15/08/2014
Your Android phone can be turned into a microphone without your permission
or knowledge. All that’s needed are the gyros in your phone that measure
orientation. Stanford researchers have shown how to rewire them to pick up
sound waves.
Together
with the defense firm Rafael, they created an Android app called Gyrophone, which shows just how easy it
is to get the vibrating pressure plates used by the gyroscope to pick up
vibrations of sound at frequencies in the 80-250Hz range – the base frequencies of the human voice.
“We
show that the MEMS gyroscopes found on modern smartphones are sufficiently
sensitive to measure acoustic signals in the vicinity of the phone. The
resulting signals contain only very low-frequency information (< 200 Hz).
Nevertheless we show, using signal processing and machine learning, that this
information is sufficient to identify speaker information and even parse
speech. Since iOS and Android require no special
permissions to access the gyro, our results show that apps and active web
content that cannot access the microphone can nevertheless eavesdrop on speech
in the vicinity of the phone,”
the scientists say on the Stanford Security Research website, where they also offer the Android application as a free download.
They
also provide a link to a webpage that can be browsed via a mobile phone to
demonstrate the efficacy of the method. The resulting data isn’t recorded
anywhere, although it can be saved as a file, if the user wishes.
What
the researchers have shown is that the big array of sensors on a smartphone can
be used for a variety of purposes. In another, related paper, they “demonstrate how the multitude of sensors on a smartphone can be used to
construct a reliable hardware fingerprint of the phone. Such a fingerprint can
be used to de-anonymize mobile devices as they connect to web sites, and as a
second factor in identifying legitimate users to a remote server. We present
two implementations: one based on analyzing the frequency response of the
speakerphone-microphone system, and another based on analyzing device-specific
accelerometer calibration errors.”
The
discovery is just another chapter in the already controversial scandalous saga
of communications surveillance with tools as simple as the smartphone’s
microphone being turned on remotely. It became more pertinent with the recent
revelations offered by former US government intelligence contractor Edward
Snowden, who is now resident in Russia after having his US passport invalidated
a year ago and US prosecutors demanding his return to the States.
In
late June, Russia’s Kaspersky Lab, one of the world’s top information security
firms, reported on legal malware produced by an
Italian company, Hacking Team, which since 2001 has offered its clients the
opportunity to snoop on their targets. Their product is said to be the first
Remote Control Systems (RCS) malware with a positive link to mobile phones,
opening them up to new potential security threats.
However,
internet companies have also been said to store information on users for a
while now, with fears that mobile apps may merely be fronts for private
information mining, as your email, photos, numbers and addresses are picked up
each time you punch them in.
Sinn Féin Mountmellick –
Serving The Community
No comments:
Post a Comment