Now hackers can track your subway rides: App pinpoints your location with 92% accuracy using a phone’s motion sensors

You might think you’re safe from hackers on the subway, but a new type of software could bring cyber criminals underground.

A team of Chinese researchers has developed software that tracks people riding the subway using a smartphone’s motion sensor data.

They claim the system can pinpoint anyone’s location to an accuracy of 92 per cent without ever having to tap into the phone’s GPS system.

The software works because every underground and subway line in the world moves in its own unique way.

A smartphone’s accelerometer can be hacked if the user downloads a malicious app that gives access to the phone’s motion sensors.

Using a database of how subways around the world move, hackers can then use the motion data to know which city you’re in and what line you’re taking.

‘If an attacker can trace a smartphone user for a few days, he may be able to infer the user’s daily schedule and living/working areas and thus seriously threaten her physical safety,’ the authors wrote.

‘Another interesting example is that if the attacker finds Alice and Bob often visit the same stations at similar non-working times, he may infer that Bob is dating Alice.’

The team performed experiments in China by tracking volunteers carrying smartphones through subways in Nanjing.

HOW MOTION SENSORS ON IPHONES CAN REVEAL WHAT YOU’RE TYPING

An iPhone can be turned into a ‘SpiPhone’ as it can decipher vibrations to record what is being typed on a nearby computer keyboard.

A research team at the Georgia Institute of Technology in the United States discovered how to do it using a smartphone accelerometer – the internal device that detects when and how the phone is tilted.

They have found it can be harnessed to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy, and the iPhone is best at it.

The technique works by using mathematical software that detects pairs of keystrokes, rather than individual letters.

Hackers can then determine whether the pair of keys pressed is on the left or right side of the keyboard, and whether they are close together or far apart.

After the system has determined these characteristics for each pair of keys pressed, using probability it compares the results against a preloaded dictionary.

The attack is ‘more effective and powerful than using GPS or cellular network to trace metro passengers,’ the researchers found.

The Daily Dot notes that there are several defences against this hack, including analysing power-consumption.

To track someone using this method, a hacker would have to be in constant contact with the phone’s accelerometer, draining power.

But unlike hacking into GPS, knowing your accelerometer has been accessed can be tricky, unless you constantly monitor your phone.

Previous research has shown how hackers can steal accelerometer data to find out what a smartphone user is writing.

View the original content and more from this author here: http://ift.tt/1J5nIlo

from hacker samurai http://ift.tt/1J5nGK7
via IFTTT