Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Android
    • Android
    • Applications
    • Cybersecurity
    • Mobile

    iPhone, Android Smartphones Can Be Used as Keyloggers: Researchers

    By
    Fahmida Y. Rashid
    -
    October 21, 2011
    Share
    Facebook
    Twitter
    Linkedin

      Researchers were able to use accelerometers in a smartphone to track what a user sitting nearby was typing on a desktop computer.

      In a paper presented at the ACM Conference on Computer and Communications Security on Oct. 20, MIT and Georgia Tech researchers described a scenario in which a malicious adversary could place a smartphone on the table close to the target and use the accelerometer to analyze vibrations and snoop what was being typed. Most modern smartphones have accelerometers to detect when the device is tilted or moved and is used in a number of applications, and applications don’t need permission to access it.

      While the technique is difficult to accomplish reliably, modern smartphones can sense keyboard vibrations and decipher complete sentences accurately 80 percent of the time, according to Patric Traynor, an assistant professor in Georgia Tech’s School of Computer Science. The demonstrated method works best on English dictionary words that are longer than three characters, he said. “We believe that most smartphones made in the past two years are sophisticated enough to launch this attack,” Traynor said. As manufacturers improve and refine accelerometer technologies, the attack will become more successful, he said.

      Initial tests with an iPhone 3GS were not very promising, but the results from the iPhone 4 were “much better,” said Traynor. The iPhone 4 has a gyroscope to clean up the accelerometer noise. The same methods can be used with Android phones as well.

      The attack method requires the user to download a spyware program designed to use the accelerometer as a keylogger onto the smartphone, or somehow include the function within another application, according to Henry Carter, a Ph.D. student in computer science at Georgia Tech and one of the co-authors of the study. The application would detect vibrations from someone typing nearby and try to figure out what is being typed. The “innocuous-looking application” won’t ask the user for the use of any suspicious phone sensors.

      “Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening,” Carter said

      The likelihood of an attack of this nature “right now is pretty low,” and users shouldn’t “be paranoid that hackers are tracking their keystrokes,” said Traynor. Users can also just protect themselves by keeping the phone in the pocket or a bag instead of on a table next to a keyboard. Placing the phone further than three inches from the keyboard will also prevent the accelerometer from picking up vibrations, researchers said.

      “This was really hard to do. But could people do it if they really wanted to? We think yes,” Traynor said.

      Researchers suggested that the sampling rate for accelerometers should be cut in half to make it harder for the eavesdropping application to detect and analyze keyboard vibrations. Most phone applications would still be able to function with the lower accelerometer rate, and if an application needs a higher sampling rate, the user should be prompted to ensure it is a legitimate request, researchers said.

      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×