Most tracking you can at least reason about: radios that broadcast, identifiers that get logged. Ultrasonic tracking is stranger, because it uses sound your ears can’t hear to link your devices and follow your behavior across the physical and digital worlds. It’s the kind of thing that sounds like paranoia until you understand the mechanism, at which point it just sounds like advertising, which is what it is.
How it works
The idea is to hide a signal in sound. A tone too high for human hearing can be embedded into a television ad, a web page, a piece of in-store audio, or an app, and emitted through ordinary speakers. Nearby devices, if they’re running software listening for it through the microphone, pick up that tone and report it. Because the same inaudible code can be played in different places and times, whoever planted it can connect the dots: the phone that heard this ad on the TV is the same phone that walked into that store and visited that website.
That cross-device, cross-context linking is the whole point. It lets a tracker tie your phone to your tablet to your laptop, or tie your physical presence in a shop to your online identity, all without any of the obvious identifiers, just by using sound as a covert beacon.
What makes it possible
The vector depends on one thing above all: an app on your device with permission to use the microphone, running code that listens for these tones. The infamous examples worked exactly this way, through advertising kits embedded in ordinary-looking apps that quietly monitored for ultrasonic beacons in the background. The user thought they had installed a game or a utility. They had also installed a listener.
This is why the vector is a microphone-permission story at heart. No microphone access, no ultrasonic tracking. The whole technique collapses if the apps that would listen never get to.
How worried to be
Here’s where it nets out. Ultrasonic tracking had its heyday and drew enough scrutiny that the most notorious advertising kits faded, so this isn’t the most pressing threat most people face today. We’re including it not as a panic but as an illustration, because it makes a general principle vivid: an app you’ve given the microphone can listen for far more than you think, including signals you can’t perceive at all.
The defenses are the same ones that protect you from the whole category of opportunistic tracking. Be ruthless about microphone permissions, granting them only to apps that obviously need them and only while in use. Favor a de-Googled phone like SovereignOS that strips out the advertising and tracking layers many of these kits depend on, and that gives you tight, honest control over what each app can reach. And install few apps from sources you trust, because every app is a potential listener, and the quiet ones are the ones to watch.
Ultrasonic tracking is a reminder that not every leak announces itself. Some of them are literally silent. The protection isn’t a special tool, it’s the discipline of deciding what your phone is allowed to hear.
Related reading
- App Permissions: Your Apps Are the Leak
- The Bluetooth Mesh That Tracks You Across Town
- The 7-Layer Phone Tracking Stack
SovereignOS is a hardened, de-Googled phone, set up the way we would build one we had to rely on ourselves. One-time price, no subscription, no account required.
See SovereignOSRecent Comments
Post Widget
Should You Trust Signal?
Social Media Widget
Customer service
Real people, ready to help. Reach our team anytime at hello@spicycorp.com.
Fast Free Shipping
Get free shipping on orders of $150 or more (within the US)
Returns & Exchanges
We offer free returns and exchanges within 30 days of purchase.