Can you hack a smartphone or fitness monitor with sound?Started by 6 years ago●3 replies●latest reply 6 years ago●110 views
On a LinkedIn article I saw this claim in an article by John Markoff on March 14, 2017:"On Tuesday, a group of computer security researchers at the University of Michigan and the University of South Carolina will demonstrate that they have found a vulnerability that allows them to take control of or surreptitiously influence devices through the tiny accelerometers that are standard components in consumer products like smartphones, fitness monitors and even automobiles."
I am skeptical that such complex DSP can be performed given all the inputs to an accelerometer. The paper claims that music can introduce malicious vibrations to encode viruses. What do you think?
This idea reminds me of the stories about the "hackers" that are able to hack and control cars like the Toyota Prius. One of the facts that these sensational stories usually omit is that the hackers have more than passing contact with the target vehicle.
Yes, acoustically exciting MEMS devices can induce undesired output signals, especially when in the resonance range of the device.
Many analog attacks have been demonstrated over the past few years (my favorite being using a cellphone to pick up fan and transformer noise in order to steal encryption keys).
No, I don't think anyone is claiming that one can inject malware using this kind of attack - it is not clear how acceleration readings could be transferred to an executable file.
Any such hack requires an "attack surface". I'd be surprised if there was something that would allow much more than disabling the phone's ability to precisely navigate.
Of course, it's all software, so if some genius developer decided that a phone should be completely unlocked in the event that it's vigorously shaken, then it'll completly unlock if it's vigorously shaken.