Hacker News new | past | comments | ask | show | jobs | submit login
33c3: Talking Behind Your Back [video] (ccc.de)
64 points by beardog on Jan 3, 2017 | hide | past | favorite | 9 comments

I really enjoyed this talk. It relies on your smart phone being able to pick up the ultrasonic beacon and return it to the server to tell them you're there. And it feels a lot like the IMEI sniffing trash bins[1]. I guess there will be a market for a small ultrasonic 'fuzzer' device which degrades the beacons.

[1] http://www.independent.co.uk/life-style/gadgets-and-tech/new...

Civilian warfare. You have to invest in signal jamming devices because some asshats with monies decided to deploy trackers in order to get more monies.

Or just a lowpass filter in the signal path ( assuming you can get access to this ).

Makes me wonder, how much data one could fit in the audible spectrum without humans being able to hear it, using ultrashort pulses and/or some clever algorithms?

This is why you want capability-based security. If there's loads of speakers which are freely used by applications (lacking capability-based security), you can just use capability-based security on the microphones. That'd only work if you can control the devices though; so only on your own home.

On Android you can check which applications want access to microphone since 5.0 or 5.1 and the capability-based design during runtime works since 6.0. On macOS, it also works, and there's Micro Snitch which notifies the user when the microphone is active. Its from the same makers as Little Snitch. Its pretty basic; e.g. if you use Siri the log won't really tell much about which applications did use it.

There's Oversight [1] and Little Flocker [2] from Objective-See which can tell you if something is attempting to user the microphone or webcam, and allow you to block it if you'd like.

[1] https://objective-see.com/products/oversight.html

[2] https://www.littleflocker.com/

Previous discussion: https://news.ycombinator.com/item?id=13290378

3 comments, 3 days ago, 19 points.

Damn, I did a search but I missed it. Sorry.

It's not criticism! As far as I know it's not against the rules to re-post. I just remembered seeing it before and thought I'd link to other comments people previously made.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact