Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Android Cellphones Privacy

Researchers Used Sonar Signal From a Smartphone Speaker To Steal Unlock Passwords (vice.com) 45

An anonymous reader quotes a report from Motherboard: On Thursday, a group of researchers from Lancaster University posted a paper to arXiv that demonstrates how they used a smartphone's microphone and speaker system to steal the device's unlock pattern. Although the average person doesn't have to worry about getting hacked this way any time soon, the researchers are the first to demonstrate that this kind of attack is even possible. According to the researchers, their "SonarSnoop" attack decreases the number of unlock patterns an attacker must try by 70 percent and can be performed without the victim ever knowing they're being hacked. The attack begins when a user unwittingly installs a malicious application on their phone. When a user downloads the infected app, their phone begins broadcasting a sound signal that is just above the human range of hearing. This sound signal is reflected by every object around the phone, creating an echo. This echo is then recorded by the phone's microphone. By calculating the time between the emission of the sound and the return of its echo to the source, it is possible to determine the location of an object in a given space and whether that object is moving -- this is known as sonar.

The researchers were able to leverage this phenomenon to track the movement of someone's finger across a smartphone screen by analyzing the echoes recorded through the device's microphone. There are nearly 400,000 possible unlock patterns on the 3x3 swipe grid on Android phones, but prior research has demonstrated that 20 percent of people use one of 12 common patterns. While testing SonarSnoop, the researchers only focused on these dozen unlock combinations. Ten volunteers were recruited for the study and were asked to draw each of the 12 patterns five different times on a custom app. The researchers then tried a variety of sonar analysis techniques to reconstruct the password based on the acoustic signatures emitted by the phone. The best analysis technique resulted in the algorithm only having to try 3.6 out of the 12 possible patterns on average before it correctly determined the pattern.

This discussion has been archived. No new comments can be posted.

Researchers Used Sonar Signal From a Smartphone Speaker To Steal Unlock Passwords

Comments Filter:
  • by Anonymous Coward

    Banana Republic! Then no one cares about anything.

  • Cool research! (Score:5, Interesting)

    by gweihir ( 88907 ) on Wednesday September 05, 2018 @06:47PM (#57260596)

    While probably not a real security problem at this time, it nicely demonstrates what powerful hardware and software can to even with simple sensors.

    • by Anonymous Coward

      It's interesting they didn't even mention sonar's ability to see through clothing.

    • I'm now waiting for the first sonar based night vision app to come out :) Maybe something that enhances the low light camera?
      I wonder how good it is with distance? Can you map a room with it?

  • Rube Goldberg (Score:5, Insightful)

    by edi_guy ( 2225738 ) on Wednesday September 05, 2018 @07:20PM (#57260726)
    If you can convince a user to download a malicious app, isn't that the end of the story as far as hacking their phone? Unless you are Dr. Evil from Austin Powers the addition of sonar tracking on top of the initial trojan is overkill.

    I get that the sonar bit is clever, by why is it necessary to link that part with stealing passwords, other than to make it a little more press worthy.

    • It's about escalating privileges.

      It's been quite awhile since the default behavior was to give apps unfettered access to the system, specifically because of malicious apps doing malicious things. These days, there are permissions that need to be requested for all sorts of actions, and if you try to request low level access, people tend to sit up, take notice, and start asking questions about what your app is doing and why it's doing it.

      On the other hand, having permission to play sound and listen via the mi

  • by Anonymous Coward

    Didn't they cover this in "The Dark Knight"?

    https://www.scienceabc.com/humans/movies/how-scientifically-accurate-is-batmans-sonar-machine-in-the-dark-knight.html

  • by Anonymous Coward

    Sorry, but they weren't guessing out of the blue. They were guessing from a subset of only 12 combinations. 12. The real security issue here is that people only generally use 1 of 12 different combinations.

  • So what are the 12 patterns? Cursory searches do not reveal this interesting piece of info. Could be fun at parties.

  • All good stuff, but is " decreases the number of unlock patterns an attacker must try by 70 percent" right?
    If there are 12 options and I guessed randomly, I'd expect to have to try 6 before I got it.
    They reduced this to 3.6, which I make a 40% reduction - have I missed something?

    • by Wulf2k ( 4703573 )

      It's like a USB port. You've gotta try some of possibilities multiple times before they'll work.

Two can Live as Cheaply as One for Half as Long. -- Howard Kandel

Working...