Mobile Device Ambient Light Sensors Can Be Used To Spy On Users (ieee.org) 11
"The ambient light sensors present in most mobile devices can be accessed by software without any special permissions, unlike permissions required for accessing the microphone or the cameras," writes longtime Slashdot reader BishopBerkeley. "When properly interrogated, the data from the light sensor can reveal much about the user." IEEE Spectrum reports: While that may not seem to provide much detailed information, researchers have already shown these sensors can detect light intensity changes that can be used to infer what kind of TV programs someone is watching, what websites they are browsing or even keypad entries on a touchscreen. Now, [Yang Liu, a PhD student at MIT] and colleagues have shown in a paper in Science Advances that by cross-referencing data from the ambient light sensor on a tablet with specially tailored videos displayed on the tablet's screen, it's possible to generate images of a user's hands as they interact with the tablet. While the images are low-resolution and currently take impractically long to capture, he says this kind of approach could allow a determined attacker to infer how someone is using the touchscreen on their device. [...]
"The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors.
Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.
"The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors.
Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.
Easily fixable (Score:3)
Have the device driver run the ambient light level through a low-pass filter (to knock down high-frequency data) followed by a hysteresis filter (to remove the ability to capture low-amplitude changes), and this problem goes away.
Re: (Score:2, Interesting)
Assuming you WANTED that problem to go away.
Re: (Score:2)
99.9% of the imaging they receive is my pants pocket, because that's where my phone is. A nice camera cover would be a great idea, like the ones offered on many laptops. Flip the shutter blocker, and pick your nose all you want.
Re: (Score:2)
I'm not buried in my phone like some.
And, thankfully, my drawers are down then I do #2.
No exhaust analyzers, here.
Between this and AI copying my handwriting (Score:3)
Amount of noise (Score:2)
What if, they are watching Tv. and browsing the web? Older adults tend to ignore the phone at night and use a proper computer. Either way, for most people with a phone, the amount of noise in such surveillance will be very high.
I have recorded you watching porn (Score:2)
I can see a fresh wave of threatening emails trying to shame people into transferring bitcoin to avoid being named and shamed, it has been at least a year since the last time I received one of these.
Re: (Score:2)
I can see a fresh wave of threatening emails trying to shame people into transferring bitcoin to avoid being named and shamed, it has been at least a year since the last time I received one of these.
A: Nice username. Got a chuckle out of me at least.
B: I receive about three of these a week on the email associated with my author persona. Something about the first article on my author blog talking about gambling, drugs, sex, violence, rape, torture, etc, really seems to send those spammedy spammers with the dire warnings into overdrive. Lots of, "I know what you did. Forward me all your monies or I will send it to the authorities."
Cool story, bro. Buy a couple books to send to the authorities? Hell, I'll
The real concern is unrestricted access to sensors (Score:3)
This convoluted proof of concept with the light sensor is not the real issue.
The real issue is that the web or 3rd-party via App can acquire data from a device without device user or owner explicit consent and interaction.
Usually acquiring keyboard, mouse or screen touch data require specific focus on the application in a defined domain like window focus. And unless user explicitly perform actions on these devices on focus to the application, there is no possible background data acquisition.
Even the display device has a defined domain. Application cannot draw outside window or area they registered their own.
Even acquisition of device characteristics shall require user consent. Website have no legitimate business known the screen size, pixel ratio and other characteristic without user consent. Knowing available draw area or window size is ok, but physical size and resolution is not without consent.
Re: (Score:2)
It would be nice if Apple and Google made an OS tweak to expose a toggle that would surface permission prompts for every device access. It would be annoying for a bit while you granted access for your trusted apps, but I think it would be worth it. I would certainly do go through the pain just to know what everything is doing behind the scenes.
Another toggle would be nice that would turn off all device access when the screen is off. I would enable that as well. There is no reason for any app to be doing any