Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday November 05 2016, @12:09PM   Printer-friendly
from the dogs-rejoice dept.

Dystopian corporate surveillance threats today come at us from all directions. Companies offer "always-on" devices that listen for our voice commands, and marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we'll actually click. Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly science fictional way: with audio signals your phone can hear, but you can't. And though you probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protect yourself.

The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in advertisements, web pages, and even physical locations like retail stores. These ultrasound "beacons" emit their audio sequences with speakers, and almost any device microphone—like those accessed by an app on a smartphone or tablet—can detect the signal and start to put together a picture of what ads you've seen, what sites you've perused, and even where you've been. Now that you're sufficiently concerned, the good news is that at the Black Hat Europe security conference on Thursday, a group based at University of California, Santa Barbara will present an Android patch and a Chrome extension that give consumers more control over the transmission and receipt of ultrasonic pitches on their devices.

In Saks, no one can hear you(r phone) scream.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by pkrasimirov on Saturday November 05 2016, @12:37PM

    by pkrasimirov (3358) Subscriber Badge on Saturday November 05 2016, @12:37PM (#422813)

    Am I supposed to have some shitty app running all the time on my mobile? How can it record these sounds AND report to the mothership?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Informative) by bradley13 on Saturday November 05 2016, @12:43PM

    by bradley13 (3053) on Saturday November 05 2016, @12:43PM (#422815) Homepage Journal

    Any app that has permission to listen to your microphone would be able to collect this data.

    - Facebook comes immediately to mind - they sell out their users all the time, why not do so again?

    - The various Google apps running on your phone could also track this data.

    - Any random stupid game might, in addition to displaying adverts, also collect and sell this data.

    tl;dr: No new app needed, there are already plenty of wide-open doors.

    --
    Everyone is somebody else's weirdo.
    • (Score: 2) by driven on Saturday November 05 2016, @01:39PM

      by driven (6295) on Saturday November 05 2016, @01:39PM (#422823)

      What's an appropriate way to stop this, I wonder? One thought is Android could report on the amount of time an app used the microphone for. Sort by microphone usage highest->lowest, let the user decide what is legit usage, uninstall the app/revoke permission if necessary.

      • (Score: 0) by Anonymous Coward on Sunday November 06 2016, @02:10AM

        by Anonymous Coward on Sunday November 06 2016, @02:10AM (#422982)

        What's an appropriate way to stop this, I wonder?

        Enlist the services of a dog, or a teenager?

    • (Score: 2) by stormwyrm on Saturday November 05 2016, @01:42PM

      by stormwyrm (717) on Saturday November 05 2016, @01:42PM (#422825) Journal
      An app that was doing this all the time would cause massive battery drain. That of course doesn't remove Facebook's app from scrutiny, which I refuse to install on any of my devices for this among other reasons. It is a notorious battery hog. The various Google apps are almost as suspect: removing Google Play Services for instance has reportedly quadrupled the battery life of devices, though naturally that results in few other apps from the Play Store remaining functional. The non-removable bloatware apps that phone OEMs like Samsung include on their devices, I'd be wary of those too.
      --
      Numquam ponenda est pluralitas sine necessitate.
      • (Score: 1, Informative) by Anonymous Coward on Saturday November 05 2016, @02:45PM

        by Anonymous Coward on Saturday November 05 2016, @02:45PM (#422847)

        > An app that was doing this all the time would cause massive battery drain.

        Don't count on it. How do you think modern phones are able to constantly listen for commands as in "hey siri" and "ok google?"
        They have dedicated low-power chips for microphone data processing.

  • (Score: 4, Insightful) by BsAtHome on Saturday November 05 2016, @01:43PM

    by BsAtHome (889) on Saturday November 05 2016, @01:43PM (#422827)

    Most apps request (require) more access than they actually need to perform their primary and secondary functions.

    Many apps implement a lot of stuff that has nothing to with the application as such. This is either down to lazy programmers who didn't put limits on (optimistic view), or by design to sneak in all things that the user does not want but must get to milk the user for every last bit of information (pessimistic view).

    Please be reminded of the fact that Google, the Android pusher, is an advertisement company.

    You yourself decide which category you, your device and its software falls into and how to act accordingly. Define which is the product... your phone, the app, or you.

    • (Score: 3, Interesting) by Sarasani on Saturday November 05 2016, @03:50PM

      by Sarasani (3283) on Saturday November 05 2016, @03:50PM (#422863)

      I once asked the developers of a popular open source Android based email client why their application requested something to the tune of 45 permissions when all the application was supposed to do is [1] access network [2] fetch/send email and [3] access the contacts list. The developers' response made a bit of sense ("we need it for these rather exotic/obscure functions, and also for future capabilities, but hey, at least you can look into the code -- it's open source!"). That was enough information for me to make up my mind: never installed the application and stacked it neatly on top of the "forget-about-it" pile. I guess I just didn't fit their "what-are-permissions" user profile.