Do you hear Laurel or Yanny or is it On-Off Keying? - Internet Security

Do you hear Laurel or Yanny or is it On-Off Keying?
Bernd shared a white paper this morning, "Analysis of an Ultrasound-Based Physical Tracking System " by Cunche and Cardoso (https://hal.inria.fr/hal-01798091/document) which goes over how they rever engineered an ultrasound-based in-store tracking application. They wrote an app that generates it's own ultrasonic sounds to jam such applications. Souce code is available (alegedly, their GitLab instance was having an issue when I looked at it.) The site does have samples of ultrasonic applications caught in the lab and in the wild (http://sonicontrol.fhstp.ac.at/) which you could use for you experiments. I've been interested in the interaction between ultrasonic and mobile technology since I saw Jameson Rader's XT Audio Beacons (https://github.com/jamrader/XTAudioBeacons) that were used to syncrhonize a lightshow from attendee's smartphones. Digging further into that I needed tools to detect and generate these signals. I first went to Audacity (https://www.audacityteam.org/) because I focusing on sound generation, but if I wanted to move data via ultrasound I would need modulation and demodulation which brought me to GNU Radio (https://www.gnuradio.org/). I wasn't the first to think of that approach. There's a demonstration using commodity laptops (https://www.anfractuosity.com/projects/ultrasound-via-a-laptop/) where he sends data very slowly at 23kHz. They improved on the process and have nice full-duplax eample here: https://www.anfractuosity.com/projects/ultrasound-networking/ There is simple chat program that uses this technique called Quietnet (https://github.com/Katee/quietnet) Others have raised privacy concerns about use of the technology (isn't there always?) In "Privacy Threats through Ultrasonic Side Channels on Mobile Devices" Arp, Quiring, Wressnegger, and Rieck (http://christian.wressnegger.info/content/projects/sidechannels/2017-eurosp.pdf) they describe using SilverPush (https://www.silverpush.co/) a marketing application to track a user via embedded signals is web ads. It's also used in Google Nearby (which uses seen wi-fi APs, and bluetooth in addition to audio beacons.) When enabled a smartphone will generate ultrasonic signals and listen for other signals. Now I want to head out to the maul with an audio spectrum analyzer. The available-parking sensors, the in-store tracking, the smartphons of passers-by-- what fun.	Kevin Liston 292 Posts ISC Handler
Subscribe	May 28th 2018 1 year ago
private message to author: "https://isc.sans.edu/forums/diary/Do+you+hear+Laurel+or+Yanny+or+is+it+OnOff+Keying/23707/" "full-duplax eample" {spelling} "head out to the maul " [mall?] in case it should be fixed. :)	skeeter 1 Posts
Quote	May 29th 2018 1 year ago
One's intentional, the other isn't.	skeeter 4 Posts
Quote	May 29th 2018 1 year ago

Bernd shared a white paper this morning, "Analysis of an Ultrasound-Based Physical Tracking System " by Cunche and Cardoso (https://hal.inria.fr/hal-01798091/document) which goes over how they rever engineered an ultrasound-based in-store tracking application. They wrote an app that generates it's own ultrasonic sounds to jam such applications. Souce code is available (alegedly, their GitLab instance was having an issue when I looked at it.) The site does have samples of ultrasonic applications caught in the lab and in the wild (http://sonicontrol.fhstp.ac.at/) which you could use for you experiments.

I've been interested in the interaction between ultrasonic and mobile technology since I saw Jameson Rader's XT Audio Beacons (https://github.com/jamrader/XTAudioBeacons) that were used to syncrhonize a lightshow from attendee's smartphones. Digging further into that I needed tools to detect and generate these signals. I first went to Audacity (https://www.audacityteam.org/) because I focusing on sound generation, but if I wanted to move data via ultrasound I would need modulation and demodulation which brought me to GNU Radio (https://www.gnuradio.org/).

I wasn't the first to think of that approach. There's a demonstration using commodity laptops (https://www.anfractuosity.com/projects/ultrasound-via-a-laptop/) where he sends data very slowly at 23kHz. They improved on the process and have nice full-duplax eample here: https://www.anfractuosity.com/projects/ultrasound-networking/

There is simple chat program that uses this technique called Quietnet (https://github.com/Katee/quietnet)

Others have raised privacy concerns about use of the technology (isn't there always?) In "Privacy Threats through Ultrasonic Side Channels on Mobile Devices" Arp, Quiring, Wressnegger, and Rieck (http://christian.wressnegger.info/content/projects/sidechannels/2017-eurosp.pdf) they describe using SilverPush (https://www.silverpush.co/) a marketing application to track a user via embedded signals is web ads.

It's also used in Google Nearby (which uses seen wi-fi APs, and bluetooth in addition to audio beacons.) When enabled a smartphone will generate ultrasonic signals and listen for other signals.

Now I want to head out to the maul with an audio spectrum analyzer. The available-parking sensors, the in-store tracking, the smartphons of passers-by-- what fun.

Kevin Liston

292 Posts
ISC Handler

private message to author: "https://isc.sans.edu/forums/diary/Do+you+hear+Laurel+or+Yanny+or+is+it+OnOff+Keying/23707/"

"full-duplax eample" {spelling}

"head out to the maul " [mall?]

in case it should be fixed. :)

skeeter

1 Posts

One's intentional, the other isn't.

skeeter
4 Posts