iPhone turned into a spiPhone! Beware of it !!!!

Patrick Traynor

Let me start with a question, How many of you have smart phones or planning to have one ? I know its  a lame question to ask because it is the trend of smartphones and they are now ruling the world with their charm.  But let me tell you, days to come will challenge your phones to hack your privacy. And if you are an addict to your phone and if you aren’t letting your phone off sight not even for a second then believe me you might be more vulnerable than any other person. You will be shocked as you go through the post below, so get ready to get shocked-
A research team in Georgia Institute  Of  Technology in the United States Of America has turned smartphones into Spy-phones, irony is that the more you pay the phone, easy to get being hacked.  They have invented an application that will let your phone to detect what all you have written in your mails, passwords and sensitive documents using your own phone’s accelerometer(It is the internal device that detects when and how the phone is tilted). They have used it to sense keyboard vibrations and decode the complete sentences with up to 80 percent accuracy. According to the researchers it is not an easy task but it can be accomplished using the latest smartphones. When they first tried it using iphone3 the results weren’t that accurate but when they tried it with iphone 4 ,bingo! they were spot on with accuracy touching 80% as it has ax added gyroscope to filter up the accelerometer noise.

iphone listening to keyboard

Previously Professor named Patrick Traynor had achieved similar feat by using microphones, but they are relatively more sensitive than accelerometer. They sample 44,000 vibrations/second where as later one samples 100 vibrations/second but the problem arrived when manufactures started giving extra protection by not giving access to microphones for being used by third party applications unless user approves it. But this protection is unlikely in the case of accelerometers, which allowed them to use it as a tool.

iphone as Spiphone

The technique works by using a software that detects the pairs of keys being pressed, rather than individual key stroke or letters. Then it will determines on what side of the keyboard does this pair of keys lies, is it on the left or right side of the keyboard, and whether they are close together or far apart. After that software compares the result against a preloaded dictionary.

For example : If a user types a word “SPORTS“, which is then split into pairs of words as  SP-OR-TS, and is interpreted as LEFT-RIGHT-FAR, RIGHT-LEFT-FAR, LEFT-LEFT-NEAR i.e, LRF-RLF-LLN  and then the code is compared with that of 58,000 words in a dictionary. This technique went on to fetch words with 80% accuracy in iphone4.
According to Henry Carter, a PhD student in computer science and one of the study’s co-authors- this hacking attack is carried on by requesting phone user to download an innocent looking application, which doesn’t ask to use any of the phone sensors. When the Keyboard detection malware is turned on, and when it is placed next to the keyboard as you start typing it starts listening  like a small kid without making a noise maintaining pin drop silence.
But the effective range has to be at most three inches from a keyboard, so phone users can simply leave their phones in their pockets or bags, or just move them further away from the keyboard.

These graphs show measurements recorded by a smart phone as letters are typed on a nearby keyboard. The device can distinguish between "a" at the left of the keyboard and "l" on the right, as well as between two pairs: "pq" and "nm."

But in real world if there are noise where the user is operating or playing music or traffic noise, when typing then i don’t think hacker would able to hack the details of what you type. As phone technology improves, attacks via the accelerometer could become more feasible. At the same time if security is provided around the accelerometer then it will be difficult to infringe the protective shield. At the end, i need to agree that though this is innovative but i don’t think this will affect any of the current users. And i don’t think this technique will sustain for long period, because if 2 minds work on infringing privacy then there are thousands of minds working on to prevent it.
Thank you for reading the post, if you like this post, please leave a comment…