PC Probe: Alexa, what are you hear­ing that I can’t?

Ste­wart Mitchell re­veals how your de­vices’ mi­cro­phones are lis­ten­ing out for more than your just your voice com­mands

PC Pro - - News -

We re­veal how your de­vices’ mi­cro­phones are lis­ten­ing for more than just voice com­mands.

From Ama­zon Echo and Google Home to Siri and Cor­tana, tech­nol­ogy is in­creas­ingly lis­ten­ing to what we say. And as with any new tech­nol­ogy, peo­ple are find­ing ways to ex­ploit it for ques­tion­able pur­poses – for ex­am­ple, when Burger King tricked Google Home into play­ing an ad­vert for its Whop­pers.

That Google could be duped so eas­ily is a sur­prise, but the threat was min­i­mal. How­ever, se­cu­rity re­searchers have dis­cov­ered far more sin­is­ter means of us­ing open mi­cro­phones to snoop on con­sumers.

Ac­cord­ing to re­searchers from the Tech­nis­che Univer­sität Braun­schweig in Ger­many, more than 230 apps on Google Play use lis­ten­ing tech­nol­ogy that re­sponds to near-ul­tra­sonic sig­nals broad­cast from a va­ri­ety of sources. Bea­cons can be placed in off­line me­dia con­tent, such as TV or ra­dio ads, to let apps know what a mo­bile user is watch­ing, or in shops to pin­point their lo­ca­tion with­out hav­ing to seek per­mis­sion to use GPS.

The tech­nol­ogy orig­i­nally drew crit­i­cism in 2015, when de­vel­oper Sil­verPush pub­li­cised an SDK for au­dio bea­cons that were gen­er­ally out­side the range of hu­man hear­ing. Yet, de­spite crit­i­cism from the au­thor­i­ties, the ul­tra­sonic bea­cons ap­pear to by spread­ing.

Sil­verPush has said it no longer uses the tech­nol­ogy, but oth­ers have taken its place. Five of the apps iden­ti­fied by the Ger­man re­searchers have been down­loaded be­tween 2.25 mil­lion and 11.1 mil­lion times apiece, and although the study only in­ves­ti­gated An­droid de­vices, the team said sim­i­lar tac­tics could the­o­ret­i­cally also ap­ply to iOS hard­ware too.

None of those apps dis­closed their abil­ity to lis­ten for bea­cons and the tech­nol­ogy is ex­pected to be rolled out fur­ther as com­mer­cial ap­pli­ca­tions de­velop. “Re­cently, sev­eral com­pa­nies have started to ex­plore new ways to track user habits and ac­tiv­i­ties with ul­tra­sonic bea­cons,” Er­win Quir­ing, lead re­searcher on the re­port Pri­vacy Threats through Ul­tra­sonic Side Chan­nels on Mo­bile

De­vices, told PC Pro. “They em­bed th­ese bea­cons in the ul­tra­sonic fre­quency range be­tween 18kHz and 20kHz of au­dio con­tent and de­tect them with reg­u­lar mo­bile ap­pli­ca­tions us­ing the de­vice’s mi­cro­phone. This side chan­nel of­fers var­i­ous pos­si­bil­i­ties for track­ing.”

Pri­vacy and per­mis­sion

Google says it re­moves apps that don’t abide by its pri­vacy pol­icy, but the fear is that com­pa­nies could cre­ate eaves­drop­ping apps sim­ply by seek­ing per­mis­sion to use the mi­cro­phone dur­ing in­stal­la­tion. Once per­mis­sion has been granted, it’s al­most im­pos­si­ble to tell if the mi­cro­phone is lis­ten­ing for prompts.

“They’ve been de­signed to be am­bi­ent, or in the back­ground, and this makes it harder for peo­ple to know that they are often con­tin­u­ously record­ing,” said Michelle De Mooy, di­rec­tor of the Pri­vacy and Data Project at the Cen­ter for Democ­racy and Tech­nol­ogy. “We might un­der­stand why au­dio bea­cons ex­ist or how they pro­vide func­tion­al­ity for some prod­ucts and ser­vices, but that un­der­stand­ing is not the same thing as con­sent. Data col­lec­tion is opaque by de­sign, and au­dio bea­cons can be par­tic­u­larly stealthy and silent.”

Fol­low­ing an ini­tial back­lash, De Mooy said some com­pa­nies had tried to make it clearer how cus­tomer con­ver­sa­tions may be recorded

or used, and have of­fered en­hanced pri­vacy set­tings, “but there are al­ways one or two com­pa­nies that cross pri­vacy bound­aries… and per­pet­u­ate an at­mos­phere of mis­trust.”

That’s not to say ev­ery­one em­ploy­ing the tech­nol­ogy is do­ing so ne­far­i­ously. “Le­git­i­mate au­dio bea­con apps are in­creas­ingly used by com­pa­nies that declare their pres­ence and ca­pa­bil­i­ties within the sign-up process,” said Quir­ing.

“The mo­bile ap­pli­ca­tion Shop­kick pro­vides re­wards to users if they walk into stores that col­lab­o­rate with Shop­kick. In con­trast to GPS, loud­speak­ers at the en­trance emit an au­dio bea­con that lets Shop­kick pre­cisely de­ter­mine whether some­one is in the shop or not.”

Eth­i­cal dilemma

The bea­cons first grabbed head­lines when it was re­vealed they could be hid­den in tele­vi­sion or ra­dio con­tent – such as ad­verts – alert­ing com­pa­nies to which users watched cer­tain pro­grammes. For the first time, the com­pa­nies could get a pic­ture of which shows were be­ing watched by in­di­vid­ual view­ers – with or with­out their per­mis­sion.

“Where tra­di­tional broad­cast­ing via ter­res­trial, satel­lite or ca­ble sig­nals pre­vi­ously provided anonymity to a re­cip­i­ent, lo­cal me­dia se­lec­tion be­comes ob­serv­able,” the re­searchers said. “Some­one us­ing bea­cons can pre­cisely link watch­ing even sen­si­tive con­tent such as adult movies to a sin­gle in­di­vid­ual – even at vary­ing lo­ca­tions.”

The ul­tra­sonic sig­nals also en­able app de­vel­op­ers to work out which de­vices be­long to the same in­di­vid­ual. If two de­vices reg­u­larly reg­is­ter the same bea­cons, the app owner would know that the hand­sets likely be­long to the same per­son. “Bea­cons could be used to link to­gether pri­vate and busi­ness de­vices of a user, if they re­ceive the same ul­tra­sonic sig­nal, thereby pro­vid­ing a po­ten­tial in­fec­tion vec­tor for tar­geted at­tacks,” said Quir­ing.

The Ger­man re­searchers high­lighted that bea­cons also en­able an ad­ver­sary to track user move­ment in­doors with­out re­quir­ing GPS, re­veal­ing where and when an in­di­vid­ual goes into a store or ho­tel, for ex­am­ple, while any­one with ac­cess to the data can learn when peo­ple are meet­ing or are in close prox­im­ity to one an­other.

Com­pa­nies could get a pic­ture of which shows were be­ing watched by in­di­vid­ual view­ers – with or with­out per­mis­sion

Se­cu­rity ser­vices

Given the ca­pa­bil­i­ties of se­cu­rity ser­vices, there are also con­cerns that in­audi­ble sound waves could prove use­ful for snoop­ing on or iden­ti­fy­ing mem­bers of the pub­lic, par­tic­u­larly against those us­ing VPNs or Tor to re­main anony­mous.

“One of the at­tacks we iden­ti­fied af­fects anony­mous com­mu­ni­ca­tion sys­tems,” said Vasil­ios Mavroudis, doc­toral re­searcher in the In­for­ma­tion Se­cu­rity Group at the Univer­sity Col­lege Lon­don. “Imag­ine a user uses Tor on their home com­puter to browse the web anony­mously and has left their mo­bile phone nearby, and the phone fea­tures an app pe­ri­od­i­cally lis­ten­ing for ul­tra­sound bea­cons for track­ing. If one of the web­sites has been com­pro­mised and emits ul­tra­sound sig­nals, that unique ul­tra­sound bea­con is picked up by the app in the phone, which re­ports it back to the track­ing com­pany.”

With this data, se­cu­rity of­fi­cials could ask for a war­rant de­mand­ing the track­ing com­pany pro­vides de­tails of the users re­port­ing the spe­cific bea­con ID, Mavroudis says.

Ac­cord­ing to Mavroudis, who has cre­ated a Chrome ex­ten­sion (Sil­verDog) that blocks in­audi­ble data, au­dio tech­nol­ogy could also move be­yond an­nounc­ing “I’m here” and carry po­ten­tially dan­ger­ous data streams that would evade con­ven­tional se­cu­rity soft­ware. “At first, it was sim­ply a unique iden­ti­fier cor­re­spond­ing to the con­tent or the lo­ca­tion where the bea­con was emit­ted from,” he said. “How­ever, the ecosys­tem is fast evolv­ing and full com­mu­ni­ca­tion stacks will be soon made avail­able.”

BE­LOW Even the short record­ings made af­ter Alexa com­mands could con­tain snip­pets of con­ver­sa­tions and back­ground au­dio

ABOVE Com­pa­nies cre­ate apps that eaves­drop by gain­ing per­mis­sion to use the phone’s mi­cro­phone

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.