I'm sorry, phone overhear you look at small yellow-IT information
Recently there has been a new kind of privacy invasion--ultrasound tracking across devices (ultrasonic cross-device tracking), referred to as uXDT. Through this technique, when the app without the user's knowledge, and using your microphone picks up ultrasonic information on the phone to monitor user behavior.
With this technology, means that the app on the phone, or even you can tell you are now looking at what's on TV advertisers, as long as advertisers on the show buried human ear can not hear ultrasonic information.
Pictures from Wired
This technique has the following characteristics:
Ultrasonic "launchers" can be embedded in the video (TV and online), Web pages and offline entities
Ultrasonic transmitters can be without networking, applicable to a wide scene
Ultrasonic receiver (usually a phone) only need to rely on the microphone, user vigilance is not high
User does not have the sense (1. ultrasonic outside the range of human hearing, even in this kind of environment is not known; 2. using this app and does not tell the user in the collection of the technology of ultrasound information and options on or off. )
Existing phone operating systems there is no ultrasonic setting privacy options
Wired, it was reported, at the Black Hat Conference on Thursday, from the University of California, Santa Barbara (UCSB) research team introduced an Android uXDT patches as well as a Chrome extension, and will be officially launched later this month.
Android patch from the mobile phone (ultrasonic receiver), and protect users. According to reports, this patch allows users to choose whether to allow a microphone to receive audio information could not be set up to give a user permissions to stop the ultrasonic listening behavior.
While Chrome extension will be rushed to the front line, a page for the user to block presence of ultrasonic (ultrasonic transmitter). The extension when the page is loaded, automatic identification of elements with ultrasonic information, blocking produce ultrasonic. But the extension has a weakness, that is cannot be applied to the older network services, such as Flash.
Apart from the above two utilities, development team also suggested that to mitigate information leakage from uXDT, also requires the use of standards for the industry for the technology, to curb the gray operations. Meanwhile, the operating system should also increase the limit options for receiving ultrasonic, and give the user control of the power.
After all, talking about privacy, careful not overdo it.
不好意思,
手机偷听到你在看小黄片了 - IT资讯
最近出现了一种新型的隐私入侵技术——超声波跨设备跟踪(ultrasonic cross-device tracking),简称为uXDT。通过这个技术,app可在用户不知情时,利用手机上的麦克风收集超声波信息,以监控用户行为。
有了这个技术,意味着手机上的app甚至可以将你此刻在看什么电视节目都告诉广告商,只要广告商在节目里埋下人耳听不到的超声波信息。
图片来自 Wired
这个技术有以下几个特点:
超声波“发射器”可根植于视频(电视和网络)、网页、线下实体地点
超声波发射器可以不联网,适用场景广
超声波接收器(通常是手机)只需要依赖麦克风,用户警惕不高
用户无感知(1.超声波在人类听力范围外,即使处于该声波环境下也不知道;2.采用这个技术的app并不会告知用户它在收集超声波信息,同时也没有关闭选项。)
现有手机操作系统并没有针对超声波的获取设置隐私选项
据Wired 报道,在本周四的Black Hat会议上,来自University of California, Santa Barbara(UCSB)的研究团队介绍了应对uXDT的一个安卓系统补丁以及一个Chrome扩展,并将于本月月底正式上线。
安卓系统补丁从手机端(超声波接收器)入手,保护用户。据介绍,该补丁将容许用户针对是否允许麦克风接收听不到的音频信息进行设置,进而给予用户权限来阻挡超声波偷听行为。
而Chrome扩展则会冲到一线,为用户阻挡埋有超声波的网页(超声波发射器)。该扩展会在网页加载的时候,自动识别带有超声波信息的元素,阻止发出超声波。但扩展有个软肋,那就是无法应用于比较旧的网络服务,例如Flash。
除了介绍以上两个实用工具外,研发团队还提出,要缓解uXDT带来的信息泄漏,还需要业界为该技术的使用提出标准来规范,以遏制灰色操作。同时,操作系统亦应该增加限制接收超声波的选项,赋予用户控制的权力。
毕竟,说起隐私安全,怎么小心都不会过头。