Manuel Eichelberger and Simon Tanner, two doctoral students at EHT Zurich, have come up with a way to embed data in music. The embedded data can be picked up by your cell phone’s microphone, allowing it to automatically connect to a mobile hotspot. The intended application here is that when you go into a hotel or a coffee shop, the music playing over the loudspeaker will send data to your phone that allows it to automatically connect to the establishment’s hotspot. You would no longer need a Wi-Fi password, and you wouldn’t even know that the connection occurred until you looked at your phone.
How Music Data Transmission Works
Eichelberger and Tanner found that data can be embedded in music around 9.8 kHz to 10 kHz, which is in the audible spectrum. This doesn’t change the sound of the music much. Listening to the music on headphones, you may notice a little bit of a warble, but when you’re in a grocery store or other place of business where the music is coming through the loudspeaker, you will likely not hear any distortion. But the music will be sending out signals that will allow your cell phone to connect to the in-store hotspot. One can speculate that this will most likely lead to advertisements being pumped to your phone.
Motives Behind This
Right now, the thinking is that there are transmitters and receivers everywhere. There are always loudspeakers playing music in stores, and there are always people wandering around with cell phones in their pockets. The exchange of data would occur millions of times per day if not more. The researchers are suggesting that this could be a great way to deliver Wi-Fi information to people without them having to type in passwords. With convenience also comes the issue of digital security and one can only imagine what other uses could be employed.
Let’s think for a second about cybercrime. One of the quickest ways cybercriminals can hack your mobile devices is by setting up fake hotspots in restaurants and other public places. You go to these places and want to connect to the hotspot only to connect to a Wi-Fi signal that is being sent out by a hacker. Once you’re connected, the hacker is able to retrieve information off of your phone or another mobile device. With a service allowing people to send data through music, the implications can be much, much worse. Hackers wouldn’t even have to rely on you to type in a password in order to connect. You wouldn’t have to do anything. You would simply have to be in the vicinity of the music for your cell phone to retrieve the data. At that point, a cybercriminal could have access to all of the information on your mobile device.
Need for Added Security
This brings up the possibility of security holes in mobile devices. Today, many mobile companies are moving towards biometrics such as facial recognition software, two-factor authentication, and other security measures in order to keep unwanted individuals out of your personal devices. Sending out hidden data through the airwaves could easily bypass a lot of these data security measures. At a frequency that you wouldn’t even be able to notice, it would be impossible to avoid walking in areas where music is playing. You would never know if your cell phone is picking up information or not. This is straight out of a science fiction movie and is going to require additional data security measures in order to prevent unethical hackers from using this type of technology to access individual data.
What You Can Do
This technology is new, but cybercriminals have been working tirelessly for decades to hack into systems large and small. Data breaches are occurring more and more every year. Ransomware attacks are affecting small businesses. Identity theft is on the rise. Sending data through music will most likely become another weapon in the cybercriminal’s arsenal, and there’s little doubt security measures are going to have to be put in place in order to prevent over-the-air data attacks.
If you believe your personal devices have been compromised, reach out to Secure Forensics at 1-800-288-1407. We specialize in data breaches and mobile phone forensics and will be able to identify any suspicious activity.