Today’s smartphones are shipp ed with various embedded motion sensors, such as the accelerometer, gyroscope, and orientation sensors. These motion sensors are useful in supporting the mobile UI innovation and motion-based commands. However, they also bring potential risks of leaking user’s private information as they allow third party applications to monitor the motion changes of smart phones.
A team of researchers from Pennsylvania State University (PSU) and IBM have devised an Android-based Trojan that can use a handset’s onboard movement sensors to crack passwords.
The team created an experimental app called TapLogger, which is based on the premise that when you tap on your touch screen, you’re not just interacting with the screen, but moving the entire device. So if you hit a button in the upper right corner, your phone will actually move in that direction slightly, and that subtle movement is then read by the accelerometer and other sensors built-in to your device.
TapLogger was created by Zhi Xu, a PhD candidate in the Department of Computer Science and Engineering at PSU, Kun Bai, a researcher at IBM T.J. Watson Research Center and Sencun Zhu, an associate professor of Computer Science and Engineering at PSU’s College of Engineering.
Accelerometer and orientation sensor data are not protected under Android’s security model, and this means that they are exposed to any application, regardless of its permissions on the system, the research team said in a paper that was presented during the ACM Conference on Security and Privacy in Wireless and Mobile Networks on Tuesday.
In August 2011, a pair of researchers from University of California proposed a similar attack and designed a concept application called TouchLogger to demonstrate it.