Some time ago I posted about a proof of concept style hack to use a computer's mic and speakers to bridge air-gapped computers and potentially defeat that layer of security. I recall that few thought much about the threat, and many even doubted that it existed.
Now this technology has been 'weaponized' by advertisers. PC World, ARS Technica
I'm taking this as notice of a new area of the spectrum being opened to intrusion and exploitation. You already can't have cameras in some secure locations. Any bets on how long till a kneejerk ban on 'audio devices' is proposed?
Dang. This has been real-world since 2015.
SilverPush’s company policy is to not "divulge the names of the apps the technology is embedded," meaning that users have no knowledge of which apps are using this technology and no way to opt-out of this practice. As of April of 2015, SilverPush’s software is used by 67 apps and the company monitors 18 million smartphones.
The CDT letter went on to cite articles reporting that cross-device tracking has been put to use by more than a dozen marketing companies. The technology, which is typically not disclosed and can't be opted out of, makes it possible for marketers to assemble a shockingly detailed snapshot of the person being tracked.
I wonder if there's any way to limit PC audio hardware to only the audible spectrum?
OK - decent news on this.
1 - Android Only (so far)
2 - Not being used in the US
3 - FTC is not standing on the sidelines passively watching