Saturday, 6 May 2017

Many Apps Using Ultrasonic Signals to Silently Track Android Users

By lokesh 10:52 2 comments
ultrasonic-tracking-signals-smartphone-apps
Thnx To THN
Your smartphone may have some apps that are continuously listening inaudible, high-frequency ultrasonic sounds from your surroundings and they know where you go, what you like and dislike — all without your knowledge.

Ultrasonic Cross-Device Tracking is a new technology that some marketers and advertising companies are currently using to track users across multiple devices and have access to more information than ever before for ad targeting.

For example, retail stores you visit, a commercial on TV or an advertisement on a web page can emit a unique "ultrasonic audio beacon" that can be picked up by your device’s mobile application containing a receiver.

This information helps advertisers to create your personalized profile and collect your interests by figuring out that both devices probably belongs to you, allowing them to target you with interest-based advertisements.

More & More Apps Have Started Using Ultrasonic Tracking Technology


In fact, while presenting research last week at the IEEE European Symposium on Security and Privacy, security researchers said they discovered 234 Android applications that ask permission to access your smartphone’s microphone to incorporate a particular type ultrasonic beacon to track consumers.
Moreover, the researchers found that 4 of the 35 retail stores they visited in Germany have ultrasonic beacons installed at the entrance.

According to investigators, SilverPush, Lisnr, and Shopkick are three SDKs that use ultrasonic beacons to send messages to the mobile device. While SilverPush allows developers to track users across multiple devices, Lisnr and Shopkick perform location tracking.

The researchers analyzed millions of Android apps and discovered few that were using the Shopkick and Lisnr SDKs, but there were much more that were using the SilverPush SDK.

Serious Privacy Concerns

ultrasonic-tracking-signals
Although cross-device user tracking technologies are currently being used for the legitimate purposes, it has already raised some serious privacy concerns.

Since an app requires no mobile data nor Wi-Fi connection, but only microphone access to listen to beacons, tracking works even when you have disconnected your phone from the Internet.

In fact, a team of researchers last year demonstrated that how ultrasonic sounds emitted by ads on a web page accessed through Tor can be used to deanonymize Tor users by making nearby phones or computers send identification information, such as location and IP, back to advertisers.
"The case of SilverPush emphasizes that the step between spying and legitimately tracking is rather small. SilverPush and Lisnr share essential similarities in their communication protocol and signal processing. While the user is aware of Lisnr location tracking, SilverPush does not reveal the application names with the tracking functionality," research paper reads.
In 2014, Snowden revelations disclosed that how spying agencies were tracking of This incident could also be another great example, showcasing how intelligence agency could use this ultrasonic cross-device tracking technology to track your movements across the country.


How can You Protect Yourself?


Since you can not stop ultrasonic beacons from emitting sound frequencies around you, the best way to reduce the chance of your smartphone listening for beacons and feed data to a third party is to simply restrict unnecessary permissions you have granted to the apps installed on your device.

In other words, use your common sense.

For example, Skype wants microphone access? Fair enough, as it is necessary for Skype to work as intended. But what about if an app for beauty or clothing store wants microphone access? No way.

To revoke such unnecessary app permissions, some Android phone manufacturers, like One Plus provide a feature called Privacy Guard that allowed its users to block unnecessary app permissions of certain apps on a smartphone that do not have anything to do with the primary function of the apps.

Navigate to Settings → Personal → Privacy → Privacy Guard. Now select any from the list of apps and edit unnecessary permissions you have granted it.

A similar feature has been included in Android 7. Navigate to Settings → Apps → App Permissions. Now edit the privileges you’ve granted each app.

For iOS 10 users: Go to Settings → Privacy → Microphone to see which apps have requested access to it, and which apps you have granted it to.

If You Enjoyed This, Take 5 Seconds To Share It

2 comments:

  1. jason blake16 November 2019 at 06:11

    You guys have surpassed my expectations! James is seriously amazing and is doing everything to help my Fiancé and me, in1weeks my credit score went up 700 points and I can only imagine what is to come. Thank you for the excellent customer service and doing exactly what you all have set out to do! NO GIMMICKS OR BS with you guys.They carry out any kind of hacks You can reachout to them via Hackintechnology@gmail.com

    ReplyDelete
  2. jamie30 November 2019 at 06:37

    They are all scammers, they will make you pay after which they will give you an excuse asking you to pay more money, they have ripped me of $2000, i promised i was going to expose them. I figured it all out when my colleague took me to Pavel (HACKINTECHNOLOGY@GMAIL.COM) +1 669 225 2253 He did perfect job, he hacks all accounts ranging from (Emails, Facebook, whatsapp, imo, skype, instagram, Phone cloning, DMV removal, tracking locations, background checks Kik etc. he also hacks cell phones, cell phone tapping and cloning, clears bad driving and criminal records, bank transfers, locates missing individuals e.t.c. You should contact him and please stop using contacts you see on websites to execute jobs for you, you can ask around to find a real hacker.

    ReplyDelete