Researchers were able to use accelerometers in a smartphone to track what a user sitting nearby was typing on a desktop computer.
In a paper presented at the ACM Conference on Computer and Communications Security on Oct. 20, MIT and Georgia Tech researchers described a scenario in which a malicious adversary could place a smartphone on the table close to the target and use the accelerometer to analyze vibrations and snoop what was being typed. Most modern smartphones have accelerometers to detect when the device is tilted or moved and is used in a number of applications, and applications don't need permission to access it.
While the technique is difficult to accomplish reliably, modern smartphones can sense keyboard vibrations and decipher complete sentences accurately 80 percent of the time, according to Patric Traynor, an assistant professor in Georgia Tech's School of Computer Science. The demonstrated method works best on English dictionary words that are longer than three characters, he said. "We believe that most smartphones made in the past two years are sophisticated enough to launch this attack," Traynor said. As manufacturers improve and refine accelerometer technologies, the attack will become more successful, he said.
Initial tests with an iPhone 3GS were not very promising, but the results from the iPhone 4 were "much better," said Traynor. The iPhone 4 has a gyroscope to clean up the accelerometer noise. The same methods can be used with Android phones as well.
The attack method requires the user to download a spyware program designed to use the accelerometer as a keylogger onto the smartphone, or somehow include the function within another application, according to Henry Carter, a Ph.D. student in computer science at Georgia Tech and one of the co-authors of the study. The application would detect vibrations from someone typing nearby and try to figure out what is being typed. The "innocuous-looking application" won't ask the user for the use of any suspicious phone sensors.
"Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening," Carter said
The likelihood of an attack of this nature "right now is pretty low," and users shouldn't "be paranoid that hackers are tracking their keystrokes," said Traynor. Users can also just protect themselves by keeping the phone in the pocket or a bag instead of on a table next to a keyboard. Placing the phone further than three inches from the keyboard will also prevent the accelerometer from picking up vibrations, researchers said.
"This was really hard to do. But could people do it if they really wanted to? We think yes," Traynor said.
Researchers suggested that the sampling rate for accelerometers should be cut in half to make it harder for the eavesdropping application to detect and analyze keyboard vibrations. Most phone applications would still be able to function with the lower accelerometer rate, and if an application needs a higher sampling rate, the user should be prompted to ensure it is a legitimate request, researchers said.