Researchers track keystrokes using smartwatches
A US university has developed a method for using the motion sensors on smartwatches to guess what the user is typing, in a discovery the team says has major privacy implications.
University of Illinois researchers used a homegrown app on a Samsung Gear Live smartwatch to capture motion data from the in-built accelerometer and gyroscope and use it to detect typing activity.
The researchers believe that attackers could potentially develop a similar app, disguise it as a fitness tracker or a similar legitimate service, and upload it to mobile app stores.
But the discovery isn't likely to keep security researchers up at night just yet — the app was able to accurately detect keystrokes, but only on the hand wearing the watch.
The prototype system as yet also cannot detect special characters or the keystrokes from users with different typing patterns. The use of the space bar also adds complications.
The researchers nevertheless believe that the vulnerability does represent a potential significant security problem for any wearable device that uses motion sensors.
According to the University of Illinois, this problem could be addressed by lowering the sample rate of sensors in smartwatches to prevent the accurate measurement of typing activity, the researchers said.
Emergency onboarding: what to do before and after a data breach
Organisations that have an emergency onboarding plan are better positioned to have their business...
Savvy directors are demanding more points of proof when cyber incidents occur
Pre-agreement on what a post-incident forensics effort should produce — and testing it out...
Cyber-attack prevention is better than a cure
Corporate and political decision-makers need to invest in areas that do a better job of...
