
Ask HN: What blackhat/ greyhat ad-tech were you surprised to learn about? - joewee
Coming from the security industry I was surprised to see the level of persistence ad networks implemented to track users across the web. What might technical folks be surprised to learn about the online marketing and ad-tech space?
======
this2shallPass
That "US cell carriers are selling access to real-time phone location data".
Some know, but most probably do not. Most non-technical people would also be
surprised by this.

[https://news.ycombinator.com/item?id=17081684](https://news.ycombinator.com/item?id=17081684)

The top comment expands on the situation:

"It's not just your cell carrier. Your cell phone chip manufacturer, GPS chip
manufacturer, phone manufacturer and then pretty much anyone on the installed
OS (android crapware) is getting a copy of your location data. Usually not in
software but by contract, one gives gps data to all the others as part of the
bill of materials.

This is then usually (but not always) "anonymized" by cutting it in to ~5
second chunks. It's easy to put it back together again. We can figure out
everything about your day from when you wake up to where you go to when you
sleep.

This data is sold to whoever wants it. Hedge funds or services who analyze it
for hedge funds is the big one. It's normal to track hundreds of millions of
people a day and trade stocks based on where they go. This isn't fantasy, it's
what happens every day.

Almost every web/smartphone mapping company is doing it, so is almost everyone
that tracks you for some service - "turn the lights on when I get home". The
web mapping companies and those that provide SDKs for "free". It's a
monetization model for apps which don't need location. That's why Apple is
trying hard to restrict it without scaring off consumers."

------
xstartup
SilverPush

Use ultrasonic inaudible sounds for tracking you

Your TV ads could play these beacons to which your phone is actively
listening.

Or websites and physical places could play them.

See: [https://techcrunch.com/2014/07/24/silverpush-audio-
beacons/](https://techcrunch.com/2014/07/24/silverpush-audio-beacons/)

------
onion2k
Phorm.

It was a while ago now so younger HN readers might not know about it, but
Phorm was an ISP level deep packet inspection product that invaded users
privacy on a _massive_ scale, all just to market stuff to them. Thankfully
it's now dead and gone.

[https://en.wikipedia.org/wiki/Phorm](https://en.wikipedia.org/wiki/Phorm)

~~~
joewee
All the companies providing infrastructure support to ISPs should be suspect.

