back to article Boffins blast beats to bury secret sonar in your 'smart' home

Researchers at the University of Washington have devised a way of conducting surreptitious sonar surveillance using home devices equipped with microphones and speakers. The technique, called CovertBand, looks beyond the obvious possibility of using a microphone-equipped device for eavesdropping. It explores how devices with …

  1. bombastic bob Silver badge
    Black Helicopters

    yet another reason...

    yet another reason to NOT have a device with an "open mic" on all of the time in your house.

    (there should at least be a physical switch to disconnect it. same with cameras. and not a 'soft disconnect' either - a HARD disconnect)

    1. Anonymous Coward
      Anonymous Coward

      Re: yet another reason...

      "yet another reason to NOT have a device with an "open mic" on all of the time in your house."

      My mobile phone....does that count as an open mic? That's actually a genuine question....apologies if I'm being thick......

      1. Blacklight

        Re: yet another reason...

        Depends on a variety of things :)

        Your phone mobile is permanently wired, it can't be disconnected. As to wether it's "active" is down to software, listening to the input channel.

        The various assistants (Siri etc) can be configured to either "listen all the time" (keyword activation) or after a button press (Siri). But do you trust that's what they're actually doing? :)

        If you've got a Smartphone, and you can't take the battery out, you can't be 100% certain that it's not listening, That's the basic fact. Assuming you haven't run some third party apps with access to microphones, or granted access to those apps, then you should be "as safe as your assistant settings" are configured.

    2. Christian Berger

      Re: yet another reason...

      I think it was in a Chaosradio episode where they joked about having 2 of those systems on IP switchable power sockets. That way you can instruct one of the systems to turn off the other one. :)

  2. Neil Barnes Silver badge

    The simplest ways are best

    Don't allow these 'helpful' devices into the home.

    I'm reminded of a scene from 'The Moon is a Harsh Mistress' in which Mycroft is complaining that he can't eavesdrop due to a primitive brute force switch...

    1. Anonymous Coward
      Anonymous Coward

      Re: The simplest ways are best

      So why not go Nineteen Eighty-four and ban hard switches?

      1. Anonymous Coward
        Anonymous Coward

        Re: The simplest ways are best

        So why not go Nineteen Eighty-four and ban hard switches?

        Has already happened. Show me any modern IoT gadget with a power switch that actually cuts power. The only way to be certain is unplug the damn things, which rather defeats the whole point.

      2. Flocke Kroes Silver badge

        Re: ban hard switched

        IIRC, cell phones are required not to have a physical switch to disconnect the microphone because 1984 was being used as an instruction manual.

      3. Christian Berger

        Re: The simplest ways are best

        "So why not go Nineteen Eighty-four and ban hard switches?"

        There are lots of people who propose that by thinking it's OK if the manufacturer disallows you from modifying the firmware of the device you bought. In fact that's one of the main motivations behind "Secure Boot".

        1. John Brown (no body) Silver badge

          Re: The simplest ways are best

          "There are lots of people who propose that by thinking it's OK if the manufacturer disallows you from modifying the firmware of the device you bought. In fact that's one of the main motivations behind "Secure Boot"."

          Like buying a fairly expensive drone and then the manufacturer tells you if you don't apply the latest update they'll disable your device and prevent you flying it for your safety.

    2. Mage Silver badge

      Re: The simplest ways are best

      Especially ones with a parabolic rotating horn.

      I made a rotating horn fed by 40kHz transducers. That's a wavelength of 7.5mm. X band radar is about 4x less resolution.

  3. Ben1892

    Even Batman...

    ...thought it was a bad idea to have this technology.

  4. Gordon Pryra

    "There are a number of possible defenses"

    its a tad late, and if people are now talking about it, it means that the NSA will have a fully working system already running.

    Sooooo on past performance, give it a week and they will have given the tools to the enemy and will be blaming North Korea for mapping your movements some time soon

    1. imanidiot Silver badge

      Re: "There are a number of possible defenses"

      Defense number one is not bringing devices like Echo or Home into your home.

      1. Charles 9

        Re: "There are a number of possible defenses"

        So what happens if they have resolution greater than a house AND the neighbor has one? Or they're able to be used from OUTSIDE the house, meaning they can used on the street?

        1. not.known@this.address
          Boffin

          Re: "There are a number of possible defenses"

          The size of the device limits the effective range - plus sonar doesn't work so well through walls.

          If you want to spy through walls, you need something that won't get bounced back by a couple of inches of brick or concrete - and if it's powerful enough to get through that, the soft pink squidgy meatsacks wandering around the room won't show up. Plus the volume would need to be so loud that you'd need to convert everyone to Heavy Metal fans...

  5. Martin Summers

    Something similar to this exists already:

    https://www.amazon.co.uk/Cocoon-All-Smart-Security-System/dp/B0120BP0V0

  6. Pen-y-gors

    I wonder...

    I don't understand all these things. Obviously storing your Alexa/Echo unit in a soundproof box in the garden is a good start, but what about phones/laptops etc? Switching off the mic by software presumably can be compromised. Blob of araldite over the built-in mic? Then only use a plug in mic when you need to.

    1. Paul Crawford Silver badge

      Re: I wonder...

      Do the mic jack plugs physically unplug the built-in mic? If so you could simply plug in a shorted connector.

      1. phuzz Silver badge

        Re: I wonder...

        Even better, plug an mp3 player into the external mic socket, playing a constant loop of Never Going To Give You Up.

        1. Pompous Git Silver badge

          Re: I wonder...

          "plug an mp3 player into the external mic socket, playing a constant loop of Never Going To Give You Up."

          Or this...

        2. Charles 9

          Re: I wonder...

          "Even better, plug an mp3 player into the external mic socket, playing a constant loop of Never Going To Give You Up."

          And if the listener happens to be kinky enough to LIKE Rick Astley? No joke. I knew a guy whose two favorite songs where the above and "Together Forever".

      2. Steve the Cynic

        Re: I wonder...

        "Do the mic jack plugs physically unplug the built-in mic? If so you could simply plug in a shorted connector."

        The other poster mentioned phones. Whose phone even *has* a mic jack? (No, the mike on the wired hands-free headset does not count.)

      3. Anonymous Coward
        Anonymous Coward

        Re: I wonder...

        Do the mic jack plugs physically unplug the built-in mic? If so you could simply plug in a shorted connector.

        I think that idea was stopped when people started to use headphones and idiots complained about the phone not working. I think it now needs a proper TRRS connector before anything changes, and that tends to trigger on detected impedance. In short, the answer is no from a pure electrical POV, it's usually done via a soft switch which brings us back to the original problem..

      4. analyzer

        Re: I wonder...

        Just buy some 3.5 jacks and plug them in, no cable needed. That physically disconnects the speakers and microphone whilst removing any possibility of damaging your system. After all, you may want to use them under controlled circumstances.

        1. Charles 9

          Re: I wonder...

          Nope, they're not hardwires. Like on laptops, the OS can track BOTH inputs and simply turns the built-in one off by software when a TRRS device is installed (and it has to be a real one--they detect it by impedance and will flag you if something is amiss, claiming it's a malfunctioning mic). That means something with system-level permissions can override.

    2. HieronymusBloggs

      Re: I wonder...

      "storing your Alexa/Echo unit in a soundproof box in the garden is a good start"

      My preferred method is to leave it stored in a cardboard box on the shelf of the warehouse from which I didn't buy it.

      1. Charles 9

        Re: I wonder...

        Then what happens WHEN (not IF) you get one DESPITE not buying it? Bet you credits to milos they get it cheap enough to give away in the near future. The Telescreens are coming...

  7. animal69

    https://youtu.be/MFsWpd-iz1A

  8. Prosthetic Conscience
    Terminator

    "These tests show CovertBand can track walking subjects with a mean tracking error of 18cm and subjects moving at a fixed position with an accuracy of 8cm at up to 6m in line-of-sight and 3m through barriers,"

    Precise enough so the H-K drone can snipe you through the roof/walls without visual contact. Impressive

  9. JimboSmith

    or this https://www.youtube.com/watch?v=_UEXn2MZ3vs

  10. Daedalus

    Which one's Pink?

    "plays music to cover sonar pings"

    Or plays "Echoes".

  11. Bibbit

    Someone tell Lucian Fox

    They did a Hollywood (ie stupidly graphical) version of this in "The Dark Knight", did they not?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like