Short Bytes: The security researchers at Newcastle University have published a paper that showcases the risks posed by numerous sensors that are a part of modern smartphones. Many of these sensors don’t ask for user’s permission and can act as a spying tool that can be exploited by hackers and malicious websites. The researchers are in touch with industry leaders who are working to take care of this issue.
Your high-end smartphone has tons of new features and sensors. Any new application that you install on your smartphone ask for the camera, microphone, and GPS permission, but what about the other sensors? It’s possible that you don’t know which native app or web app has the access to which sensors.
Based on this security risk posed by the onboard sensors, a team of researchers at Newcastle University has published a paper. The team was able to crack the phone’s four-digit PINs with a surprising 70% accuracy on the first try. The accuracy increased to 100% by the fifth try.
The research states that the case of websites being accessed via mobile web browsers is the most troublesome as a malicious site can expose the device to such sensor-based monitoring. By getting the access to such data, a hacker can determine if the target is walking, traveling in a car, or sitting.
Talking to TechCrunch, paper’s lead researcher Dr. Maryam Mehrnezhad said that all the mobile platforms are aware of this issue and they are cooperating to fix this problem.
“We reported it to them, and ever since we’ve been in touch with them, we’ve been trying to fix this problem together. It’s still ongoing research on both sides. But we’re in contact with these communities to figure out the best solution,” she said.
The research team has also contacted major web players like W3C and Mozilla to address the issue. The work needed to fix this issue will be a tough line to walk.