Proof of concept: iPhone captures keystrokes via 'thump phreaking'
Researchers at Georgia Tech have worked up a proof-of-concept demonstration of using an iPhone 4's accelerometer as a keylogger. After setting the iPhone near a computer keyboard, the device's built-in accelerometer and gyroscope were able to decipher entire sentences "with up to 80 percent accuracy."
Similar keyloggers have already been developed using microphones, which sample vibrations far more frequently than accelerometers. However, nearly all phone operating systems ask a user's permission before granting applications access to the built-in microphone, which limits the utility of a keylogger.
Apps don't currently ask for users' permission for access to accelerometers and gyroscopes, which raises the remote possibility of iPhones or other accelerometer-equipped devices spying on keyboard inputs without users being the wiser.
"The way we see this attack working is that you, the phone's owner, would request or be asked to download an innocuous-looking application, which doesn't ask you for the use of any suspicious phone sensors," said Henry Carter, one of the project's researchers. "Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening."
The keylogger software works by detecting key pairs -- detecting individual key presses turned out to be too difficult and unreliable -- and by comparing paired accelerometer events against a built-in dictionary, the software can decipher keypresses with startling accuracy. Our own Mike Rose has coined "thump phreaking" to refer to this spying technique (after Van Eck phreaking, which uses CRT or LCD emissions to reconstruct the screen image) and it's as apt a term as any for what this software does.
It must be mentioned that this is only a proof of concept and not an actual attack that's out in the wild. The researchers themselves admit that this keylogger was difficult to build, and it's easily defeated by something as simple as moving your iPhone more than three inches away from the keyboard. That having been said, the technique is very James Bondian, and I wouldn't be at all surprised if something similar to this turns up in a forthcoming spy thriller or Batman movie.
Share
The keylogger software works by detecting key pairs -- detecting individual key presses turned out to be too difficult and unreliable -- and by comparing paired accelerometer events against a built-in dictionary, the software can decipher keypresses with startling accuracy.
Add a Comment
Does this mean that with the right app, I could look even cooler and be typing on an disconnected USB keyboard next to my iPod? People are already pretty amazed when I use my bluetooth one.
October 23 2011 at 7:40 PM Report abuse Permalink rate up rate down ReplyI was confused. I thought it was spying on the iPhone's virtual keystrokes using the sensors, not an external keyboard.
October 20 2011 at 2:27 AM Report abuse Permalink rate up rate down ReplyLike how the Article Topic states iPhones, yet the one Article image has a guy holding a Android Powered phone (G1 from tmobile)
October 19 2011 at 7:10 PM Report abuse Permalink rate up rate down ReplyGeorgia Tech's article specifically states the researchers used an iPhone 4. My bet is the Android phone is the researcher's own handset and is just what he happened to have with him at the time of the photo shoot.
October 19 2011 at 8:38 PM Report abuse Permalink rate up rate down Replyits too bad he has a google phone in hand
October 19 2011 at 5:33 PM Report abuse Permalink rate up rate down ReplyWouldn't the code used for this kind of software have a fairly unique signature? Something that could be detected through an automated sweep during the approval process to the App Store? I can't think of may Apps that would be asking for accelerometer and gyroscope data while running in the background.
I'll have to make sure to keep all my friends Android phones away from my keyboard from now on. :P
Kinda makes the "curated" garden look more and more attractive.
The 'approval' process is very superficial in the App store. Apple is more concerned about rejecting fart apps and anything remotely controversial.
October 20 2011 at 5:44 AM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- Used Apple iPhone 3G 8GB for AT&T for $108 + $5 s&h
- Apple Mac Pro Xeon 6-Core 3.3GHz Desktop w/ 12GB RAM for $3,899 + $28 s&h
- Apple MacBook Pro Core i7 Quad 2.2GHz 15" SSD Laptop for $2,447 + $13 s&h
- Apple Earphones with Remote and Mic for $6 + $2 s&h
- PC Micro Store sale: Up to 50 off
- USB MP3 Player FM Transmitter with remote for $6 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
7 Comments