back to article Apps that 'listen in' to your mobile get slapped by US watchdog

The US Federal Trade Commission (FTC) has fired off letters to a dozen mobile app developers, warning that their software could be in violation of federal privacy laws. The watchdog said it has spotted a number of applications on the Google Play market that contain SilverPush code, a controversial software library that …

Silver badge

Siri and Cortana

Who knows what Siri and Cortana are doing in the background. Apple and MS may want exclusive rights to this kind of monitoring.

18
4
Silver badge

Re: Siri and Cortana

I think you'll find Google not Apple is the king of spying on stuff like what web pages you visit, and are probably hoping to get Android built into smart TVs so it can upload information about what programs you are watching to home base to add to the huge database of personal information they've already collected on you.

15
2
Silver badge
Holmes

Re: Siri and Cortana

"the FTC said that anyone who plans to make use of the code and covert ultrasonic signals in America will only be able to do so legally by obtaining consent."

Screw consent. It is called wiretapping and should be punishable by imprisonment.

21
0
Anonymous Coward

Re: Siri and Cortana

Don't forget Amazon's Echo. Imbecile's pay to let Amazon bug their house.

12
4
Devil

Re: Siri and Cortana

Probably true - after all, Apple doesn't let you wander out of its own little walled garden, so it already knows what you're going to visit i.e. what it lets you.

4
7
Silver badge

Just checked

that's its not April 1st.

Another reason to block EVERY add irrespective of whether it tries to snoop on my surfing habits.

Cheeky ad slinging bastards just made a rod for their backs...

33
2
Silver badge

Re: Just checked

that's its not April 1st.

It's always April 1st somewhere.

1
0
Black Helicopters

What Frequency is used?

Many codecs sample at 44.1 KHz or lower (especially web based ads). Given Nyquist's (or Nyquist-Shannon as it's now know) theorem (max theoretically reproducible signal is half the sample rate), how does the ultrasonic signal get reproduced?

Also, many speakers do quite poorly over 18KHz, and many microphones aren't good with high frequencies, either, so even if an ultrasonic is (barely) present, "hard of hearing" (in higher ranges) microphones might not hear them.

Seems like this ad tracking technology has some serious roadblocks in its way, just based on the current technology. Might do better with some sort of infrasound, or audible but unrecognizable as a signal sound (audible steganography) for tagging ads.

Or - even better, audible watermarking of sound sources with date/time/channel ID stamps -- instead of tagging the ads themselves, tag the medium. After the spyware phones home, the big data analytics engines can do the mass lookups to correlate date/time/channel stamps with what content was playing. This way, individual advertisers don't have to "play" to be useful. Some sort of "ignorable" (by humans) noise would carry the information.

6
3
Silver badge
Mushroom

Re: What Frequency is used?

@Hurn

Thanks for giving these bastards more ideas on how to snoop on people!

I've got an idea. Instead of doing that, why don't we tell them all to sod right the hell off?

Fortunately the newest Android system allows me to lock out permissions in each app, and I lock out everything the app doesn't need to do what *I* want it to do. Permission to use microphone for an app that doesn't clearly need it? DENY.

13
1
Silver badge

Re: What Frequency is used?

18000 to 19950 Hz

https://github.com/MAVProxyUser/SilverPushUnmasked/commit/bc1dde934c0be02cfce72b7ea68d4a147ddd308d

This dumb scheme seems extremely unlikely to work. That audio range is a mess of distortion, echoes, dead zones, and frequency substitution during compression.

4
1
Anonymous Coward

Re: What Frequency is used?

This dumb scheme seems extremely unlikely to work. That audio range is a mess of distortion, echoes, dead zones, and frequency substitution during compression.

I'm going old school on this, and I mean OLD school. There is no way you'll get anything over about 5..7KHz past an old fashioned tea cozy. It may look strange, but we all have to make sacrifices.

:)

12
0
Anonymous Coward

Re: What Frequency is used?

"Or - even better, audible watermarking of sound sources with date/time/channel ID stamps -- instead of tagging the ads themselves,.."

Look at what Vizio is doing with their latest TVs - this very thing, only with video. So even if you're watching a DVD or some other video source Vizio has no business knowing about, they're watching the screen more closely than you, and doing a "Shazaam" type thing on the content to figure out exactly what you're watching and then helpfully phoning that home to Vizio HQ. Read the microscopic T&Cs with your new Vizio TV for the details. I'm sure it's just to "improve the customer experience", or some such. Nothing to worry about.

7
0

Re: What Frequency is used?

@Hurn

Fortunately the newest Android system allows me to lock out permissions in each app, and I lock out everything the app doesn't need to do what *I* want it to do. Permission to use microphone for an app that doesn't clearly need it? DENY.

This is EXACTLY why I purchased the WileyFox Storm recently, it'll be a long time before Android 6.xx becomes standard on handsets due to manufacturers refusing to patch or update vulnerable systems.

Cyanogen OS includes so many extra privacy features, more than even google provide in their latest version... and it's constantly updated.

2
0
Anonymous Coward

Actually, it works just fine.

In case you haven't noticed, this sort of technology works just fine on pretty much every android phone. Google Chromecast uses ultrasound channel to verify whether a guest user is in the same room or not, and it works rather reliably.

See: https://support.google.com/chromecast/answer/6109297?hl=en.

2
0
Silver badge

Re: Actually, it works just fine.

It has also been in Shazam for a long time.

0
0
Silver badge

Re: Actually, it works just fine.

I don't think Shazam uses ultrasound though, does it? I thought it just recognised the run-of-the-mill audible sound.

0
0

Re: What Frequency is used?

Indeed, by virtue of the technology, there can be no "ultrasonic" frequencies produced. However there are sonic frequencies that a lot of people can't hear.

A department that I supported QCing TV found that 2 out of the 12 staff (and yes, they were the youngest) complained about some high frequency whistle. It turned out to be 18KHz produced from the new LED studio lighting they were using.

The moral of the story is that they can embed HF sound in the ads, but they'll piss off some of their audience.

1
0
Anonymous Coward

Re: What Frequency is used?

ref. why don't we tell them all to sod right the hell off?

well, you can tell them, and la-la-la, they don't give a flying monkey's f... because they want this ad money, and they want MORE of it. Wouldn't you? ;)

0
0
Anonymous Coward

Re: What Frequency is used?

well, I block ALL requests for permission to do anything by a new app, and then I just see what happens (well, nothing un-expected ;)

0
0
Silver badge

Re: What Frequency is used?

Wouldn't you? ;)

Not at the cost of my principles. I wouldn't do anything to anyone else which I wasn't comfortable having someone do to me.

(BDSM sessions excluded, obviously.)

1
0
Silver badge

Please don't tell my parents I'm in advertising - they still think I club baby seals for a living.

43
0
Thumb Down

Pot. Meet Kettle

Outrageous!

Meanwhile a certain technology website, not a million miles from here, has taken to embedding an ad which specifically tries to circumvent people's ad-blocking software. [It even has an #adblk id on the div].

Can anyone smell the stench of hypocrisy, in the air?

13
0

Name and shame

I'm tired of hearing about stuff like this and then not being able to figure out whether any of the apps I have are affected.

It might be innocent until proven guilty, but at the same time if someone's accused of rape you don't let 'em go back to their teaching job until the case is resolved.

2
4
Silver badge
Trollface

Re: Name and shame

"I'm tired of hearing about stuff like this and then not being able to figure out whether any of the apps I have are affected."

You'll just have to stop listening....

0
0
Silver badge

Re: Name and shame

I'm trying to work this BS out:

So if you're watching a TV show or an online video about cooking, and an ad comes on for kitchenware with an embedded ultrasonic signal, apps using SilverPush on your nearby phone will hear it, realize you're into cookery, and phone home this data to ad networks.

If I'm watching at home with my phone and my wife has Coronation Shite on the telly and there is an advert in the commercial break for BodyForm or Tena Lady, then the app will assume I'm into feminine hygiene and report this to ad networks so next time I'm reading The Register I get adverts telling me I need wings to be fully active?

5
0
Silver badge

Ah yes. Targetted advertising

Trying to sell you more of what you have just bought (Amazon I am especially looking at you, you morons but Google is just as stupid). Stalking you round the web offering more of what you just looked at but don't actualy want (Google, Amazon et al). Telling me what other people have bought (as if I care). Telling me what is "Trending" (ditto). Making special offers that aren't actually special for stuff that is otherwise unsaleable tat.

Yeah. really advanced, that.

Just a good indicator of which businesses and products to avoid like tha plague.

18
1
Silver badge

Re: Ah yes. Targetted advertising

Telling me what other people have bought (as if I care). Telling me what is "Trending" (ditto).

You do not - sheeple do. Sheeple mentality says different - "galactic battlecruiser displacement lardearse" has it, I should have it. So for 99% of the population what other people (especially ones with a galactic battlecruiser displacement lardearse) have bought, what is trendy is the key - you do not want to be seen as grumpy square pensioner who buys his jumpers from Edinburgh Woolen Mill once in a decade.

1
0

Re: Ah yes. Targetted advertising

Yeah this behaviour always beffudled me as well.

I just purchased a Dash cam, researched it and purchased within 2 evenings. Now for the next 6 months I am going to get lots of ads for ... OH WAIT I don't get ads hahahahahahahaha

2
0
Anonymous Coward

Re: Ah yes. Targetted advertising

What's wrong with buying from Edinburgh Woollen Mill?

And it was a cardigan not a jumper.

3
0
Silver badge

Re: Ah yes. Targetted advertising

>What's wrong with buying from Edinburgh Woollen Mill?

More to the point, what's wrong with only buying jumpers once a decade?

I bought my favourite jumper in 2001.It's now the perfect age for working in the garage, or the garden, so gets worn almost every day.

I bought a new jumper when I started my new job, in late 2015, as I felt I needed to make an impression. It should do me through to 2025 or so, I guess.

4
0
Bronze badge

Simple solution (maybe)

Seems to me that the right value of capacitor across the speaker terminals would kill the signal.

3
0

Re: Simple solution (maybe)

The right value of fully-charged high voltage capacitor across the authors of SilverPush would be even better.

20
0
Silver badge

Re: Simple solution (maybe)

Actually the really simple solutions are:

Read newspapers and books - I challenge the software to identify what I'm reading from the sound of page turns. Secondly, just don't have your mobile glued to you - mine when not in use gets left near the (non-IoT) kettle in the kitchen.

Okay I know this doesn't stop a store broadcasting relevant sounds so that when I'm out shopping the app will know which store I'm in, so you may want to turn the phone off when visiting places that you would rather visit in 'incognitio" mode...

0
0
Anonymous Coward

Re: Simple solution (maybe)

"Read newspapers and books - I challenge the software to identify what I'm reading from the sound of page turns."

Some hidden camera will probably read you instead.

"mine when not in use gets left near the (non-IoT) kettle in the kitchen."

One, what makes you think your kettle isn't some whispernet-capable device that you don't know about? Two, it can probably hear the sounds from that far away.

"Okay I know this doesn't stop a store broadcasting relevant sounds so that when I'm out shopping the app will know which store I'm in, so you may want to turn the phone off when visiting places that you would rather visit in 'incognitio" mode..."

Which kind of defeats the purpose of having the phone on hand. To be able to do on-the-spot research and, of course, to take a call in the event of an emergency. Plus turning off the phone (even if you could) doesn't remove the Big Brother cameras ubiquitous in stores these days.

0
0
Holmes

Hmm. An Apple a day...

"These apes were capable of listening in the background and collecting information about consumers without notifying them," said FTC consumer protection bureau director Jessica Rabbit.
(a few letters changed here and there to protect, etc.).

Seems like another TLA or two could use some advice in that direction, rather than forcing backdoors and crippled OS's on us all...

1
0
Trollface

Do something useful with it

How about we let the snooping software watch the ads for us? We can enjoy ad-free webs and the snooping software can serve as the eyeballs the ad companies want watching their ads. Win-win all around!

6
0
Silver badge
Happy

Just spoof the ultrasound coding :)

You need another app added to your Android phone that broadcasts another ultrasound signal in the appropriate frequency range, telling advertisers to fuck off and die!

Might drain your battery some, but still very satisfying.

2
0

Re: Just spoof the ultrasound coding :)

I was just thinking the same. Plus another app which can tell you whether a TV programme or ad is broadcasting these frequencies and also monitor other apps to see which ones are listening for them.

1
0
Anonymous Coward

Who remembers true privacy?

Pre Internet

Pre Transistors/silicon (bugging)

Everyone in town knew your name, where you lived and probably what you did for work, but the Ad-Man & G-man* were benign

* unless you were suspected of being a Red

- Anon (but probably not)

2
0
Anonymous Coward

ultrasonic pest repellant

Anybody know how hard it would be to retune one of these to repel the Silverpush pest?

2
0
Anonymous Coward

Re: ultrasonic pest repellant

Careful.

Get the pitch wrong and your letter box might get flooded with 'special offers'....

0
0

Re: ultrasonic pest repellant

I wonder if they would need retuning. Anyone with pets notice them run out the room when certain TV progs and ads come on?!

If I can find out which ad has this I'll record it and play it on a loop in my garden to stop the neighbours cats leaving presents on my lawn.

0
0
Anonymous Coward

Re: ultrasonic pest repellant

Or the software repellant that constantly burbles rubbish in the correct ultrasonic frequency bands, using the built in speaker silverpush is snooping all over. Remember GIGO. Presumably there is a short initiator sequence, other wise it'd be false positives everywhere; or am I displaying my ignorance?

;)

PS Thankfully my personal terrorism/subversion research machine has no microphone, I built it. People mock me when they know I still build my own use PC, the fools

0
0

I'm shocked

"in order to make use of the SilverPush code, they must first obtain direct permission from users to both access their microphone hardware"

So there is currently isn't a technology control to prevent that if they don't? God help us all we really are just dollar signs to these type of people.

0
0
Silver badge

Re: I'm shocked

> God help us all we really are just dollar signs to these type of people.

Got some bad news, we have been for a long time. There are no scruples in marketing - at least in certain areas of marketing. Basically to many it's simply a matter of whatever they can get away with - and as long as the "cost" is less than the profits then nothing is out of consideration.

0
0
Silver badge

I don't get it

So they listen in on background adverts, something which I have no control over and haven't actually chosen through any input of my own, and decide to use that and only that information to target me for more advertising? What could possibly be the point of this? They're not choosing adverts based on anything I've done, they're choosing them based on what some other advertising people think people watching TV at this time might possibly be interested in. They could achieve exactly the same effect with far less cost and legal issues by simply looking at a clock.

0
0
Silver badge

Re: I don't get it

They probably figure if an ad plays out, you at least tolerate it; otherwise, you'd change channels for the duration.

0
0

Re: I don't get it

Maybe by knowing the sequence the adverts are playing, and the time, they can figure out what show you were watching, and hence, your interests?

0
0
Silver badge

Re: I don't get it

Don't be too surprised if each commercial is uniquely encoded for each program so that just listening to enough of ONE commercial is enough for the app to identify the ad AND the program attached to it. Time isn't going to be as useful as the program could be recorded or time-shifted.

1
0
Anonymous Coward

If the President does it, it's not illegal.

Oh wait, is this the wrong thread?

Perhaps not.

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018