Adversarial mind-reading with compromised brain-computer interfaces


24 Responses to “Adversarial mind-reading with compromised brain-computer interfaces”

  1. Boundegar says:

    Holy crap.

  2. Funk Daddy says:

    Just wait for the malware!  Imma develop a BCI malware projector that induces Tourette Syndrome in a lexicon limited to consumer product brand names and sex acts in the host brain.

    Then I’ll charge companies to keep their brands out of the lexicon.


    “Fuck Snickers!” “C**t Staples!”

    • Fang Xianfu says:

      Or you could go to work for Sony and write a not-a-rootkit to detect people thinking about piracy and have them sing adverts for other Sony products every time they listen to a stolen song on their iPod! Think of the possibilities!

      • Fang Xianfu says:

        PS I have patented this idea and if you even think about violating it I’ll make you punch you in the nose.

    • The Doctor says:

      Yay, basilisk hacks.  I bet the first one seen in the wild looks like a parrot.

  3. Lemoutan says:

    Isn’t the trope here that if it’s being written up in an academic paper then it has already been done?

    •  If it had been done and was actually feasible then it would have already been classified as top secret by every goverrnment on Earth.  

      • fuzzyfuzzyfungus says:

        “We show that the entropy of the private information is decreased on the average by approximately 15 % – 40 % compared to random guessing attacks.”

        It’s known-feasible (if these brain interface widgets were incapable of extracting any information, they wouldn’t actually do anything…); but the power of the technique is fairly low compared to even common and legal methods of questioning. Also, because the consumer devices are severely cost-sensitive, a state user could likely get much better results, even without breaking out the bone drill, just by moving up to classier sensors.

        The really interesting thing would be if such interface hardware were to become extremely common and widely accepted. Just as ‘social’ changed the game on privacy by making it extremely trivial to collect information that was never private; but used to be confined to the target’s social circle, this sort of inferential attack could get quite interesting indeed if every malicious flash applet and adware bot is flashing test stimuli at you…

      • zarray says:

         Governments are always playing catch-up with technology though.

  4. Brainspore says:

    Pictured: an interrogator uses an early prototype of the device in question to determine that the young man at his door is collecting donations for the Coast Guard Youth Auxiliary.

  5. Conan Librarian says:

    HA, good luck stealing my ATM password. I can’t remember it anyway!
    That’s why I have it written on the back of my hand (my grocery list is on the other one).

  6. ldobe says:

    I guess the foil hatters are right this time

  7. Tenser, said the tensor.
    Tenser, said the tensor.
    Tension, apprehension, and dissention have begun!

  8. austinhamman says:

    does this mean malicious users are more capable of getting usable information through a BCI than application/game programmers?

  9. zarray says:

    Batou! Switch to autism mode!

  10. Preston Sturges says:

    Can we just admit that waterboarding is only to provide powerful sadists with sexual gratification?

  11. Jozef says:

    As somebody whose job is to develop BCIs I find this article (more precisely its interpretations by blogs) hugely misleading. They use a process known for decades (P300) with hardware (Emotiv) which is all but adapted for this paradigm since its electrodes are on unsuitable positions. P300 works well with people who trained for it over extended periods of time and it is very easy to thwart its results (for example by clenching your teeth).

    • jimmoffet says:

      In a world where BCI manufacturers all take care not to put their electrodes in “unsuitable” positions and where all consumers educate themselves about security risks and commit to good security practices, this might all be irrelevant. 

      Everything we know about both manufacturers and consumers suggests that this will not be the case.

      If BCI devices become very common, it would only take a small subset of manufacturers and a small subset of users practicing poor security to open a billion-dollar hole.

Leave a Reply