Embedded Data Signals

Sometimes new technology comes out that could have interesting opportunities for security. Good and bad. Slashdot recently had an article about embedding data signals in white noise. The idea is a company called Intrasonics could push data signals within the spectrum of frequencies your speakers can put out and allow devices to decode this on the coupled audio signal and get data. Possible commercial applications include sending web urls on the radio, or even to include the artist name/title etc. in the signal.

In classic /. style people bitch about it without understanding its real potential. How about the ability to send a special key to authenticate yourself to a device from a particular ring tone on your phone? So if you want a coke, you could use the sound coming from your cell, pick it up in the vending machine, and charge your account. Why need bluetooth, which requires extra hardware on the consumer device, when you can simply add software to embed the signal (which most phones can do now) and then simply add a microphone to pick it up on the machine. Of course, you need some way to protect the signal (how about some simple crypto) and provide directional control so that you don't accidentally buy the chocolate bar instead of the coke.. but you get the idea.

Anyways back from that tangent on how this could be good/bad for security. Sigint work (signal intelligence) has been dealing with this very thing for a LONG time. This process isn't new. Moons ago the NSA used to do research on the "Whistler" which was a way of using covert channels to send data over other media. The problem they found was that when used, it could simply be detected when the dogwent nuts. So Russians could simply bring their pooch to "sniff" the covert signal in a round about way. What makes this approach different is that its in a spectrum of white noise which as humans we just ignore. Or so you think. This has real potential as it could provide mechanisms for data delivery, and not care if its covert. Sigint would be able to detect it, but if the bandwidth is large enough, the signal can be encrypted in a way to provide the security that is needed while delivering the information. So if you wanted to get a signal out of a country, you could use packet radio, and piggyback it from a tower with white noise for data delivery. How could this be useful? Well, all of a sudden you can track people by the tower that would simply piggy back the main signal with a GPS coordinate of the tower. Now you have a "round about" method of knowing where the signal came from, even if it bounces off the ionisphere. Sigint could more easily trace any signal that can piggyback white noise. See the potential?

If you can not see the potential for tagging here, consider this. You are in the music business and you want to know which radio stations are "pirating" songs by not paying for distribution. Perhaps they go out and buy a CD, but have not actually bought rights to redistribute. Redistributable songs could have a tag that is trackable. The music industry could quite simply track and tag signals from broadcasters, and then follow up and charge them for illegal use of songs. How? Cuz the hidden signal shows its a end user copy... not a track for radio to play.

Anyways, it will be interested to see if they can make this work commercially. You could get TV shows like Barney update the doll and make it more "interactive" during the show. Of course, like every other media the pr0n industry will probably find a way to embedd it in Debbie Does Dallas XVIII and have it be interactive with your Real Doll. *sigh* Hopefully we will see good things from it in the future.