Hacked smart devices double as surveillance tools, new research finds

By Dyllan Furness August 21, 2017

CovertBand: Activity Information Leakage Using Music

Hackers can turn smartphones, tablets, and smart TVs into surveillance tools by exploiting their built-in microphones, according to a new study out of the University of Washington. With the device hijacked, the attacker can detect body position and movement of people within its vicinity, raising additional concern about the security of smart devices, which made the news earlier this year with

Recommended Videos

revelations about the ease with which they can be comprised.

“We were curious about the privacy threats that these devices can expose users to,” Shyam Gollakota, senior author of the study and UW associate professor of computer science and engineering, told Digital Trends. “So we asked the question, ‘How about a simple task of playing music on these devices? Can we use music to achieve surveillance on people?’”

Gollakota and his team used software called CovertBand, which allows a smart device to double as a remote-controlled sonar system, by taking advantage of a device’s built-in speaker and microphone. The researchers manipulated the devices to play modified music and the software could then analyze reflected sounds to track body movements and position.

“The way this works is that we embed a chirp signal in the music and hide it using the beats of the music,” Gollakota explained. “These signals get reflected off the human body and can be observed by the microphones in these devices. We can analyze these reflections and can figure a whole host of things about the person.”

The UW team hid the subtle chirp in songs by artists like 2Pac and Michael Jackson, which you can hear here. The chirps are slight but not always indistinguishable. In the study, listeners could identify the edited songs 58 percent of the time.

Using CovertBand the researchers were able to detect multiple individuals within the same room as the device and even behind barriers, such as thin walls. Without barriers they could detect a walking individual about twenty feet away with an error of around seven inches. Through a thin wall that distance decreased by about half.

Though the idea is unsettling, this isn’t the most secretive surveillance technique — an attacker has to literally play music for it to work. If someone tried this on your home smart TV, you’d surely notice. It nonetheless demonstrates the potential for such devices to be exploited in private or public spaces.

“Be careful about what kind of audio can be played on your device,”Gollakota advised. “Strictly control what kind of apps can use both your speaker and microphones and ensure that only the most trusted apps can do so.”

The researchers will present their report next month at the Ubicomp 2017 conference.

Topics

Former Digital Trends Contributor

Dyllan Furness is a freelance writer from Florida. He covers strange science and emerging tech for Digital Trends, focusing…

Cars

Nissan launches charging network, gives Ariya access to Tesla SuperChargers

nissan charging ariya superchargers at station

Nissan just launched a charging network that gives owners of its EVs access to 90,000 charging stations on the Electrify America, Shell Recharge, ChargePoint and EVgo networks, all via the MyNissan app.It doesn’t stop there: Later this year, Nissan Ariya vehicles will be getting a North American Charging Standard (NACS) adapter, also known as the Tesla plug. And in 2025, Nissan will be offering electric vehicles (EVs) with a NACS port, giving access to Tesla’s SuperCharger network in the U.S. and Canada.Starting in November, Nissan EV drivers can use their MyNissan app to find charging stations, see charger availability in real time, and pay for charging with a payment method set up in the app.The Nissan Leaf, however, won’t have access to the functionality since the EV’s charging connector is not compatible. Leaf owners can still find charging stations through the NissanConnectEV and Services app.Meanwhile, the Nissan Ariya, and most EVs sold in the U.S., have a Combined Charging System Combo 1 (CCS1) port, which allows access to the Tesla SuperCharger network via an adapter.Nissan is joining the ever-growing list of automakers to adopt NACS. With adapters, EVs made by General Motors, Ford, Rivian, Honda and Volvo can already access the SuperCharger network. Kia, Hyundai, Toyota, BMW, Volkswagen, and Jaguar have also signed agreements to allow access in 2025.
Nissan has not revealed whether the adapter for the Ariya will be free or come at a cost. Some companies, such as Ford, Rivian and Kia, have provided adapters for free.
With its new Nissan Energy Charge Network and access to NACS, Nissan is pretty much covering all the bases for its EV drivers in need of charging up. ChargePoint has the largest EV charging network in the U.S., with over 38,500 stations and 70,000 charging ports at the end of July. Tesla's charging network is the second largest, though not all of its charging stations are part of the SuperCharger network.

Emerging Tech

Juiced Bikes sold at auction for $1.2 million, report says

The Juiced Bikes Scorpion X2 adds more power, upgraded tires, and an improved battery to the popular moped style e-bike.

Juiced Bikes, the San Diego-based maker of e-bikes, has been sold on an auction website for $1,225,000, according to a report from Electrek.Digital Trends recently reported how the company was showing signs of being on the brink of bankruptcy. The company and its executives had remained silent, while customer inquiries went unanswered and its website showed all products were out of stock. In addition, there were numerous reports of layoffs at the company.Yet, the most convincing sign was that the company’s assets appeared as listed for sale on an auction website used by companies that go out of business.Now, it appears that Juiced Bikes’ assets, including a dozen patents, multiple URLs, and the company’s inventory in both the U.S. and China, have been sold at auction, according to the report. It is likely that the buyer, who remains unknown, can capitalize on the brand and the overall value of the 15-year old company. Founded in 2009 by Tora Harris, a U.S. high-jump Olympian, Juiced Bikes was one of the early pioneers of the direct-to-consumer e-bike brands in the U.S. market.
The company had quickly built a reputation for the versatility of its e-bikes and the durability of their batteries. Over the years, the popularity of models such as the CrossCurrent, HyperScrambler, and RipCurrent only bolstered the brand’s status.Last year, Digital Trends named the Juiced Bikes Scorpion X2 as the best moped-style e-bike for 2023, citing its versatility, rich feature set, and performance.Juiced Bikes’ getting sold quickly might be a sign of what consulting firm Houlihan Lokey says is a recovery in the North American e-bike market.
The industry has had a roller-coaster ride during and after the COVID-19 pandemic: A huge spike in demand for e-bikes had combined with disrupted supply chains to create a supply/demand mismatch of “historic proportions," Houlihan Lokey said.

Cars

Rivian gets Knight Rider spooky for Halloween

Michael Knight sitting on the hood of his car KITT in a scene from Knight Rider.

Rivian vehicles are known for giving drivers the chance to take the party on the road, whether it’s stowing a travel kitchen onboard or using its elaborate software systems to spice things up.With Halloween just around the corner, the automaker based in Plymouth, Michigan, is pulling out some treats from its bag of tricks: Rivian owners are getting a number of options to turn their vehicles into traditional spooky or full-on sci-fi entertainment hubs.A software update available on the Rivian Mobile App until November 4 provides Car Costumes, which take over the vehicle’s screen, lighting, and sound systems while in park to transform it into three different cars.Nostalgic fans of the Knight Rider TV series will be pleased with the option to turn their Rivians into the famous K.I.T.T. crime-fighting car. After choosing the option on the app, the car’s interior display system features K.I.T.T.’s diagnostics on screen while playing the original show intro music. Here's an extra treat for Rivian Gen 2 owners: The exterior light bar will feature K.I.T.T.’s iconic beaming red light while playing its scanner sound effect.No-less nostalgic fans of Back to the Future movies will also get their treat with a chance to turn their vehicle into the DeLorean Time Machine. With this option, the screen turns into the classic time-traveling interface while the audio system plays the movie’s music and acceleration sound effects. Once again, Rivian Gen 2 owners get an extra treat. Hitting the key 88 mph button will engage the car’s lighting and sound effects in the front and back of the car to whizz you through the sound barrier.For a more traditional spooky time, you can opt for the Haunted Rivian car costume, featuring eight different sound effects and three different color themes. Static and ghosts will take over your interior display.Rivian Gen 1 owners get a green animation on the outside of the vehicle. Gen 2 owners can turn the exterior light bar into whichever color option they find most frightful.