Smartphone Sensors Pose Security Threat
Newly discovered vulnerability shows a phone's accelerometer can detect vibrations from key presses on a nearby keyboard.
10 Epic Android Apps
10 Epic Android Apps (click image for larger view and for slideshow)
As smartphones become more powerful, technologists have increasingly referred to the devices as pocket-sized computers. Yet less often do the experts consider the implications of a different aspect of the devices workers are carrying around: that of a capable pocket-sized suite of sensors.
Researchers have begun to focus on this facet of mobile phones. Last week, for example, computer scientists at Georgia Tech showed how placing a phone on a desk could allow its accelerometer to detect the vibrations from key presses on a nearby keyboard and pick out words with an accuracy of up to 80%.
The research showcases the possibilities in using a smartphone's sensors in innovative ways; while the attack might be more difficult than other methods of keylogging, it could be used for espionage to great effect, said Patrick Traynor, an assistant professor in the school of computer science at Georgia Tech.
"The best-case scenario here, if you are an attacker, is if you are going after a very specific person," he said. "I think it is realistic in that case."
People have started adapting to the implications that they are carrying around a capable computer in their pockets, but still have not absorbed the fact that they also are carrying a capable sensor suite as well. Last year, researchers from Rutgers University showed how attackers could use an Android rootkit to listen in on conversations by intercepting calendar events and turning on the microphone during scheduled meetings. A year ago, an Android Trojan known as Tapsnake tracked users' movements by using the global positing system (GPS) sensor and sending off data every 15 minutes.
The various sensors means the implications of a smartphone attack are not as easy to predict as for a computer, said Liviu Iftode, a professor in the department of computer science at Rutgers University and one of the authors of rootkit paper.
Read the rest of this article on Dark Reading.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022