Have you ever wondered whether one app on your phone could spy on what you’re typing into another? We have. Five years ago we showed that you could use the camera to measure the phone’s motion during typing and use that to recover PINs. Then three years ago we showed that you could use interrupt timing to recover text entered using gesture typing. So what other attacks are possible?
Our latest paper shows that one of the apps on the phone can simply record the sound from its microphones and work out from that what you’ve been typing.
Your phone’s screen can be thought of as a drum – a membrane supported at the edges. It makes slightly different sounds depending on where you tap it. Modern phones and tablets typically have two microphones, so you can also measure the time difference of arrival of the sounds. The upshot is that can recover PIN codes and short words given a few measurements, and in some cases even long and complex words. We evaluate the new attack against previous ones and show that the accuracy is sometimes even better, especially against larger devices such as tablets.
This paper is based on Ilia Shumailov’s MPhil thesis project.
Did you look at whether the accelerometer could do the same thing? Or whether combining any two of camera/mic/accel could improve the results?
In any case, good to know, and bleak 🙁
Thanks!
There is quite a bit of work showing that one can perform similar attacks with an accelerometer and in combination with other different sensors. I list a few in the introduction and suggest reading Aviv et al. paper. Although slightly outdated, it has a large survey of all of the attacks done.
Thanks!!