Yet Another Crazy Computer Hack

The great thing about computer security is that it is so easy to be “right”: your most paranoid fears are frequently true. If you assume that every system can be attacked, that all software is vulnerable and that a determined adversary can see everything, including where you are and who you are with; you will probably be correct, even if you don’t really know for sure.

This paranoid stance gives you a clear-eyed view of the mess that is contemporary IT, although the only logical conclusion is to avoid computers and networks entirely—which is pretty much impossible.

And then you learn that there are whole new categories of weird “attacks” that you never even thought of!

Such as, listening to the vibrator on your phone, or hacking wi-fi to detect your finger movements.

This week brings yet another incredible but true phone hack. Most mobile devices can emit and detect sounds outside the range of human hearing. In many phones, this capability has been used as sonar to detect when you hold your phone up to your ear, which disables accidental button presses by your cheek.

But this capability can also be used to include a hidden tag in content sent to the phone. When a page or an ad is displayed, it can emit a coded chirp. This chirp can be heard by another device nearby, which can return a message to the sender, confirming where, when, and by who the page was displayed. This mechanism is used by advertisers as a way to know when an advert is viewed.

Vasilios Mavroudis and his colleagues report that this mechanism can be used to identify users’ devices even when otherwise cloaked by Tor [2] [slides]. This sneaky attack depends on the phone having an advertising enabled app (there are many), which will hear the chirp and report to the advertiser details of the device. The chirp can be generated by a page, or embedded in video or other content, which can be used as bait.

Yuck! Yet one more reason to loathe mobile ads!

There isn’t any simple way to prevent or block this snooping, so everyone should beware. Do not assume that your identity and location cannot be tracked, no matter what clever obfuscation you might employ.

The main good news is that this attack is executed via an online advertising campaign, which means that some adversaries will not have the time and resources to run it. On the other hand, if you are using Tor or other serious obsfuscation, then you are worried about significant adversaries who can certainly set up fake advertising campaigns and infected YouTube videos.

The researchers propose some countermeasures, but these are only partial blocks until Android and other operating systems are modified.

Cool stuff!

  1. Catalin Cimpanu, Ultrasound Tracking Could Be Used to Deanonymize Tor Users, in BleepingComputer. 2017. https://www.bleepingcomputer.com/news/security/ultrasound-tracking-could-be-used-to-deanonymize-tor-users/
  2. Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, and Christopher Kruegel., Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-device Tracking, in Blackhat Europe. 2016: London. https://www.blackhat.com/docs/eu-16/materials/eu-16-Mavroudis-Talking-Behind-Your-Back-Attacks-And-Countermeasures-Of-Ultrasonic-Cross-Device-Tracking.pdf

One thought on “Yet Another Crazy Computer Hack”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s