Motion Sensors in Your Phone Could Eavesdrop on Your Conversations
In the age of surveillance paranoia, most smartphone users know better than to give a random app or website permission to use their device’s microphone. But researchers have found that there’s another, little-considered sensor in modern phones that can also listen in on their conversations. And it doesn’t even need to ask.
In a presentation at the USENIX security conference next week, researchers from Stanford University and Israel’s defense research group Rafael plan to present a technique for using a smartphone to surreptitiously eavesdrop on conversations in a room — not with a gadget’s microphone, but with its gyroscopes, the sensors designed to measure the phone’s orientation. Those sensors enable everything from motion-based games like Doodle Jump to cameras’ image stabilization to the phone’s displays toggling between vertical and horizontal orientations. But with a piece of software the researchers built called Gyrophone, they found that the gyroscopes were also sensitive enough to allow them to pick up some sound waves, turning them into crude microphones. And unlike the actual mics built into phones, there’s no way for users of the Android phones they tested to deny an app or a website access to those sensors’ data.
“Whenever you grant anyone access to sensors on a device, you’re going to have unintended consequences,” says Dan Boneh, a computer security professor at Stanford. “In this case the unintended consequence is that they can pick up not just phone vibrations, but air vibrations.”
For now, the researchers’ gyroscope snooping trick is more clever than it is practical. It works just well enough to pick up a fraction of the words spoken near a phone. When the researchers tested their gyroscope snooping trick’s ability to pick up the numbers one through ten and the syllable “oh” — a simulation of what might be necessary to steal a credit card number, for instance — it could identify as many as 65 percent of digits spoken in the same room as the device by a single speaker. It could also identify the speaker’s gender with as much as 84 percent certainty. Or it could distinguish between five different speakers in a room with up to 65 percent certainty.
But Boneh argues that more work on speech recognition algorithms could refine the technique into a far more real eavesdropping threat. And he says that a demonstration of even a small amount of audio pickup through the phones’ gyroscopes should serve as a warning to Google to change how easily rogue Android apps could exploit the sensors’ audio sensitivity.
“It’s actually quite dangerous to give direct access to the hardware like this without mitigating it in some way,” Boneh says. “The point is that there’s acoustic information being leaked to the gyroscope. If we spent a year to build optimal speech recognition, we could get a lot better at this. But the point is made.”
Modern smartphones use a kind of gyroscope that consists of a tiny vibrating plate on a chip. When the phone’s orientation changes, that vibrating plate gets pushed around by the Coriolis forces that affect objects in motion when they rotate. (The same effect is why the Earth’s rotation causes the ocean’s water to swirl or air currents to form into spinning hurricanes.)