OT: Internet snoops

A cookie is not a piece of code.

--

John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  

jlarkin att highlandtechnology dott com 
http://www.highlandtechnology.com

Isn't the FTC one of the three agencies Rick Perry wants to shut down? Or was that the one he forgot? I think Ted Cruz wants to close that one too, so badly he listed it twice. No worries. Less government means companies won't be able to spy on you as much... er, wait, that's not right!

--

Rick

You're pushing into tinfoil hat territory with this. It's been going around as a probability, as I remember, one of those guys in a "what is possible" security think tank did a proof of concept.

But in reality: 1) How could the speakers in a device put out enough power to get any range without intermod in the amp and speaker causing audible artifacts. And 2) How sensitive is the microphone and sound card input to those frequencies?

This implies that there's no analog filtering on the audio inputs and that the "sound card" is digitizing this signal in a way that the software could analyze it. Is there some secret high speed clock built into the hardware so that it could do that above the audio range?

As I understand it, the sort of sigma/delta/sigma/whatever A to D converters they use now have a fairly hard limit on their high frequency response.

Mark Zenier snipped-for-privacy@eskimo.com Googleproofaddress(account:mzenier provider:eskimo domain:com)

I read of this elsewhere and I am not sure I believe it.

As far as speakers in say a TV set being able to put out ultrasonic, possib le but at a very low level. They would have to pound it with power. For a s hort burst it would probably not harm the speakers. However the trend towar d small has helped in that respect.

Most of this stuff has class D amps. Normally one would think that they are strictly bandwidth limited to avoid aliasing, however with the newer small er chips that switch alot faster and have a much smaller output filter, the y are well capable of ultrasonic.

However we have two other problems. One is the microphones. They would have to be able to pick this up and if you look at the frequency response curve of most microphones, they ain't gonna cut it. Maybe I am wrong but if you want an ultrasonic mic you have to design an ultrasonic mic.

The other problem is the medium. Sound is digitized and therefore must go t hrough an anti-aliasing filter. Anything like this has to be put in downstr eam of that, and that almost requires access to the hardware. If you have a website play audio in WAV format it is quantized at 44,100 Hz which means the absolute upper limit is 22,050 Hz. You are not going to have alot of ba ndwidth for signal to say the least.

The only thing I think they might do is have just a "tick" that is an absol utely precise number of microseconds that other devices will recognize. If all they are looking for is a connection between devices, and then download spyware on all the devices, then this seems plausible. But if someone thin ks they are sending your bank password from your phone to your smart toaste r, they are probably mistaken.

There is something that is really for real and is pervasive. Smart anything . With the help of Shodan, they have found people's baby monitors, microwav e ovens, TV sets, phones, all of that. That means hackers (which includes t he No Such Agency) can find out when you turn on your crock pot, open your fridge door, andd quite a few other things. If you saw the Linux MCE demo y ou know if you have that they know when you walk into another room in your house. This baby follows your bluetooth around so if you stick in a DVD in the livingroom and have to take a piss, it turns on the TV in the bathroom and switches to that source. Same if you go to the kitchen to get a sammich and a beer.

And now, more incredulous but true, the TV can see you. Well at least the c able box. I remember at work a long time ago some old Lady calls and asks " Can they see you through the TV ?" and it was a big joke. Sorry but we pick ed on the secretary for asking us techs but we took it easy on her because she was cool. The question was ridiculous back then, now, not so much.

There are cable boxes with low res (they say) cameras that are supposedly n ot much better than a motion detector, but they want to know if anyone is a ctually watching or the TV is just on and everyone is out in the pool. Or s leeping.

And now, how many years since they busted Gotti ? A cellphone tap that work ed even when he was not on the phone. the technology existed then, what mig ht they have now ? Well I can sum that up- a bit.

Computers have backup batteries, some of them (in the old days actually) we re built into ICs. (the RTC) It is possible that even if you turn your cell phone off and take out the battery, that it can record audio. Then when you are done with your drug deal or whatever you put the battery back in and t urn it on, it can send compressed digital data of all conversation it picke d up while you thought you were safe. I am not saying they are doing this, I am saying they CAN. It would have to be built in to the phone, and we hav e no way to know that it is not.

And you do know that all cars built after a certain yeear have a black box like an airplane. When you wreck, they can check your own car computer and see if you were braking, what speed you were going and all that. A politici an a few years back got accused of trying to kill himself because when he w recked his car it showed he was doing like 80 MPH and the weather was bad. I think being front wheel drive he was trying to get back on the road and p unching it but his tires gained no purchase. Not that I care, but I see how the wrong conclusions can bee drawn from raw data, especially when people want to draw certain conclusions. I believe this world is engaged in a whol e heap of post hoc ergo propter hoc.

And that will complicate life, and life complication is a moneymaker. There fore it will not stop.

I don't recall ultrasonic being mentioned. That is not synonymous with "inaudible".

--

Rick

Well, any web site you view can play sound with the video. That part is EASY, and requires no cookie. Just any of half a dozen video plus audio players.

If your phone is not turned on, it can't monitor these sounds. If your phone is a "dumb phone" it will not be able to run the listening app that receives this data. If you don't have data service on the phone, it is at least harder for the phone to send the data back to whoever is combining this data.

Since most people can't hear much above 16 KHz, it wouldn't be all that hard to send a 20-bit number by carrier keying a 16+ KHz tone, which should be able to be processed by typical PC sound card / speaker hardware. To avoid scrambling the data, you'd have to send it slow to avoid room echoes, but you could still send this much info in a couple seconds at the very worst.

It is a LOT harder to see how they'd arrange to pick up the info on the phone. There are SO MANY different phone OS's and other configuation options, phone company custom setups, etc. that it would be a LOT harder to get this installed on a bunch of phones than getting the inaudible message played by your PC while browsing.

I would have been TOTALLY sure this was all bogus tinfoil hat stuff, but that silverpush outfit really seems to exist, and lots of people are talking about it. Of course, it could ALL be a phony investment gimmick, NO WAY to make it work (as I comment above) but could get lots of investors thinkibng these guys will make billions! (This actually makes the most sense of all.)

Jon

Interesting take on it. Beats the hell out of issuing penny stocks.

Ahh, there are so MANY of these crazy idea investment scams going around. There's the Griggs boiler, the ECAT by Andrea Rossi (tabletop fusion reactor, but all the "tricks" are secret.) And, plenty more where those come from. None of these can possibly work, but they are always just DAYS away from going into full-scale production for a large international corporation or 3-letter US government agency.

Jon

For the alleged purpose, you don't need much.

The claim is that it's being used (or being designed for use) to correlate devices. For that, you simply need a unique identifier, which requires a few tens of bits at most. If you allow up a minute for the transfer, then one bit per second gives you a 30-bit identifier plus another 30 bits for error correction. That kind of transfer doesn't exactly require a good SNR.

OK, i will "byte",,what is it then?

It's just data.

--

Rick

.."If you have a website play audio in WAV format it is quantized at

44,100 Hz which means the absolute upper limit is 22,050 Hz." NOT true,this is a false ASS-u-ME-ption based on a loose goosey pop-U-lar interpretation of Nyquist,et al. Under the proper conditions, it is not hard to digitize and re-construct sine waves up to near that sample rate. Roughly toss the phase tracking and bandwidth...

It's a line of text in a browser's cookie file.

Apparently the "receive" part of this thing has to be built into an app that you install and run.

--

John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  

jlarkin att highlandtechnology dott com 
http://www.highlandtechnology.com