Posted by: David Harley | September 18, 2018

Smartphones that talk too much

Daniel Oberhaus for Motherboard: Researchers Used Sonar Signal From a Smartphone Speaker to Steal Unlock Passwords – “>Researchers at Lancaster University have used an active acoustic side-channel attack to steal smartphone passwords for the first time….“We expect iPhones are similarly vulnerable, but we only tested our attack on Androids,” Peng Cheng, a doctoral student at Lancaster University told me in an email.’ 

In brief, the idea is that the phone’s ‘acoustic signature’ can be used to determine the device users’ password when they unlock the phone.

Paper: SonarSnoop: Active Acoustic Side-Channel Attacks

Discussion on Bruce Schneier’s site: Using a Smartphone’s Microphone and Speakers to Eavesdrop on Passwords (it’s actually the comments that are, in some cases, worth reading).

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: