Your Fitbit or Apple Smart Phone Spying On Your Passwords?
Here is a disturbing bit of research news from brought to you vai the National Science Foundation regarding some of my favorite devices. If you are wearing a fitness tracker or smartwatch that also tracks fitness you will want to pay attention to this!
If you use an ATM or pay by using a password protected chip card –
Computer scientists at Binghamton University and Stevens Institute of Technology have demonstrated that important stuff, like your passwords and pins, can be easily discerned during a transaction if you’re wearing one of these.
How easily? The team was able to combine data from the wearables’ sensors, along with a computer algorithm and on their first try cracked pins and passwords with 80 percent accuracy. After three tries they refined that to 90 percent.
Wearables contain a host of measuring devices — gyroscopes, accelerometers, magnetometers — that collect data on your movements, including precisely how your hand moves when you’re pressing numbers on a keypad.
The team combines that info with their “backward pin sequence inference algorithm,” which determines the most likely pin or password. And they don’t need to know anything about the keypad or the position of your hand.
The good news? The same team that uncovered this vulnerability is working on ways to beat it.
Until then, remember, your smartwatch could be a snitch.
“The discovery files” covers projects funded by the government’s National Science Foundation. Federally sponsored research — brought to you, by you! Learn more at nsf.gov or on our podcast.