The monitoring of personal devices (smartphones, tablets, PCs), and the use made of them, is a serious matter Threats to privacy, since it allows potential malicious people to monitor the activities of each of us and to obtain information that can then be used in an unethical or, worse, fraudulent way. Particularly insidious and worrying is that monitoring that takes place invisibly and without users realizing it: in this case it is a real spying action, particularly invasive and potentially capable of revealing sensitive data such as sexual orientation, health status or religious beliefs. Clearly, there are those who have every interest in taking over our data and treasuring it for their own purposes, and that is why control tools are created that use increasingly sophisticated methods. A new technique to invade the personal sphere of users and analyze, without their knowledge, their behavior, tracing their habits and interests, is that which involves the use of ultrasound messages.
It may seem simple science fiction, but today this possibility is real: technology has been developed by a number of advertising and marketing companies and is called "ultrasound cross-device tracking " o "UXDT". This technique uses sounds that are not directly perceivable by our senses, as they are of high frequency, but at the same time perfectly capable of interacting with our personal devices. Such ultrasounds can be sent through loudspeakers in stores, or inserted in TV or radio commercials, or even hidden in the JavaScript code of advertisements posted on the Internet. Even if, as mentioned, they cannot be picked up by the human ear, they are instead intercepted and collected by the microphones of our smartphones, tablets or PCs. Therefore, the applications on them, if they have been authorized to access the microphone, receive the ultrasonic signals, they interpret them and connect with specific remote servers, sending data on their position, interests and any other information that can be used to create targeted promotional offers. In practice, the use of this ad-tracking technology allows advertising companies to link consumption habits to a user's identity, creating a personalized database of tastes, choices and habits to be accessed in order to send messages based on them. . For example, it may happen that you walk into a store that sells jewelry, or pet supplies, or sportswear, and from then on, receive advertisements relating to the items in that store; or it could happen to watch an action movie on TV, and receive all the posters relating to the new action movies coming out; or it could happen that you visit a site that sells cars on your PC and, from that moment on, receive advertisements for new cars on your mobile or tablet. But not only. Anyone who had access to the personalized database of tastes, choices and habits could connect to an individual, in a precise way, the observation of even sensitive content such as adult films or political or religious documents, and therefore make the use that most pleases. The alarm about this technique comes from Germany, where a group of researchers from Brunswick Technical University has discovered 234 Android applications that include the ability to listen to ultrasound "without the user knowing." Many of these applications have been downloaded thousands or millions of times, and the list includes different types of software, such as games, news apps or others. The researchers also found traces of ultrasound transmissions also in the audio diffusion system of the stores of four large European chains and in the respective apps for Android smartphones. But how to identify the apps that provide these control functions? In reality, there is no simple and straightforward method, at least not for ordinary users. However, it is important to remember that, to take advantage of uXDT it is necessary that the app has access to the microphone, and that this permission is explicitly requested during installation (even if, usually, it is granted by everyone without too many problems). Hence, any application that makes such a request can potentially represent a "trojan horse" to enable ultrasound tracking. So, if there's no reason an app, like a game or news app, needs to access your microphone, the wisest thing is not to allow it.
By Giovanni Calcerano
Photo advertising.com