Hackers Could Use Your Smartphone’s Gyroscope as a Microphone to Listen In

Future Tense
The Citizen's Guide to the Future
Aug. 15 2014 4:46 PM

Hackers Could Use Your Smartphone’s Gyroscope as a Microphone to Listen In

gyro
A gyroscope hard at work ... listening.

Photo from wavebreakmedia/Shutterstock.

No device is too small to be potentially hackable. Sure, it might be useful for a criminal to gain access to your entire laptop or smartphone, but it could be just as valuable to hack your laptop’s built-in webcam or your Bluetooth keyboard, depending on what the end goal is. And each sensor inside a bigger device is a potential battleground. Even the gyroscopes in smartphones can be taken over by a hacker and used for something else.

Lily Hay Newman Lily Hay Newman

Lily Hay Newman is lead blogger for Future Tense.

Researchers from Stanford and from Israel’s Rafael defense group have found a way to turn a smartphone’s gyroscope—the sensor that uses gravity to orient a smartphone—into a microphone for eavesdropping. The group created an app called Gyrophone that analyzes the soundwaves the gyroscope picks up, and on Android phones there's no way to deny an app access to the sensor.

Advertisement

As Wired explains, smartphone gyroscopes have a small plate inside them that moves when the device moves. But this plate also vibrates, and the researchers used a feature in Android to measure the vibrations at 200 hertz, 200 times per second, enough to pick up human voices. The researchers found that if they ran their custom speech recognition software on a stream from a gyroscope, it could correctly identify 65 percent of numeric digits a person said while in the same room as the smartphone.

The clarity obviously isn’t great, but the technique would only need a little improvement to be a serious problem for anyone reading their credit card number over the phone. And it could be used for other purposes, too, as the technology improves. The researchers’ speech recognition software can already tell what gender a speaker is 84 percent of the time.

Stanford computer security professor Dan Boneh, a member of the group, told Wired, “It’s actually quite dangerous to give direct access to the hardware like this without mitigating it in some way. ... there’s acoustic information being leaked to the gyroscope. If we spent a year to build optimal speech recognition, we could get a lot better at this. But the point is made.”

Downloading an untrusted app is one thing, but Wired points out that you could even be at risk by navigating to unsecure webpages in Firefox’s mobile browser. Safari and Chrome for Android limit gyroscope readings to 20 hertz, but Firefox allows the whole 200 hertz.

iOS devices are slightly more protected from the gyroscope hack. iOS still lets any app access the gyroscope without user permission, but apps can only get 100 hertz readings from the gyroscope, which lowers the chance of being able to overhear anything.

The research will be presented at the Usenix security conference next week and could motivate changes in Android if Google feels so inclined. This is fixable! But it certainly feels like there will always be something.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Politics

The Irritating Confidante

John Dickerson on Ben Bradlee’s fascinating relationship with John F. Kennedy.

My Father Invented Social Networking at a Girls’ Reform School in the 1930s

Renée Zellweger’s New Face Is Too Real

Sleater-Kinney Was Once America’s Best Rock Band

Can it be again?

The All The President’s Men Scene That Captured Ben Bradlee

Medical Examiner

Is It Better to Be a Hero Like Batman?

Or an altruist like Bruce Wayne?

Technology

Driving in Circles

The autonomous Google car may never actually happen.

The World’s Human Rights Violators Are Signatories on the World’s Human Rights Treaties

How Punctual Are Germans?

  News & Politics
Politics
Oct. 22 2014 12:44 AM We Need More Ben Bradlees His relationship with John F. Kennedy shows what’s missing from today’s Washington journalism.
  Business
Moneybox
Oct. 21 2014 5:57 PM Soda and Fries Have Lost Their Charm for Both Consumers and Investors
  Life
The Vault
Oct. 21 2014 2:23 PM A Data-Packed Map of American Immigration in 1903
  Double X
The XX Factor
Oct. 21 2014 3:03 PM Renée Zellweger’s New Face Is Too Real
  Slate Plus
Behind the Scenes
Oct. 21 2014 1:02 PM Where Are Slate Plus Members From? This Weird Cartogram Explains. A weird-looking cartogram of Slate Plus memberships by state.
  Arts
Brow Beat
Oct. 21 2014 9:42 PM The All The President’s Men Scene That Perfectly Captured Ben Bradlee’s Genius
  Technology
Technology
Oct. 21 2014 11:44 PM Driving in Circles The autonomous Google car may never actually happen.
  Health & Science
Climate Desk
Oct. 21 2014 11:53 AM Taking Research for Granted Texas Republican Lamar Smith continues his crusade against independence in science.
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.