start recording, you have to launch it. It doesn't record all the time.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @06:46AM
So it's not listening until you say "OK Google" right? There's nothing being recorded and nothing being processed...?
You dimwit!
(Score: 2) by frojack on Sunday November 15 2015, @07:10AM
Try reading. It improve the mind.
You have to physically launch the app first. It doesn't listen all the time.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @07:33AM
most apps come with adware (even paid apps... ikr)
if someone wants to install a game (say) they must accept certain permissions for the app
most people don't even read these permissions, let alone understand what they mean
even if they see some permission they don't like, they have two options:
1. refuse to install the app and feel like a freedom warrior for about 5 minutes, until they realize they just want the game and privacy be damned
2. just install the game (this is of course the most common choice)
there are also shitloads of google things that come preinstalled on android phones, and well you know... google makes a lot of money from advertising
there are also many things always running in the background on most phones (most people also have nfi what they are)
many people also leave internet connectivity enabled
what this is leading to is the shopping mall scene from minority report, except that no biometrics will be required
someone will walk into a shopping mall, various shops will be emanating ultrasonic signals at specific frequencies, which the shopper's phone will pick up on, and send some sort of message to the shop's webserver, and low and behold advertising panels around you start displaying ads tailored to your tastes
its a very simple concept, but is still creepy af
worst of all, nobody will be able to stop it unless they disconnect their phone's internet, which means no more facebook notifications... yeah not gunna happen
(Score: 3, Interesting) by K_benzoate on Saturday November 14 2015, @11:38PM
At least in iOS (I've never used Android so I don't know how granular their permission system is) you have to give specific apps access to your microphone, and when the phone is muted it's impossible for a 3rd party app to override that and produce sound. I am in the habit of zealously overlooking my permissions list and revoking any that seem unnecessary or haven't been used in a while. There's no legitimate reason for most apps to use the camera/mic/speakers, so my default orientation is to deny all requests and only selectively give back access when *I* need some functionality.
This system of subsonic sounds for tracking is repugnant to me on many levels but the only one that really matters from an ethics point of view is lack of consent, implied or otherwise. Even if you could bamboozle someone into mindlessly clicking "accept" when permission is asked, you haven't gotten INFORMED consent, so you're still in the wrong. If this is being forced on people without their knowledge entirely (which seems to be the case), it's a violation of their rights and a misappropriation of their property (computing resources, bandwidth). That seems like a legally actionable offense.
Climate change is real and primarily caused by human activity.
(Score: 2) by Wootery on Saturday November 14 2015, @11:45PM
The permissions requirement is the big issue here. It's not as if this technique can be used between browsers. (If W3C ever come up with a way to do microphone-to-the-browser, I imagine it'll be opt-in with the browser asking the user whether to allow it.)
If you've got a naughty app with lots of permissions, you're already screwed. Location-tracking can already be done, after all.
(Score: 2) by tangomargarine on Sunday November 15 2015, @12:02AM
I'd be interested to hear what fraction of consumers actually WANT targeted advertising up the ass everywhere. People who actually buy things from ads? *Somebody* must be doing so.
I don't want Google to massage my search results if I'm logged in/in some geographic location/on a different device. I want the same results as everyone else, all the time.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2, Informative) by anubi on Sunday November 15 2015, @12:11AM
While I generally prefer targeted advertising ( I subscribe to trade magazines a lot for the ads! - I wanna know who is making what. ), sometimes target advertising has unintended side effects.
Especially when social taboos are concerned.
The last thing I want showing up on Google searches at work is some sex toys I looked at the night before.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by Gravis on Sunday November 15 2015, @02:00AM
first off, speakers can't emit anything ultrasonic and mics dont pick up anything ultrasonic. second off, even if they could, their range would be absurdly limited, like a foot max.
the only thing that happened here was some group of jackasses filed comments with the FTC. what i don't understand is how this bullshit got accepted.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @02:25AM
When I was a child, only obvious nutters said that television was listening to us .
The intended audience fr this ultrasonics technique, I assume, is those who don't have the chops to put their sets on the Internet and couldn't be bothered to hire someone for the task. I doubt that advertisers want to reach those who air-gapped their TV sets for security or privacy reasons. It might be hindered by removing the microphone from the TV set, but not necessarily: a TV set could just repeatedly transmit its usage data regardless of whether it gets a query.
There was an earlier story about smart TVs: /article.pl?sid=15/11/10/1914254 [soylentnews.org]
(Score: 4, Interesting) by captain normal on Sunday November 15 2015, @02:55AM
Ok, I can see syncing with printers, scanners etc. What if I don't want is my phone syncing with my email accounts, or my laptops or my desktop? I recently purchased an android phone. Soon found that my gmail accounts were synced to the phone. Took me near 1/2 a day to block that shit. I just want to be able to access my email on a phone via a discrete browser. Not be open to anyone at google or any other big biz corp. Honestly, I worry less about NSA and Homeland Security having access to my stuff than the likes of the big Telcos, financial corps and the likes of Google, Microsoft and Apple being able to use my stuff for their benefit. Especially without paying me for it.
"It is easier to fool someone than it is to convince them that they have been fooled" Mark Twain
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @06:42AM
Create a single account for your phone. When you get a new device create a new account.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @02:14PM
I just disabled everything Google related. (and side-loaded F-droid so that I could get a functional browser without "agreeing" to the EULA.)
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @07:06PM
If you are that concerned about Google then you should run a custom ROM without Google's services loaded.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @09:53PM
I'm running CyanogenMod but I really don't feel any safer, especially now that they've cozied up with Microsoft.
(Score: 0) by Anonymous Coward on Wednesday November 18 2015, @01:50PM
Isn’t this like RDS on FM analog radio?