As a human being I don’t like it when something I use everyday becomes a trojan horse implanted in my privacy. But as a writer I do! So in spite of it being another “Oh, BTW, did you know your cell phone is working against you?” article, I was interested today when the BBC ran a bit outlining how the swypes and strokes I make on my cell phone can be hacked to record my passwords and pins.
Dr Adam J Aviv, a visiting professor at Swarthmore College in Pennsylvania, carried out the attacks by using data gathered by an accelerometer on a smartphone. Typically this sensor logs phone movements in three dimensions: side-to-side, forward-and-back and up-and-down.
“Other researchers had looked into ways to subvert data gathered by gyroscopes, accelerometers and other orientation sensors to work out passwords, said Dr Aviv. One group even analysed smears on touchscreens to get clues about Pins and patterns.
“We are starting to realise that the way we interact with these devices affects the security of these devices,” he said. “The fact that we hold them in our hands is different to the way we use traditional computers and that actually can leak information to sensors in the device.”
So, if your PIN doesn’t get hacked through the wearing of an info-stealing helmet, your accelerometer is going to spill the beans. Here’s how the accelerometer works, explained quite well in four minutes time.