iPhone accelerometer hack turns it into a 'spy phone'

Smartphone owners may want to think twice before placing their gadgets so close to their computer keyboards, lest they unwittingly give their passwords away. Researchers from Georgia Tech have found a way to use a smartphone accelerometer —a component that detects how the phone is tilted— to remotely decipher keyboard strokes. “We first tried our experiments with an iPhone 3GS, and the results were difficult to read. But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack," said Patrick Traynor, assistant professor in Georgia Tech’s School of Computer Science, according to an article on TechJournal. TechJournal said the team used the accelerometer to sense keyboard vibrations and decipher complete sentences with up to 80-percent accuracy. While Traynor said researchers have accomplished similar results using microphones, a microphone is much more sensitive than an accelerometer. Manufacturers have placed security around a phone’s microphone, with the phone programmed to ask users whether to give new applications access to it. Keystroke detection The technique works through probability and by detecting pairs of keystrokes. Malware using the technique, which works reliably only with words with three or more letters, could compare the data to a preloaded dictionary. “The way we see this attack working is that you, the phone’s owner, would request or be asked to download an innocuous-looking application, which doesn’t ask you for the use of any suspicious phone sensors," said Henry Carter, a PhD student in computer science and one of the study’s co-authors. Once the keyboard-detection malware is turned on, and the next time the victim place his or her phone next to the keyboard and start typing, he said "it starts listening." Working with dictionaries comprising about 58,000 words, the system reached word-recovery rates as high as 80 percent, the article said. Mitigation Traynor said mitigation strategies for this are simple and straightforward: users can leave their phones in their purses or pockets, or just move them further away from the keyboard. He also said users should not be paranoid as the sampling rate for accelerometers is already pretty low. “The likelihood of someone falling victim to an attack like this right now is pretty low," he said. “This was really hard to do. But could people do it if they really wanted to? We think yes." On the other hand, he said phone manufacturers can lower the default accelerometer rate such that they become less sensitive. "And if someone downloads an application like a game that needs the higher sampling rate, that would prompt a permission question to the user to reset the accelerometer," he said. — TJD, GMA News