Smart Phones Could Hear Your Password
The accelerometers on many phones are sensitive enough to allow surveillance via vibrations, say researchers.
The sensors inside modern smart phones present a range of security threats. An attacker who compromises a phone can, for example, track the owner’s location by GPS, use the camera to see the phone’s surroundings, or turn on its microphone to record conversations.
At a conference in Chicago on Thursday, a group of computer researchers from Georgia Tech will report on another potential threat. The researchers have shown that the accelerometer and orientation sensor of a phone resting on a surface can be used to eavesdrop as a password is entered using a keyboard on the same surface. They were able to capture the words typed on the keyboard with as much as 80 percent accuracy.
“There is information that is being leaked, and of the hardware on your phone, the accelerometer is the one thing that no one ever worried about,” says Patrick Traynor, assistant professor in the school of computer science at Georgia Tech and a member of the research team. “No one thought that you could turn on the accelerometer and get any meaningful data.”
The accelerometer in the phone the researchers used samples only 100 times a second, so they did not have enough data to determine the exact keys struck. Instead, the researchers used the data from the accelerometer to determine whether key taps were on the right or left side of the keyboard and to gauge the delays between keystrokes. Using this information, they were able to figure out a list of potential keystroke pairs. The results were then compared with a 58,000-entry dictionary. They will present the work at the ACM Conference on Computer and Communications Security.
A real-world attack would, of course, require a victim to habitually place a phone and keyboard on the same work surface. Vibrations inherent in the environment could also complicate matters. A tall building adds noise because it sways, and offices near a major road will be affected by traffic vibrations. The composition of the surface makes a big difference as well, says Traynor. Pine desktops conduct vibrations extremely well, as do glass ones, making them ideal surfaces for the attack. But a tiled kitchen counter is basically inscrutable.
To make the attack succeed, the dictionary would need to be tailored to the specific target. “The best-case scenario here, if you are an attacker, is to go after a very specific person,” says Traynor. “I think the attack is realistic in that case.”
As phone technology improves, attacks via the accelerometer could become more feasible. The researchers’ initial experiments used Apple’s iPhone 3GS, but the phone’s accelerometer lacked the necessary sensitivity. The researchers then moved to the iPhone 4, which uses a gyroscope to remove noise from the accelerometer data, and had much greater success.
While the attack technique is interesting, it’s unlikely to become a real threat for some time, says Charlie Miller, principal security consultant with Accuvant, a compliance and security research firm. “It’s cool because it is very James Bond-ish,” he says. “But it might easier to turn on the mike and listen to the target talk on the phone.”