Nowadays users often possess a variety of electronic devices for communication and entertainment. In particular, smartphones are playing an increasingly central role in users’ lives: Users carry them everywhere they go and often use them to control other devices. This trend provides incentives for the industry to tackle new challenges, such as cross-device authentication, and to develop new monetization schemes. A new technology based on ultrasounds has recently emerged to meet these demands. Ultrasound technology has a number of desirable features: it is easy to deploy, flexible, and inaudible by humans. This technology is already utilized in a number of different real-world applications, such as device pairing, proximity detection, and cross-device tracking.
This paper examines the different facets of ultrasound-based technology. Initially, we discuss how it is already used in the real world, and subsequently examine this emerging technology from the privacy and security perspectives. In particular, we first observe that the lack of OS features results in violations of the principle of least privilege: an app that wants to use this technology currently needs to require full access to the device microphone. We then analyse real-world Android apps and find that tracking techniques based on ultrasounds suffer from a number of vulnerabilities and are susceptible to various attacks. For example, we show that ultrasound cross-device tracking deployments can be abused to perform stealthy deanonymization attacks (e.g., to unmask users who browse the Internet through anonymity networks such as Tor), to inject fake or spoofed audio beacons, and to leak a user’s private information.
Based on our findings, we introduce several defense mechanisms. We first propose and implement immediately deployable defenses that empower practitioners, researchers, and everyday users to protect their privacy. In particular, we introduce a browser extension and an Android permission that enable the user to selectively suppress frequencies falling within the ultrasonic spectrum. We then argue for the standardization of ultrasound beacons, and we envision a flexible OS-level API that addresses both the effortless deployment of ultrasound-enabled applications, and the prevention of existing privacy and security problems.
Keywords
- Ultrasounds
- Deanonymization
- Privacy Violation
- Cross-device Linking
Understanding Privacy-Related Advice on Stack Overflow Revisiting Identification Issues in GDPR ‘Right Of Access’ Policies: A Technical and Longitudinal Analysis Employees’ privacy perceptions: exploring the dimensionality and antecedents of personal data sensitivity and willingness to disclose Visualizing Privacy-Utility Trade-Offs in Differentially Private Data Releases Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices CoverDrop: Blowing the Whistle Through A News App Building a Privacy-Preserving Smart Camera System FP-Radar: Longitudinal Measurement and Early Detection of Browser Fingerprinting Are iPhones Really Better for Privacy? A Comparative Study of iOS and Android Apps How to prove any NP statement jointly? Efficient Distributed-prover Zero-Knowledge Protocols Editors’ Introduction PUBA: Privacy-Preserving User-Data Bookkeeping and Analytics Who Knows I Like Jelly Beans? An Investigation Into Search Privacy SoK: Plausibly Deniable Storage d3p - A Python Package for Differentially-Private Probabilistic Programming Updatable Private Set Intersection Knowledge Cross-Distillation for Membership Privacy RegulaTor: A Straightforward Website Fingerprinting Defense Privacy-Preserving Positioning in Wi-Fi Fine Timing Measurement Efficient Set Membership Proofs using MPC-in-the-Head Checking Websites’ GDPR Consent Compliance for Marketing Emails Comprehensive Analysis of Privacy Leakage in Vertical Federated Learning During Prediction Understanding Utility and Privacy of Demographic Data in Education Technology by Causal Analysis and Adversarial-Censoring User-Level Label Leakage from Gradients in Federated Learning Privacy-preserving training of tree ensembles over continuous data Differentially Private Simple Linear Regression Increasing Adoption of Tor Browser Using Informational and Planning Nudges