When Your Phone Always Knows Where You Are

Phones are giving away your location, regardless of your privacy settings (Quartz, 28 April 2014) – Sensors in your phone that collect seemingly harmless data could leave you vulnerable to cyber attack, according to new research. And saying no to apps that ask for your location is not enough to prevent the tracking of your device. A new study has found evidence that accelerometers-which sense motion in your smartphone and are used for applications from pedometers to gaming-leave “unique, trackable fingerprints” that can be used to identify you and monitor your phone. Here’s how it works, according to University of Illinois electrical and computer engineering professor Romit Roy Choudhury and his team: Tiny imperfections during the manufacturing process make a unique fingerprint on your accelerometer data. The researchers compared it to cutting out sugar cookies with a cookie cutter-they may look the same, but each one is slightly, imperceptibly different. When that data is sent to the cloud for processing, your phone’s particular signal can be used to identify you. In other words, the same data that helps you control Flappy Bird can be used to pinpoint your location. Choudhury’s team was able to identify individual phones with 96% accuracy. “Even if you erase the app in the phone, or even erase and reinstall all software,” Choudhury said in a press release, “the fingerprint still stays inherent. That’s a serious threat.” Moreover, Choudhury suggested that other sensors might be just as vulnerable: Cameras, microphones, and gyroscopes could be leaving their smudgy prints all over the cloud as well, making it even easier for crooks to identify a phone.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/KROMKRATHOG.