Dystopian corporate surveillance threats today come at us from all directions. Companies offer “always-on”devices that listen for our voice commands, andmarketers followus around the web to create personalizeduser profiles so they can (maybe) show us ads we’ll actually click. Nowmarketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly sciencefictional way: with audio signals your phone can hear, but youcan’t. And though you probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protectyourself. 如今,反乌托邦的公司监控从四面八方威胁着我们。公司提供“永远在线”的设备来听取我们的声音指令,而营销者可以跟随我们浏览网页的踪迹来制定个性化的用户方案,从而就(也许)可以向我们展示我们会点击的广告。现在,营销者一直在研究用那些基于网络和音频的方法来追踪消费者,以另一种令人不安的科幻小说似的方法:那些音频信号只有你的手机可以听到的,而你是听不到的。不过虽然你可能不知道什么是狗哨营销,但是研究者已经为你提供保护自我的方式了。
The technology, called ultrasonic cross-device tracking, embedshigh-frequency tones that are inaudible to humans in advertisements, web pages,and even physical locations like retail stores. These ultrasound “beacons” emittheir audio sequences with speakers, and almost any device microphone—likethose accessed by an app on a smartphone or tablet—can detect the signal andstart to put together a picture of what ads you’ve seen, what sites you’veperused, and even where you’ve been. Now that you’re sufficiently concerned,the good news is that at the Black Hat Europe security conference on Thursday,a group based at University of California, Santa Barbara will present anAndroid patch and a Chrome extension that give consumers more control over thetransmission and receipt of ultrasonic pitches on their devices.
这项技术叫做超声波跨设备追踪,可以在广告,网页,甚至在像零售商店这样的物理位置嵌入人类听不到的高频音调。这些超声波“信标”通过扬声器发送他们的音频序列。几乎所有配置麦克风的设备,比如那些允许某个在智能手机或平板电脑上的应用程序访问使用的,它们可以检测到信号,并根据你所看到的广告、你浏览过的网站、甚至是你去过的地方,整理出一张图片。想必你们现在一定非常担心,但好消息是,在周四的黑帽欧洲安全会议上,加州大学圣芭芭拉分校的一组研究人员将会提供一份安卓系统补丁和Chrome插件, 以便消费者能在他们电子设备的超声波传送和接收方面掌有更多的控制权。
Beyond the abstract creep factor of ultrasonic tracking, thelarger worry about the technology is that it requires giving an app the ability to listen toeverything around you, says Vasilios Mavroudis, a privacy and securityresearcher at University College London who worked on the research beingpresented at Black Hat. “The bad thing isthat if you’re a company that wants to provide ultrasound tracking there is noother way to do it currently, you have to use the microphone,” says Mavroudis. “So you will be what we call ‘over-privileged,’ because you don’tneed access to audible sounds but you have to get them.”
除了超声波追踪的抽象蠕变因素外,这项技术最令人担心的是,它需要给予应用程序听取你周围一切声音的能力,VasiliosMavroudis说道, 他是伦敦大学里隐私和安全方面的研究者,也参与了那项在黑帽会议展出的研究。 “最糟糕的是,如果你的公司想提供超声波追踪,鉴于目前并没有其他可行的方法,你只能用那些传声设备,”Vasilios Mavroudis 说道。”如此你将成为我们所说的‘特权过度’。因为你并不需要所有可听见的声音,但你却必须得到他们。”
This type of tracking, offered by companies like Tapad and 4Info, has hardly exploded inadoption. But it’s persisted as morethird party companies develop ultrasonic tools for arange of uses, like data transmission without Wi-Fi or other connectivity. Themore the technology evolves, the easier it is to use in marketing. As a result,the researchers say that their goal is to help protect users from inadvertentlyleaking their personal information. “There are certain serious securityshortcomings that need to be addressed before the technology becomes morewidely used,” says Mavroudis. “And there is a lack of transparency. Users arebasically clueless about what’s going on.”
像Tapad和 4Info等公司提供的这种追踪方式是很难被广泛使用的。但它仍然存在,因为越来越多第三方公司开发出广泛用途的超声波工具,比如无需无线网络或其他连接的数据传输。技术发展得越广,就越容易在营销中使用。因此,研究者们说他们的目标是为了保护用户以防他们在无意间泄漏个人信息。“在这项技术被广泛使用之前,必须要解决它严重的安全缺陷问题,”Vasilios Mavroudis 说道。“它还缺乏透明度。用户们基本上对于发生了什么事情一无所知。”
Currently, when Android or iOS do require apps to request permission to use a phone’smicrophone. But most users likely aren’t aware that by granting thatpermission, apps that use ultrasonic tracking could access their microphone—andeverything it’s picking up, not just ultrasonic frequencies—all the time, evenwhile they’re running in the background.
目前,安卓和iOS系统确实需要应用程序得到用户许可才能连接手机的话筒。但是大多数用户可能还没有意识到,一旦授予权限,使用超声波追踪的应用程序可以接入他们的麦克风,以及它接收的所有一切,并不仅仅只是超声波频率——每时每刻,甚至包括它们在后台运行的时候。
The researchers’ patch adjusts Android’s permission system sothat apps have to make it clear that they’re asking for permission to receive inaudible inputs. It also allows users to choose toblock anything the microphone picks up on the ultrasound spectrum. The patchisn’t an official Google release, but represents the researchers’recommendations for a step mobile operating systems can take to offer moretransparency.
研究者的补丁对安卓的权限系统进行了调整,以确保应用程序必须明确地表明它们在请求接收人耳无法听到的信号输入。这个补丁还允许用户选择屏蔽在超声波频谱上被话筒接收的任何内容。这个补丁虽不是由谷歌官方发布的,但这意味着研究者们的建议可为移动操作系统增加更多透明度。
To block the other end ofthose high-pitched audio communications, the group’s Chromeextension preemptively screens websites’ audio components as they load to keepthe ones that emit ultrasounds from executing, thus blocking pages fromemitting them. There are a few old services that the extension can’t screen,like Flash, but overall the extension works much like an ad-blocker forultrasonic tracking. The researchers plan to post their patch and theirextension available for download after their Black Hat presentation.
为了屏蔽那些高音音频通信的另一端,这个研究小组的Chrome插件会预先扫描网站的音频组件, 以免发射超声波的组件在网页加载时启动,从而阻止网页发出音频信号。 在一些旧客户端上此插件无法扫描,例如Flash,但总的来说, 此插件就像用于拦截超声波追踪的广告拦截器。研究者们计划在黑帽会议后,将他们的补丁和扩展插件发布到网上以供下载。
Ultrasonic tracking has been evolving for the last couple ofyears, and it is relatively easy to deploy since it relies on basic speakersand microphones instead of specialized equipment. But from the start, thetechnology has encountered pushback about its privacy and security limitations.Currently there are no industry standards for legitimizing beacons or allowingthem to interoperate the way there are with a protocol like Bluetooth. And ultrasonic tracking transmissions aredifficult to secure because they need to happen quickly for the technology towork. Ideally the beacons would authenticate with the receiving apps each timethey interact to reduce the possibility that a hacker could create phonybeacons by manipulating the tones before sending them. But the beacons need tocomplete their transmissions in the time it takes someone to briefly check awebsite or pass a store, and it’s difficult to fit an authentication processinto those few seconds. The researchers say they’ve already observed one typeof real-world attack in which hackers replay a beacon over and over to skewanalytics data or alter the reported behavior of a user. The team alsodeveloped other types of theoretical attacks that take advantage of the lack ofencryption and authentication on beacons.
过去的几年里超声波追踪技术一直在发展,应用起来也相对简单,因为它依赖的是基本的扬声器和麦克风而非专业设备。但从一开始,这项技术就遇到了隐私和安全限制的难题。目前没有任何行业标准来使信标合法化或者是允许它们像有通信协议的蓝牙那样交互操作。超声波追踪传输是很难受保护的,因为它们需要快速运作才能使这项技术起作用。理想状况下,信标将在每次交互时都会对接收应用进行身份验证,以减少黑客在信标发送之前通过篡改音调来创建虚假信标的可能性。但是这些信标需要在人们浏览网页或者经过一家商店的瞬间完成传输,然而在几秒钟内想要完成身份验证是很困难的。研究者们说他们已经发现了一种真实世界的攻击方式:黑客们一次次地重放信标来扭曲分析数据或者改变用户的行为报告。这个团队还详述了其它类型的理论攻击,这些攻击方式都利用了信标缺乏加密和身份验证的缺陷。
The Federal Trade Commission evaluated ultrasonic trackingtechnology at the end of 2015, and the privacy-focused non-profit Center forDemocracy and Technology wroteto the agency at the time that “the bestsolution is increased transparency and a robust and meaningful opt-out system.If cross-device tracking companies cannot give users these types of notice andcontrol, they should not engage in cross-device tracking.” By March the FTC haddrafted a warningletter to developers about a certainbrand of audio beacon that could potentially track all of a users’ televisionviewing without their knowledge. That company, called Silverpush, has sinceceased working on ultrasonic tracking in the United States, though the firm said at the time that its decision to drop the tech wasn’t related to the FTC probe。 在2015年年末,联邦贸易委员会评估了超声波追踪技术,而专注于隐私保护的非营利组织民主和技术中心也在当时写信给该机构——“最好的解决办法就是增加透明度并建立一个强有力的排除系统。如果跨设备追踪公司不能给用户提供此种通知和控制权限,那他们就不应该进行跨设备追踪。”到3月份,联邦贸易委员会已经向开发者们发了一封警告信,内容是关于某品牌的音频信标能在用户不知情的情况下,追踪用户看电视的情况。那家公司叫做Silverpush, 从那以后在美国已经停止有关超声波追踪的工作,尽管这公司表示他们放弃这项技术的决定和联邦贸易委员会的调查并没有关系。
More recently, two lawsuits filed this fall—each about theAndroid app of an NBA team—allege that the apps activated user microphonesimproperly to listen for beacons, capturing lots of other audio in the processwithout user knowledge. Two defendants inthose lawsuits, YinzCam and Signal360, both told WIRED that they aren’t beacondevelopers themselves and don’t collect or store any audio in the spectrum that’saudible to humans.
数到最近,今秋的两起诉讼,分别与不同的NBA球队的安卓应用程序有关,都称这些软件在用户不知情的情况下,不恰当地激活用户的麦克风来收听信标,还捕获了许多其它的音频。两起诉讼中的两名被告,YinzCam 和Signal360两家公司都告诉WIRED,他们并非信标的开发者,也没有以此收集和储存任何人类可听见的音频。
But the researcherspresenting at Black Hat argue that controversy over just how much audio ultrasonic tracking tools collect is all the more reason to create industry standards, so that consumers don’t need to rely on companies to makeprivacy-minded choices independently. “I don’t believe that companies aremalicious, but currently the way this whole thing is implemented seems veryshady to users,” says Mavroudis. Once there are standards in place, theresearchers propose that mobile operating systems like Android and iOS couldprovide application program interfaces that restrict microphone access soultrasonic tracking apps can only receive relevant data, instead of everythingthe microphone is picking up. “Then we get rid of this overprivileged problemwhere apps need to have access to the microphone, because they will just needto have access to this API,” Mavroudis says.
但是出席黑帽会议的研究者们认为,关于超音波追踪工具应能够收集多少音频的争议使得我们更有理由建立行业标准,这样消费者不需要依靠公司再来做出保护隐私的选择。“我不认为公司是恶意的,但目前整件事情的进行方式对于用户来说实在太隐秘了。“Mavroudis说道。研究者提出,一旦有标准可执行,像安卓和iOS此类的移动操作系统就可以提供应用程序接口来限制麦克风的访问,届时超音波追踪软件就只能接收相关数据,而非麦克风接收的所有内容。“如此我们就能摆脱这个特权过度的问题,因为在软件需要连接麦克风的时候,它们只需要连接这个API。“Mavroudis说。
For anyone who’s not waiting for companies to rein in what kinds of audio they collect to track us, however, the UCSB and UCL researchers software offers a temporary fix. And that may be more appealing than the notionof your phone talking to advertisers behind your back—or beyond your audiblespectrum.
对于那些不愿意等公司来决定哪些音频可用于追踪用户的人,加州大学圣芭芭拉分校和伦敦大学学院的研究者提供了一种临时的解决方案。而这,比起你的手机背着你悄无声息地和广告商联系,也许更加吸引人。
发表于 2018-12-10 14:25:45
收藏
支持
反对