Hackers and spies no longer need special surveillance equipment to track your location and movements.
Researchers from the University of Washington’s Paul G. Allen School of Computer Science & Engineering have discovered a way to use the speakers and microphones built into smart devices — like phones, televisions and voice-controlled speakers — as surveillance tools that collect information about a nearby person’s body position and movements.
They conducted the research to expose security vulnerabilities in the everyday devices we’ve come to rely on. Using a software tool called CovertBand, the team was able to remotely hijack smart devices to play a repeating sound that bounces off of a person’s body, tracking movements and activity. It even works through walls.
CovertBand uses the same kind of sonar technology that allows submarine operators to determine the location, shape, and approximate size of an object. It sends out a repeating pulse of sound waves using the device’s speaker and then utilizes the microphone as a receiver to pick up the reflected sound.
“The smart device then transmits this information to the attacker, who could be a few feet away or halfway across the globe,” says a press release announcing the UW team’s findings.
Researchers tested CovertBand on a smartphone hooked up to a portable speaker and standard TV. The technology could detect repetitive movements like “arm-pumping, walking or pelvic tilts to a range of up to six meters from the smartphone.” The team that created CovertBand says that with enough data, machine-learning algorithms could help clarify more movements and identify them faster.
“To our knowledge, this is the first time anyone has demonstrated that it is possible to convert smart commodity devices — like smartphones and smart TVs — into active sonar systems using music,” Shyam Gollakota, a UW associate professor of computer science and engineering and the study’s senior author, said in the press release. “And the physical information CovertBand can gather — even through walls — is sufficiently detailed for an attacker to know what the user is doing, as well as other people nearby.”
CovertBand can play the repeating pulse it needs to track movement at a low volume, though it would likely be audible to children, young adults, and pets, researchers say. They were able to mask the sound with other audio files from the devices they hijacked.
“Since Covertband enables through-the-wall surveillance, anyone can play music on their smart devices to track people through walls,” said Takakuwa in the announcement. “This is concerning because, if a neighbor is playing music, it could either be a benign act or an act of surveillance to determine if anyone is in the adjacent apartment, track their movements or infer their activities.”
This kind of attack would be difficult to prevent. The UW team says sound-proofing, emitting a jamming signal, or disabling a device’s speaker and microphone would do the trick but they acknowledge those aren’t very realistic solutions.
The researchers hope that by calling attention to the vulnerability, it will encourage scientists to develop more practical countermeasures.
“We always want to stay one step ahead of the bad guys — of attackers who are trying to collect this information about users,” said co-author Tadayoshi Kohno. “We’re providing education about what is possible and what capabilities the general public might not know about, so that people can be aware and can build defenses against this.”
The UW researchers will present their findings at Ubicomp 2017 in September.