Smartphone Sensors Pose Security Threat

Newly discovered vulnerability shows a phone's accelerometer can detect vibrations from key presses on a nearby keyboard.

InformationWeek Staff, Contributor

October 28, 2011

2 Min Read
InformationWeek logo in a gray background | InformationWeek

10 Epic Android Apps

10 Epic Android Apps


10 Epic Android Apps (click image for larger view and for slideshow)

As smartphones become more powerful, technologists have increasingly referred to the devices as pocket-sized computers. Yet less often do the experts consider the implications of a different aspect of the devices workers are carrying around: that of a capable pocket-sized suite of sensors.

Researchers have begun to focus on this facet of mobile phones. Last week, for example, computer scientists at Georgia Tech showed how placing a phone on a desk could allow its accelerometer to detect the vibrations from key presses on a nearby keyboard and pick out words with an accuracy of up to 80%.

The research showcases the possibilities in using a smartphone's sensors in innovative ways; while the attack might be more difficult than other methods of keylogging, it could be used for espionage to great effect, said Patrick Traynor, an assistant professor in the school of computer science at Georgia Tech.

"The best-case scenario here, if you are an attacker, is if you are going after a very specific person," he said. "I think it is realistic in that case."

People have started adapting to the implications that they are carrying around a capable computer in their pockets, but still have not absorbed the fact that they also are carrying a capable sensor suite as well. Last year, researchers from Rutgers University showed how attackers could use an Android rootkit to listen in on conversations by intercepting calendar events and turning on the microphone during scheduled meetings. A year ago, an Android Trojan known as Tapsnake tracked users' movements by using the global positing system (GPS) sensor and sending off data every 15 minutes.

The various sensors means the implications of a smartphone attack are not as easy to predict as for a computer, said Liviu Iftode, a professor in the department of computer science at Rutgers University and one of the authors of rootkit paper.

Read the rest of this article on Dark Reading.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights