This security risk stems from the fact that the phone is equipped with a series of sensors, and of course not just GPS and communication interfaces. Gyroscopes and accelerometers can also track the way the phone is taken and other actions. App installed in the phone can use these sensors to perform unpredictable tasks users, such as tracking the user's movement in the city streets.
Most people think that shutting down a cellphone's location service can stop such surveillance, but Northeastern's study unlocks the way Apps evade this restriction. The researchers said that the phone can monitor the user's input to find the user's password, and bring the phone with the body to allow data companies to get the user's location and direction.
When designing protective measures for a device or system, one needs to figure out what kind of threats might occur. For example, the car design needs to be able to protect the driver in a car accident, they will consider any risk factors on the road or roadside. However, their design does not include the case when a car drives off a cliff or is hit by boulders falling from the sky. Not only is it not cost-effective to consider such threats, but such threats are defined as extremely rare.
Designers who design software and hardware also consider what hackers can do, but that does not mean they are safe. Most devices guard against attacks from unknown directions as a target. Many different attacks have taken place over the years, making mobile devices the perfect target for hacking. They are filled with sensors, usually containing at least one accelerator, a gyroscope, a magnetometer, a barometer, four microphones, one to two cameras, a thermometer, a pedometer, a light sensor and a humidity sensor.
App can directly access most sensors without the user's consent. By combining the content of two or more sensors, it is possible for hackers to do something unexpected to users, cellphone designers, and App developers. In a recent project team, researchers developed an App that determines the letters the user types on the phone's screen without having to read the keyboard input.
Researchers are also wondering how a malicious app can infer the whereabouts of a user, including their place of life and place of work and their travel routes, which are, in most people's minds, very private. Researchers want to find out if a user's location can be determined with a sensor that does not require user consent.
Researchers can use a mobile app to observe the user's direction, the App also can use the phone's gyroscope to record the user in the process of turning the angle of the order. The accelerator can indicate whether the user is stopping or moving forward. Through a series of turning angle measurements will be able to create the user's action road map.
Researchers have developed an algorithm that matches these movements of users to the digital maps of the city streets in which they are located, and identifies his most likely course of action. They can even further refine the algorithm to include information such as the degree of road curvature and speed limits to narrow the user's route range. Researchers hope to find a way to stop the leak from happening with this research. (Passenger)