Researchers believe some popular smartphones may be listening a little too closely to your activities.
A team from the German Technical University of Braunschweig (Brunswick) found 234 Android applications that contain code, known as SilverPush, that listens for ultrasonic signals embedded in media or emitted by beacons. Though primarily intended to track users’ media consumption and shopping habits to help target advertising, the research team says the apps could also potentially be used to establish users’ identities across multiple devices, track location, and even de-anonymize services like Bitcoin and Tor.
The most widely-downloaded of the detected apps do not notify users of these capabilities.
Researchers identified apps by comparing known SilverPush code to a database of 1.3 million apps. The apps found to contain SilverPush code include those from McDonald’s and Krispy Kreme in the Philippines, each installed by around 500,000 Android users. The other apps were predominantly targeted at users in India and the Philippines, and some had as many as 5 million downloads. Researchers found that the use of SilverPush had proliferated over time, from 39 apps found in December of 2015 to 234 in January of this year.
Submitted by: Arnfried Walbrecht