Slashdot Mirror


Hackers Can Track Subway Riders' Movements By Smartphone Accelerometer

Patrick O'Neill writes: Tens of millions of daily subway riders around the world can be tracked through their smartphones by a new attack, according to research from China's Nanjing University. The new attack even works underground and doesn't utilize GPS or cell networks. Instead, the attacker steals data from a phone's accelerometer. Because each subway in the world has a unique movement fingerprint, the phone's motion sensor can give away a person's daily movements with up to 92% accuracy.

2 of 69 comments (clear)

  1. Progress! by Livius · · Score: 5, Insightful

    The privacy concerns are troubling, but I can't help thinking that's pretty cool.

  2. Re:Yay by tlhIngan · · Score: 4, Insightful

    Yeah, wouldn't it make sense to see where the GPS signal dies, and when it comes back, and persume they took transport from one position to the other? No inertia guessing needed. The Yellow to the Red line is the only way to connect those dots without looping or doubling back. So why do you need to have the accelerometer to confirm?

    Because the accelerometer is often free to use. Accessing GPS requires permission and often has an indicator.

    With this, an app can use the accelerometer surreptitiously while leaving no indication that movement is being tracked - so many apps use it that no one gives a second thought. Using GPS often brings up an alert so the user knows they're being tracked. If your app uses the accelerometer anyways, you can sell that information for tracking. Whereas If you app suddenly popped up "MyCoolApp needs to use the GPS - Allow/Deny?" then people get suspicious.

    At least it does on iOS. I don't know - do apps have free reign over the GPS on Android or do you get alerts when they attempt to use it?