Because a PIN-pad is so constrained and predictable, the accelerometer in your smartwatch is able to guess with a high degree of confidence (73%) what you enter into it -- it can also serve as a general-purpose keylogger, though with less accuracy (59%), thanks to the complexity of the keyboard.
The machine learning algorithm that makes these guesses is able to generalize its findings from one PIN-pad and apply them to another, even if it has a different layout.
The implication is that any vulnerability in your smartwatch is a potential vector for attacks on your PINs.
To prove his theories in practice, Mr. Beltramelli created a smartwatch application for a Sony SmartWatch 3, which he used to record accelerometer and gyroscope sensor data.
Because of the watch's technical limitations, he wasn't able to send the data directly to a server, but to a nearby Android device (LG Nexus 4) (via Bluetooth), which then relayed it to a server for further analysis.
Using an algorithm that combined Java, Python, and Lua code, he was able to sift through all the data, eliminate noise movements, and detect patterns for various events, like when the user moves and taps his finger on a phone's touchscreen to unlock a PIN-protected phone, or when the user enters a PIN code on an ATM's keypad.
Deep-Spying [Tony Beltramelli/Github]
Deep-Spying: Spying using
Smartwatch and Deep Learning [Tony Beltramelli/IT University of Copenhagen]
Smartwatches Can Be Used to Spy on Your Card's PIN Code
“For the first time ever, there’s a comprehensive map on where local police departments have partnered with Amazon’s Ring,” CNet’s Alfred Ng writes.
“The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives.”
Theoretically, there’s never been an easier time for marketers. The ubiquity of social media means a good word – or a good brand – can spread like wildfire with very little effort. But as limitless as the internet is, there’s a lot of competition and noise to contend with. And the vast graveyard of failed […]
They might be the shiny new thing, but AirPods aren’t for everybody. Maybe you’re looking for a new sound or you understandably lost those tiny buds during a brisk run. If so, here’s 10 headphones and earbuds that break out of the Apple mode with a return to quality and wearability. Klipsch R5 Bluetooth Neckband […]
When it comes to passwords, there’s no such thing as paranoia. You want them secure and complex, and you definitely don’t want to repeat them on all your accounts. The trouble is, the internet seems to keep growing. And so do those accounts. Just one lockout from an important email or banking site is enough […]