1. Home
  2. Your phone's motion sensors may reveal your PIN, passwords

Your phone's motion sensors may reveal your PIN, passwords

[email protected] (Agencies)
April 11, 2017

London, Apr 11: Hackers can steal your PINs and passwords just from the motion of your phone when you type in the information, warn experts who have unveiled how easy it is for malicious websites and installed apps to spy on you. Cyber experts at Newcastle University in the UK have shown it is possible to crack four-digit PINs with a 70 per cent accuracy on the first guess - 100 per cent by the fifth guess - using just the data collected via the phone's numerous internal sensors.

phoneDespite the threat, the research shows that people are unaware of the risks and most of us have little idea what the majority of the twenty five different sensors available on current smart phones do. While all the major players in the industry are aware of the problem, no-one has yet been able to find a solution.

"Most smart phones, tablets, and other wearables are now equipped with a multitude of sensors, from the well-known GPS, camera and microphone to instruments such as the gyroscope, proximity, NFC, and rotation sensors and accelerometer," said Maryam Mehrnezhad, research fellow at Newcastle University. "But because mobile apps and websites don't need to ask permission to access most of them, malicious programmes can covertly 'listen in' on your sensor data and use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords," said Mehrnezhad.

"More worrying, on some browsers, we found that if you open a page on your phone or tablet which hosts one of these malicious code and then open, for example, your online banking account without closing the previous tab, then they can spy on every personal detail you enter," she said. "And worse still, in some cases, unless you close them down completely, they can even spy on you when your phone is locked," she added.

"Despite the very real risks, when we asked people which sensors they were most concerned about we found a direct correlation between perceived risk and understanding," said Mehrnezhad. "So people were far more concerned about the camera and GPS than they were about the silent sensors," she said.

Sensors are now commonplace in smart devices and are largely responsible for the boom in mobile gaming and health and fitness apps, and soon in all devices in the Internet of Things (IoT), researchers said. The data provided by them combined with the growing computational ability of mobile phones and tablets has transformed the way we use them.

In total, the team identified 25 different sensors which now come as standard on most smart devices and are used to give different information about the device and its user. Only a small number of these - such as the camera and GPS - ask the user's permission to access the device. The research was published in the International Journal of Information Security.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 30,2020

Bengaluru, Jun 30: Karnataka Chief Minister BS Yediyurappa on Monday launched 'Skill Connect Forum' and said that the government is committed to provide impetuous to creating jobs by reviving economic and industrial activities.

The 'Skill Connect Forum' portal connects both private entrepreneurs and job seekers on the same platform.

After launching the forum, the Chief Minister said that the portal provides information on jobs available and who needs a job. "Under this forum, an unemployed will be imparted skills and then enabled to get a job," Yediyurappa said.
Besides providing jobs via registration, the portal also provides a skilled pool of people for those looking to hire, he added.

Deputy Chief Minister Dr CN Ashwath Narayan, who is also the Skill Development Minister said that portal will be a boon to the youth seeking jobs and it will avoid unemployment issue to a great extent.

"All these years, there was no information and communication between job seekers and recruiters. The portal will solve that problem," he said.

Narayan said that there was no proper information on skilled workers and job market. Moreover, skill development was not in sync with the market. All these issues have been addressed by the portal, he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 3,2020

Mumbai, Jul 3: In yet another move to keep Chinese technologies companies at bay, the Centre has cancelled the 4G upgradation tender for BSNL as it has decided to come up with fresh specifications for the upgrade process, sources said.

The Department of Telecommunications (DoT) is likely to issue a fresh tender in the next two weeks.

People in the know said that the fresh tender may not allow Chinese companies to participate and that the new tenders that will be floated in the next two weeks will emphasise on Make in India.

As the border tussle with China escalated last month and around 20 soldiers lost their lives, the government had last month asked both BSNL and MTNL not to use equipment of Chinese makers in their upgrading process to 4G facilities.

Huawei and ZTE are the major Chinese telecom equipment makers working with Indian telecom companies and they would be the hardest hit by the decision.

The impact may be felt in terms of the much-awaited 5G trials in the country. After much deliberation, the Centre last December decided to allow Huawei to take part in the 5G trials.

The cancellation of tender for BSNL's 4G upgradation comes after the Centre on Monday banned 59 Chinese apps including TikTok, WeChat and UC Browser.

A statement by the Ministry of Electronics and IT said that the decision was taken since "there is credible information that these apps are engaged in activities which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order".

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 4,2020

Twitter has joined efforts to do away with racially loaded terms such as master, slave and blacklist from its coding language in the wake of the death of African-American George Floyd and ensuing Black Lives Matter protests.

The project started even before the current movement for racial justice escalated following the death of 46-year-old George Floyd in police custody in May.

The use of terms such as "master" and "slave" in programming language originated decades ago. While "master" is used to refer to the primary version of a code, "slave" refers to the replicas. Similarly, the term "Blacklist" is used to refer to items which are meant to be automatically denied.

The efforts to change these terms in favour of more inclusive language at Twitter were initiated by Regynald Augustin and Kevin Oliver and the microblogging platform is now backing their efforts.

"Inclusive language plays a critical role in fostering an environment where everyone belongs. At Twitter, the language we have been using in our code does not reflect our values as a company or represent the people we serve. We want to change that. #WordsMatter," Twitter's engineering team said in a post on Thursday.

As per the recommendations from the team, the term "whitelist" could be replaced by "allowlist" and "blacklist" by "denylist".

Similarly, "master/slave" could be replaced by "leader/follower", "primary/replica" or "primary/standby".

Twitter, however, is not the first to start a project to bring inclusivity in programming language.

According to a report in CNET, the team behind the Drupal online publishing software started using "primary/replica" in place of "master/slave" as early as in 2014.

The use of the terms "master/slave" was also dropped by developers of the Python programming language in 2018.

Now similar efforts are underway at Microsoft's Github and LinkedIn divisions as well, said the report.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.