Slashdot Mirror

← Back to Stories (view on slashdot.org)

Your Phone Can Be Snooped On Using Its Gyroscope

Posted by Unknown on from the phone-can-be-snooped-on-by-everything dept.

stephendavion (2872091) writes Researchers will demonstrate the process used to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. Researchers from Stanford and a defense research group at Rafael will demonstrate a way to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. According to the "Gyrophone: Recognizing Speech From Gyroscope Signals" study, the gyroscopes integrated into smartphones were sensitive enough to enable some sound waves to be picked up, transforming them into crude microphones.

64 of 96 comments (clear)

  1. Is it "Gyro" or "Yeero"? by Anonymous Coward · · Score: 1

    Is it "Gyro" or "Yeero"?

    1. Re:Is it "Gyro" or "Yeero"? by Pope · · Score: 1

      So, you like-a the sauce?

      --
      It doesn't mean much now, it's built for the future.
  2. I give up... by fuzzyfuzzyfungus · · Score: 4, Funny

    Can we just succumb to the inevitable and work on building a list of the parts of a smartphone that can't be used to spy on you?

    I'm thinking 'maybe the battery door'. Any other suggestions?

    1. Re:I give up... by Anonymous Coward · · Score: 1

      They're probably working on the battery door spying technology as we speak.

    2. Re:I give up... by plover · · Score: 3, Funny

      Apple fixed that problem. The iPhone has no battery door, so it can't be removed in case you don't want the phone to spy on you.

      --
      John
    3. Re:I give up... by nxtr · · Score: 3, Funny

      The vibrations of your voice cause voltage fluctuations in the battery, and can be reconstruct the image of the suspect from the reflection in the eye of the person across the street.

    4. Re:I give up... by geekmux · · Score: 5, Insightful

      Can we just succumb to the inevitable and work on building a list of the parts of a smartphone that can't be used to spy on you? I'm thinking 'maybe the battery door'. Any other suggestions?

      What's the point of securing any smartphone when all of your activity on the device is captured elsewhere and sold for profit? They don't just count how many times you play your songs. They count how many times you text during the day. They count how many times you click on icons. They count how many seconds you hover over app icons even when you don't buy them in order to market apps catered to your "maybe" whims. Yes, they do this shit. No, it's not called crazy, it's called statistical analysis to the nth degree in order to maximize profits.

      The phone is merely the vehicle. What that vehicle can do all depends on the driver. Unfortunately, we've all been thrown in the back of a telco cab and the driver was told to get lost years ago.

    5. Re:I give up... by fuzzyfuzzyfungus · · Score: 1

      Given that attack where they used the acoustic emissions of a CPU's voltage regulator circuitry to extract an RSA key I'm going to consider that one guilty until proven innocent...

    6. Re: I give up... by jd2112 · · Score: 1

      So That must be the reason that Apple made the iPhone battery non removable. It's a security feature!

      --
      Any insufficiently advanced magic is indistinguishable from technology.
    7. Re:I give up... by schlachter · · Score: 1

      it will be more dangerous when they figure out how to make your battery explode or electrocute you. when the go from surveillance to attack mode.

      --
      My God can beat up your God. Just kidding...don't take offense. I know there's no God.
    8. Re:I give up... by camperdave · · Score: 1

      It won't work. They'll be able to track you through the "hole" you leave by not having a trackable smart phone.

      --
      When our name is on the back of your car, we're behind you all the way!
    9. Re:I give up... by thieh · · Score: 1

      We probably should stop using cellphones altogether.

    10. Re:I give up... by Hattmannen · · Score: 1

      Battery door? Oh, that thing on the back of the phone. Isn't that that elusive back door I've been hearing so much about? :-p

      --
      People are not wearing enough hats.
    11. Re:I give up... by viperidaenz · · Score: 1

      But my cellphone has two microphones!

      It's also waterproof, so what's a river going to do to it?

    12. Re:I give up... by antdude · · Score: 1

      I am so glad I don't own a mobile phone to worry about these issues. :) I do have to worry about other sources though. :(

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  3. Oh no by Parker+Lewis · · Score: 1

    Another summary posted by trainee.

  4. Re:So? by plover · · Score: 2

    I'm going to assume most phones already have actual microphones, so how does this add any additional kind of insecurity? I'm going to assume most phones already have actual microphones, so how does this add any additional kind of insecurity?

    Apparently the sound from your mic and the echo from your gyroscopes were both parsed by your speech-to-text converter. I guess it works better than we thought!

    --
    John
  5. Re:Cutting edge news? by Anonymous Coward · · Score: 1

    You are so much smarter for having found this information a week ago. It's practically useless now.

  6. Hiding the phone... by khr · · Score: 3, Funny

    the gyroscopes integrated into smartphones were sensitive enough to enable some sound waves to be picked up, transforming them into crude microphones

    Yeah, that's why I always stick my phone inside an empty potato chip bag when I'm talking to someone...

    1. Re:Hiding the phone... by Dog-Cow · · Score: 1

      Being an un-funny ass must be really hard work these days. If we were to apply the oh-so-humorous ^W's in your post, it would read That's why you should stick with Apple. With an iPhone you can get the same effect simply wrong. Which, as we can see, makes no sense at all.

  7. Re:So? by JazzXP · · Score: 3, Informative

    Basically an app can ask for permissions for the gyro only (if it even needs to) and be recording conversation.

  8. Re:So? by Anonymous Coward · · Score: 1

    Some of my co-workers were talking about this last week, and I think the effective issue was that while accessing the microphone requires special privileges to be granted to the application, no such privileges are required to access the gyroscope.

  9. Whew! by Somebody+Is+Using+My · · Score: 1

    My phone doesn't have gyroscope, therefore I am safe from people listening in to my conversations.

    "Gee boss, we need to spy on this guy! Any ideas how we can do it?
    "Well he has a smart phone; maybe we can leverage that to our advantage?"
    "Oh, I see what you are getting at; we'll hack the firmware so we can use the oscillations of the GPS to crudely and inaccurately record what he is saying!"
    "Actually, I was thinking we might want to use the attached microphone which is, you know, designed to pick up sound..."

  10. How to summary by skovnymfe · · Score: 1

    Researchers will demonstrate the process used to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. Researchers from Stanford and a defense research group at Rafael will demonstrate a way to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014.

    Why the redundancy? Post must be longer than 100 characters?

    1. Re:How to summary by jheath314 · · Score: 1

      "is actually a quined phrase that makes its point via repetition" is actually a quined phrase that makes its point via repetition.

      --
      Procrastination Man strikes again!
    2. Re:How to summary by ArcadeMan · · Score: 1

      The post was written by The Department Of Redundancy Department.

      --
      Get free satoshi (Bitcoin) and Dogecoins
  11. this has been a passive attack for a while now. by nimbius · · Score: 1

    originally researchers analyzed the data in the following categories. wobbling or wiggling in android devices indicated stress patterns, while violent shaking concluded frustration or rage. Finally, a single impact for iPhone devices registered as a trip to the genius bar and an unpaid credit card bill.

    --
    Good people go to bed earlier.
  12. The paper says... by Anonymous Coward · · Score: 4, Informative

    They are currently able to recognize the spoken digits 1-9 correctly approximately 80% of the time. This is given a training data set from the same speaker and the same phone. Incredibly impressive, especially since it was done from a web browser and requires no special permissions or even knowledge from the user. For those of you that didn't read it. However, James Bond spy tool this is not yet...

    1. Re:The paper says... by F.Ultra · · Score: 1

      Something tells me that this could quite easily be fixed by filtering out "noise" from the gyroscopes before presenting it to apps. There can hardly be a use case for this finegrained details from the gyro except this one of course.

    2. Re:The paper says... by macklin01 · · Score: 1

      It would be neat, however, to see gyroscope inputs added to regular audio inputs to improve speech-to-text. This seems to be a nice proof of concept for that.

      --
      OpenSource.MathCancer.org: open source comp bio
    3. Re:The paper says... by Pope · · Score: 1

      So the Numbers Station folks aren't out of a job yet!

      --
      It doesn't mean much now, it's built for the future.
    4. Re:The paper says... by F.Ultra · · Score: 1

      And we really need "Kalman filters" on our phones? And there is no way in hell that one could filter out the noise level produced by audio (which must be extremely low) and still give enough resolution for the Kalman filter ?

  13. But snooped on with what? by sacrilicious · · Score: 3, Interesting

    Researchers will demonstrate the process used to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. Researchers from Stanford and a defense research group at Rafael will demonstrate a way to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. According to the "Gyrophone: Recognizing Speech From Gyroscope Signals" study, the gyroscopes integrated into smartphones were sensitive enough to enable some sound waves to be picked up, transforming them into crude microphones.

    I can't help but feel like there are gyroscopes involved in this process somehow...

    --
    - First they ignore you, then they laugh at you, then ???, then profit.
    1. Re:But snooped on with what? by wonkey_monkey · · Score: 1

      Well, they call 'em gyroscopes, but since gyro- implies something spinning, and these things are (as far as I can ascertain) just vibrating, I call 'em accelerometers.

      And real gyroscopes have more purposes than measuring acceleration anyway.

      --
      systemd is Roko's Basilisk.
    2. Re:But snooped on with what? by oodaloop · · Score: 1

      The gyroscopes and accelerometers are two different things. The gryoscope measures tilt of the device, like when you play a racing game. The accelerometer measures change in velocity, like when you shake the phone to shuffle a playlist. Two different sensors.

      And no, the gyroscope in your phone does not spin; it is solid state.

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    3. Re:But snooped on with what? by Russ1642 · · Score: 1

      A gyroscope can measure absolute orientation in the absence of a gravitational field.

    4. Re:But snooped on with what? by NoImNotNineVolt · · Score: 1

      You're both partly wrong.

      There are six degrees of freedom here. Three linear, and three angular. Tilting a phone is synonymous with applying angular acceleration to it. A phone existing in a tilted state relative to the ground is experiencing no angular acceleration, but its angle of tilt can be determined by combining the three linear acceleration readings into one vector (assuming the phone is stationary relative to the Earth). The word "tilt" here is ambiguous in that it could relate to either angular or linear acceleration, so you probably shouldn't be using it.

      That being said, I don't know if the sensors in phones actually measure angular acceleration (which is what a gyroscope would do). When you "play a racing game" on your phone, can you fool it into thinking you're tilting the phone merely by translating (in the geometric sense) the phone from side to side without rotating it? If so, your sensor is inferring orientation from linear acceleration measurements. If not, it actually has a gyroscope (and is capable of direct angular acceleration measurements).

      --
      Chuuch. Preach. Tabernacle.
  14. App permissions by grimJester · · Score: 2

    Apps request permissions for different pieces of hardware on a case-by-case basis. The average user might raise some eyebrows if an app that shouldn't need it wants to access your microphone, but access to gyroscope data might not even require user acceptance.

  15. Re:So? by rasmusbr · · Score: 3, Interesting

    Basically an app can ask for permissions for the gyro only (if it even needs to) and be recording conversation.

    Yeah, that's the thing. You don't need permissions for the gyro on Android and iOS, so any and all of the apps that you have on your phone or tablet could be using the gyro and you wouldn't know, except for an anomalous battery drain.

  16. Let me guess by jones_supa · · Score: 1

    No one will ever bother exploiting this. Neither will anyone bother to exploit the red button attack or inferring audio from video recording. It's just too tricky to get these working in practice. Even with the gyroscope you get a crummy 100Hz frequency cap with terrible amounts of factors decreasing sound capture quality.

    1. Re:Let me guess by wonkey_monkey · · Score: 1

      Which is, of course, exactly the kind of attitude "they" would hope you'd have.

      --
      systemd is Roko's Basilisk.
    2. Re:Let me guess by jones_supa · · Score: 1

      It does not matter what they hope if they can't get the tricks to work.

  17. Re:So? by frinkster · · Score: 3, Interesting

    Basically an app can ask for permissions for the gyro only (if it even needs to) and be recording conversation.

    Yeah, that's the thing. You don't need permissions for the gyro on Android and iOS, so any and all of the apps that you have on your phone or tablet could be using the gyro and you wouldn't know, except for an anomalous battery drain.

    Sure, but on iOS an app is suspended when you are on a phone call unless the app has used the system APIs to enable background execution. There are only a small number of background execution modes and your app must declare which it plans to use. When it comes to location-based background execution (the most likely use of the gyro), your app still gets suspended. The system wakes it up periodically and sends location updates to a function in your app and then gives the app a small time window for that function to return an expected value. It is very much a discrete task-based multitasking system - completely different than normal desktop machines. Good sometimes. Bad sometimes.

  18. Similar cool/scary news... by RyuuzakiTetsuya · · Score: 1

    http://petapixel.com/2014/08/0...

    Good lordy.

    This would be really cool if the privacy implications weren't scary. However, I can't imagine this being useful or practical wide scale. As a targeted attack, that's really scary as fuck.

    --
    Non impediti ratione cogitationus.
    1. Re:Similar cool/scary news... by iggymanz · · Score: 1

      been done for decades using laser on window or hard surface in room by law enforcement and others

    2. Re:Similar cool/scary news... by RyuuzakiTetsuya · · Score: 1

      If you read the article linked, they're doing it with a cellphone camera too.

      Not *great*, mind you, but possible. Thus kind of scary.

      --
      Non impediti ratione cogitationus.
    3. Re:Similar cool/scary news... by iggymanz · · Score: 1

      yes read the article, just saying principles not new and plenty of other ways to "bug" a room without entering. good ol' parabolic microphones can listen through walls from outside at over fifty meters range

  19. The fear mongering industry... by Torp · · Score: 1

    ... has moved to smartphones.

    --
    I apologize for the lack of a signature.
  20. Srsly by Alioth · · Score: 1

    Smartphones have actual microphones. Why use the gyro as a crude microphone when you have a perfectly functioning microphone built into the device already?

    --
    Oolite: Elite-like game. For Mac, Linux and Windows
    1. Re:Srsly by Chrisq · · Score: 1

      Smartphones have actual microphones. Why use the gyro as a crude microphone when you have a perfectly functioning microphone built into the device already?

      Because its there

  21. not the battery door by oneiros27 · · Score: 1

    Mine's got a wireless charging pad in it.

    Of course, it's running WebOS, which lets me set up security such that I can require confirmation before an app's allowed to use certain features (eg, GPS), rather than just giving it a blanket 'you're allowed to use GPS whenever you want to'.

    The drawback is that I don't have nearly as many apps available to use, being that it's WebOS. (I still blame those horrible Palm Pre commercials with the stoned albino -- why they didn't bother showing that it supported multitasking and copy & paste way before iOS, I have no clue)

    --
    Build it, and they will come^Hplain.
    1. Re:not the battery door by viperidaenz · · Score: 1

      A wireless charging pad? So they can just listen for the power consumption of the CPU with an RF antenna, process the waveforms to extract encryption keys and then hack in via the cellular radio and take information they want?

    2. Re:not the battery door by fuzzyfuzzyfungus · · Score: 1

      As much as I mourn my HP Touchpad (Oh man did WebOS multitasking curb-stomp Android multitasking at the time and even considerably later); if you are still running WebOS you probably have bigger security issues. The last update for any Pre models was December 2011, and Touchpad models January 2012. That's a long time for a relatively full featured OS to go without any fixing.

  22. Re:So? by rasmusbr · · Score: 2

    Permissions on Android are a bit more rudimentary, so it would be simple to make a background process that just sits and quietly listens to the gyro. You would need to ask for the permission to keep the device awake in order to keep the CPU and sensor chip alive and (in order for it to be practical) the permission to start on boot.

  23. Phone permissions suck by Gothmolly · · Score: 3, Insightful

    Every app seems to want access to your full memory, location info, camera, microphone and contact list. Why does a flashlight app need all this?

    I carry a phone because I have to for work, and I need something to read while on the crapper, and that's it. People who use all these fancy apps are the product, not the customer.

    --
    I want to delete my account but Slashdot doesn't allow it.
    1. Re:Phone permissions suck by Solandri · · Score: 1

      You can thwart this if your phone is rooted. At first I used an app which blocked apps from accessing certain features and data I didn't want them to see, like my location. But then they started to make apps crash when they were blocked this way.

      I'm currently using xprivacy. It generates fake data for things like location, networks, and sensors. If the app insists on getting my location and I don't give it that permission, it still gets a location. But that location is a random place in the world. Same for networks and sensor data - it'll get fake SSIDs if I don't give it network access, fake gyroscope readings if I don't give it permission to access the gyros.

      Be forewarned, xprivacy is a PITA to install (uses the xposed framework) and set up (newer versions query you when an app makes a request, so you don't have to set everything blind). But after a few weeks of pain getting everything in place, it's been smooth sailing.

  24. Re: A profitable business idea ... by lemonfresh33 · · Score: 2

    Just don't use that device anywhere public. Or on a public network because they can snoop on you that way.

  25. Re:A profitable business idea ... by geekmux · · Score: 1

    ... maybe even eligible for a genuine patent (not that I favor patent, but ...)

    Can we just succumb to the inevitable and work on building a list of the parts of a smartphone that can't be used to spy on you? I'm thinking 'maybe the battery door'. Any other suggestions?

    What's the point of securing any smartphone when all of your activity on the device is captured elsewhere and sold for profit?

    The point being there IS an opportunity for anyone who comes up with a workable idea to really really lock down all your gadgets (not only smartphones but all electronic gadgets) so that even when the gadgets are powered up they can't leak _any_ information

    Yes, there is. And there are companies that are attempting to offer secure services and devices like this, such as Silent Circle and Blackphone.

    However, your mistake with this "profitable" business idea is thinking that the majority of people actually give a shit about security and privacy and will PAY for such a service.

    The current environment was birthed from the ignorance that they don't. And won't. Only a small fraction of people care enough to pay, which may or may not be profitable enough to even attempt.

    On top of that, vendors are practically drooling over the onslaught of IoT devices coming, and soon it will literally be illegal for you to make a "silencer" for an electronic device. The manufacturers will lobby to ensure this happens. And they'll win.

  26. Re: A profitable business idea ... by geekmux · · Score: 1

    Just don't use that device anywhere public. Or on a public network because they can snoop on you that way.

    Yes, I'll just go home and surf. I'm sure I'll be perfectly safe from spying there.

    After all, I trust my ISP so much that I don't even consider them a "public" network anymore. They gave me a custom home page that goes right to THEIR website, so it must be private, right? And look here, this systray icon even has their logo! I am so loved I'm practically an employee.

  27. Permissions. It's a kind of privalage escalation. by bussdriver · · Score: 1

    The app doesn't use your microphone; or you deny it, or whatever. So the app uses the gyro to figure out what you are saying anyway - you have no idea it can even do this because it doesn't use the microphone. 3rd parties could AUDIT and secure the software for government or corporate use--- and it would still record gyro information.

    A background app could listen constantly even while other apps have the mic if it can background and use the gyro.

    A hacked app with only gyro access...

    Think about the story weeks ago about using video cameras detecting vibrations to hear things and what next gen phones could do with that-- similar situation (but crazy battery usage even on futuristic more powerful phones.)

    Future work:
    ID which person in the family is carrying the phone using the gyros?

    --
    Democracy Now! - uncensored, anti-establishment news
  28. Re: A profitable business idea ... by RabidReindeer · · Score: 1

    Just don't use that device anywhere public. Or on a public network because they can snoop on you that way.

    Yes, I'll just go home and surf. I'm sure I'll be perfectly safe from spying there.

    After all, I trust my ISP so much that I don't even consider them a "public" network anymore. They gave me a custom home page that goes right to THEIR website, so it must be private, right? And look here, this systray icon even has their logo! I am so loved I'm practically an employee.

    Mine too! https://room614a.att.com/ . It's SSL, so I know I can trust it!

  29. Re:So? by RabidReindeer · · Score: 1

    The point of all this isn't to record phone conversations. Some of the agencies likely to exploit this particular weakness have more than enough clout to tap the main communications channel for that.

    The accelerometer exploit is a very low-quality audio sampler. Sample range tops out at about 200/second, IIRC. Enough to get a muffled audio, but nowhere near opera-quality.

    However, it's something that someone could do to monitor room conversations when the phone isn't on a call. And current access controls don't provide enough protection. One of the most promising solutions is simply to limit sample rates to something relatively useless like 50/second.

    Then again, if all you want is to detect basic acoustical vibrations, even that would be enough to tell people to turn on their "houseplant audio monitors".

    You can also get good audio off the reflections of a tinfoil hat.

  30. Or you could just use the windows and screens by WillAffleckUW · · Score: 1

    Since a long long time ago (about 50 years now) we've been able to use nearby windows and computer monitors - even picture frames - to pick up sounds inside rooms.

    Why bother with a cell phone if you're trying to get a good audio pickup?

    If you need to isolate a person, it's not a bad choice, but you can also use the other signals your cell gives out or responds to for locating the person precisely, without technically "using" the phone, and thereby alerting the target.

    But, hey, do it the hard way, if you must.

    --
    -- Tigger warning: This post may contain tiggers! --
  31. Re:So? by rhazz · · Score: 1

    Guilty as charged.