Your Phone Could Be Eavesdropping On You
Smartphones are a great device that offers a variety of services that make our lives easier and faster. Since smartphones are used in multiple scenarios by everyone every single minute for utilizing sensors, stores huge amounts of data, and people using it in intimate scenarios and locations, they also raise concerns about being remote devices for bugging, killing privacy, and security.
In past years, a massive number of complaints have occurred that state that their personal or business conversations with the smartphones present, somehow led to the displaying of advertisements of the things mentioned during the private conversation. A number of smartphone users believe that their device listens-in to their conversations at times. This topic has been around for a long time and has attracted the attention of both the researchers and the general public. However, some don’t even consider the suspicion of your smartphone eavesdropping on you while others believe it to be completely logical and possible. Due to the lack of proof, one cannot ignore the possibility of the well-defined and planned listen-in attacks being highly successful and still remains undetected.
The users believe that at times, their private conversation is secretly recorded via smartphones, analyzed, and results in the advertisement of goods and services mentioned in the private conversation. The advertisements mentioned by the victims of such events consisted of a very wide variety of service and product categories like foods, beverages, clothing, medicines, consumer electronics, cars, products for pet care, destinations of holiday trips, equipment for sports, appliances used in homes, etc. Even, some of the reported incidents claimed that the advertisements sometimes indicated the topic of conversations and sometimes indicated the exact product, about which the conversation was.
As we all know, smartphones nowadays, come with a built-in microphone used for and capable of recording any sort of audio (including private conversations and sensitive data contained in it) and transmitting the recorded audio or the information to almost anywhere and everywhere and even to the extraction servers on the Internet. To perform any sort of recordings via an app, the app will need permission to access the microphone and it is seen widely that users never pay attention to the requests an app is asking in order to function. Thus, leading the app to access the microphone however and whenever required and record any sound that enters the microphone.
The complete process from recording audio to displaying advertisements includes an organization or company that is aimed to filter audiences for different ads. This organization/company hires or contacts an actor for the purpose of recording the private conversation. This actor, who performs the recording task, can be the provider of the operating system or a third-party non-system app installed or even the libraries of the third-party apps installed. Once the speech is recorded, the actor filters and processes the information and sends it to the organization/company which requested it. When this data is received by the responsible organization/company, it searches and finalizes a specified advertisement for the targeted user or audience, and then applies for the request of displaying an advertisement on the targeted device and its linked devices, to an advertisement publisher.
However, there are indications that let the user detect the event of recording. In iOS, whenever the hidden recording initiates, the status bar of the iOS turns bright red, making the user aware about it. Also, Android versions 9 (pie) and above supports similar features but the previous versions of Android do not display or hint at any indications, thus, letting the event stay undetected and successful.
Some of the researchers even shock you by explaining how the smartphone sensors can be used to gather private conversations. One of the research explains that they did not discover any effects on smartphone sensors of a normal conversation but several other researches concluded that they were able to detect the machine-rendered speech, which was enough to extract useful information from it. However, this is even a limitation because of the limited range of frequency the sensors can capture. For instance, android’s accelerometer has the capability of reading a maximum of 200hz frequency and gyroscope has 100hz of frequency limit, whereas men’s voice ranges between 85Hz to 155Hz and women’s voice ranges from 165Hz to 255hz. Since the sensors aren’t blocked by permissions to apps, they are easily accessible to any third-party app installed.
Such events aren’t bound to be initiated through apps but can also be initiated via the operating system providers. Operating systems can quite easily access files and sensitive data on your smartphone and can get it transmitted via the Internet without even the user’s knowledge. Even Android and iOS have been doing it massively. A research revealed that to access and transmit data or information of any form, iPhones when not used (kept idle) are hit with four requests per hour to do so, but when used heavily, are hit with eighteen requests per hour to do so. These readings are nothing when compared to Android requests to access and transmit data. Android devices receive forty requests (when not in use) by Google every hour to do so and ninety requests during the heavy use hour.
However, Android and iOS, both scan the existing and new apps via both automated and manual processes. Since, any misbehavior in any app can affect their platform’s reputation and so, they seek every possible measure to avoid the occurrence of such apps or abusive events. Not just, Apple and Google set regular checks, but nowadays, a wide variety of organizations and researchers are making regular checkups to detect any sort of threats. And even after the increasing number of safety measures and scans on a regular basis, several such events manipulate and skip the security steps and get to perform events successfully while remaining undetected.
Since smartphones are used massively around the globe, they tend to become the most preferred target and quite the easy ones. Any hacker/attacker or a skilled computer user can access any user’s mobile device. Even, several law enforcement authorities invest a lot of time and money to somehow gain access to electronic devices to collect valuable data including passwords, location, messages, personal notes, contacts, etc. Other than collecting valuable data, the attacker who gains access to a smartphone can switch the microphone on/off without any hints reaching the user.
Even though much researches have already taken place, but still there hasn’t been any evidence gathered to prove these events to be truly in existence. However, even the contrary hasn’t been proved. It is being believed that with the amount of transparency, Android and iOS serve for data collecting, one of the adversaries maybe possibly running eavesdropping events, that are too sophisticated to be detected. So, knowing that eavesdropping operations are possible and there aren’t any solutions for users till the time, one should be quite careful while allowing permissions to various third-party apps (to avoid being victims of these malicious events).
If you like this article, follow us on Twitter, Facebook, Instagram, and Linkedin.
