Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Hackers Can Use Pop Songs To 'Watch' You (fastcompany.com)

Posted by BeauHD on from the always-listening dept.

An anonymous reader quotes a report from Fast Company: Forget your classic listening device: Researchers at the University of Washington have demonstrated that phones, smart TVs, Amazon Echo-like assistants, and other devices equipped with speakers and microphones could be used by hackers as clandestine sonar "bugs" capable of tracking your location in a room. Their system, called CovertBand, emits high-pitched sonar signals hidden within popular songs -- their examples include songs by Michael Jackson and Justin Timberlake -- then records them with the machine's microphone to detect people's activities. Jumping, walking, and "supine pelvic tilts" all produce distinguishable patterns, they say in a paper. (Of course, someone who hacked the microphone on a smart TV or computer could likely listen to its users, as well.)

15 of 33 comments (clear)

  1. good choice by roc97007 · · Score: 3, Funny

    > their examples include songs by Michael Jackson and Justin Timberlake

    Good choices. Already lots of high pitched noises.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  2. Bruce Wayne by hackwrench · · Score: 1

    This was in one of the Batman movies. Not news.

  3. Tracked by pop songs by freeze128 · · Score: 1

    Songs by those artists haven't been popular for a long time. Not only can hackers tell your location in a room, they can also tell how old you are.

  4. Such a title! by Gravis+Zero · · Score: 1

    It's on par with, Dentists Can Use Fillings to 'Control' Your Diet. I mean, one could make a strainged argument to this idea but by and large dentists cannot use fillings to control your diet in the same way that hackers cannot use a song cannot watch you.

    BTW, if your dentist tries to give you a "cyanide filling" then he's trying to kill you. #DentalAssassinsEverywhere ;)

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:Such a title! by Scarletdown · · Score: 3, Insightful

      I translated it as "Another highly unlikely nonissue is concocted to help keep you frightened of the world around you and distrustful of everyone except your handlers."

      --
      This space unintentionally left blank.
    2. Re:Such a title! by MightyYar · · Score: 1

      Fear in headlines is apparently good business. I'd have gone with: "Echo Location With Your Echo". Or some other play words.

      By why not go full retard? "Hackers added hidden sounds to a pop song - you won't believe what happens next!"

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    3. Re:Such a title! by Gravis+Zero · · Score: 1

      By why not go full retard?

      never go full retard.

      --
      Anons need not reply. Questions end with a question mark.
  5. ubiquitous, panoptic by Reverend+Green · · Score: 1

    The machine is always watching.

  6. And the blind man by AndyKron · · Score: 1

    I know I know, and a blind man can tell when a person enters the bathroom by the echos from his piss, although he probably heard to the door open too.

  7. Good use for Somebody's Watching Me by HalAtWork · · Score: 1

    And I have no privacy!

    --
    Twinstiq, game news
    1. Re:Good use for Somebody's Watching Me by HalAtWork · · Score: 1

      Man I really messed up that link, here's the original video, my apologies

      --
      Twinstiq, game news
  8. Supine but not prone? by Chelloveck · · Score: 1

    Jumping, walking, and "supine pelvic tilts" all produce distinguishable patterns

    In other words, this exists because somebody wanted to find out if his girlfriend was cheating on him.

    --
    Chelloveck
    I give up on debugging. From now on, SIGSEGV is a feature.
  9. Easier and More Accurate by Luthair · · Score: 1

    If they've gone to the difficulty of hacking a device in your own that plays music and has a microphone, why not just hack their devices and use the camera. As an added bonus it works when the user isn't playing music.

  10. Safety of these ultrasonic output by iridium_ionizer · · Score: 1

    So who is verifying the safety of these ultrasonic output. Maybe I am being paranoid, but the US diplomats in Cuba were recently attacked in their residences with ultrasonic devices that were undetectable, except for the symptoms (severe hearing loss, migraine headaches, nausea).

    It's probably several orders of magnitude different in energy output, but I would still like to think some accountable government organization signed off on this usage - not just the company feeling that its okay. After all, if you are playing detectable music too loud then you can hear it and your ears start hurting. In this case there would be no warning signs until damage was done. The FDA did years of testing on prenatal ultrasound devices before they became routine in their usage. So who do these companies go to for verifying the safety of this technology before deployment. Or is just the honor system?

    This kind of reminds me of the deployment of back scatter x-ray machines for security at U.S. airports that had not been studied for dosing amounts on humans (and ended up giving extremely high exposures). There are news stories from 2010 speaking about the controversies regarding the health effects of the machines, but there are also news stories in 2007 about the machines being deployed and I believe there were limited deployments between 2003 and 2005 (if memory serves me correctly). NOTE: I used google news to search up the old articles.

  11. Rather Enterprises than hackers... by chris.vanderheyden · · Score: 1

    From a privacy point of view I'm a LOT more concerned for the companies that produce these products rather than hackers. If hackers can hack the devices to implement an ultrasonic body movement tracker, who guarantees that Google and Amazon haven't already done so in their factory fresh devices?