Connect with us

Tech News

Your phone could be giving hackers all of the info they need

(TECH NEWS) A study in Newcastle UK has found that your phone data maybe be what sells you out to hackers.

Published

on

sensors etiquette influencers

How do you hold your phone?

Hackers can get hold of your cell phone pin numbers and other passwords just from the tilt of the device when you type it in, a new research study shows.

bar
The culprit: your smartphone’s motion sensors.

Newcastle’s new discovery

The study, by computer scientists and security experts at United Kingdom’s Newcastle University, is causing an uproar in the entire tech community for its alarming findings.

In a report released this week, the study found that hackers can analyze your motion sensors and figure out your four-digit PIN with very high accuracy.

Researchers could correctly guess the pin 74% of the time on their first attempt, which increased to 94% accuracy after three tries. With only five attempts, the accuracy of the team was 100%.

Hackers love loopholes

This theoretical hack is possible because of a loophole in how web browsers share data between smartphones and websites. While highly sensitive information, such as location require explicit user permission, other data, such as device orientation, or size of the device screen (not seen as sensitive information) is shared with websites freely so that webpages can be responsive and interactive.

As shown by the researchers, such information is enough for a malicious website to hack into your device and decode your PIN.

Of the 25 sensors found to be playing a part in this issue, only a few require user permission before activating for certain apps. The rest are always on by default.

The devices

Dr Maryam Mehrnezhad, a research fellow in the School of Computing Science, said: “On some browsers, we found that if you open a page on your phone or tablet which hosts of these malicious codes and then open [another one], then they can spy on every personal detail you eventually enter.”

“And worse still, in some cases, unless you close them down completely, they can even spy on you when your phone is locked.”

Not practical

The public need not worry too much about this latest news, however. It seems that the methods used by the experts in the study itself faces many significant hindrances “in real life,” that would make the hack unlikely to be successful in the real world.

For example, the researchers needed a lot of data to train its hacking system, an artificial neural network, to acceptable accuracy levels.

Each user had to type 50 known pin numbers in, five times over, before the system learned enough about how users hold their phones to guess a hidden pin with 70% accuracy—a very unlikely scenario in the real world.

Stopping hackers early

Research studies like these are usually welcome by the tech world, as loopholes can easily be fixed before malicious parties can take advantage of such web weaknesses.

In 2014, for instance, hackers at the Hamburg Chaos Communications Congress demonstrated how pin codes could be extracted by simply taking a video of the user’s cornea movements, dubbed the “corneal keylogger,” as they entered data. Similarly, Firefox had loopholes that allowed hackers to track user activities via their battery status.

The latest sensors scare, although overhyped, shall need a sophisticated solution.

There seems to be no practical solution readily available. Apple and Google have been contacted about the issues by the university researchers, but there has been no official statements from either company.

#Sensorscare

Barnil is a Staff Writer at The American Genius. With a Master's Degree in International Relations, Barnil is a Research Assistant at UT, Austin. When he hikes, he falls. When he swims, he sinks. When he drives, others honk. But when he writes, people read.

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

This Zoom alternative offers a branded video meeting experience

(TECH NEWS) AirConnect is a conferencing portal that allows for company customization and automated onboarding so you can focus on other priorities.

Published

on

video portal airconnect

The concepts of company culture and branding are now more important than they’ve ever been. When we were first hearing these terms, they felt like buzzwords and ways to attract new talent and business without any actual execution.

Now that we have an understanding of what they are and how to use them, they are so much more practical and necessary – from big businesses to a one-person Etsy shop.

It’s been a little different in the last few months trying to figure out how to make company culture exude in the virtual world. For places that are hiring, it is also tricky to show how they differ from the rest over a video conference call.

The creators of AirConnect have taken this into account and have unleashed the virtual conference concept with an element of customization. As they say, “nothing beats a personal touch”.

Through use of this video conferencing tool, you can meet virtually with customers and clients in a brand video meeting portal. Customization options include headers, logo placement, and colors.

Additionally, the tool allows for customers to access their data via a customer portal, which allows for some automation when onboarding clients, assisting customers, or meeting with partners. AirConnect urges users to “say goodbye to Zoom links”.

“Let’s face it, nobody likes the where’s-the-link, what’s-the-password, can-you-hear-me-yet: and that includes your customers. Say hello to a single place where they can meet with you, as well as seeing all their account information, resources and anything else you like. Ah, that’s better, isn’t it?” explains the website.

The fully featured customer portal allows users to go beyond the simple zone of a place to talk. The ability to connect to sheets is where customers can access the aforementioned data.

The video call feature in the branded portal offers as many video touchpoints as the user would like; whether it’s used for on-boarding or standard consultations. The fact that customers can access their own data anytime allows users to put their time towards the high-value touchpoints.

On-boarding processes can also be automated by capturing customers’ information and documents in a single portal, making activation simple.

This certainly differentiates from Zoom or Skype as it has the customization option. What do you think – is it useful or flashy for the sake of flash?

Continue Reading

Tech News

Google Messages adds features to catch up to iMessage

(TECH NEWS) Google Messages just added a bunch of features (including a web version) to make the chat service feel a lot more like iMessage. Better late than never!

Published

on

From the way people talk about iMessage, you’d think Apple has the market cornered on instant messaging–and, if you have an Android, you’re pretty much out of luck. With some new additions to Google Chat in the last week, this may no longer be the case.

According to CNET, Google added a slew of features to the RCS Messaging–typically referred to as Google Chat–app, all of which should now be available directly within your Android’s Messages app (technological limitations for older devices notwithstanding). Among these features are reactions to messages and the ability to text from your computer.

CNET notes that you’ll have to use the Google Messages app–not your phone’s built-in chat app if it’s different–in order to access these features, though they also point out that Samsung is in the process of adding the RCS Messaging suite to their proprietary messaging app as well.

You do have to jump through a couple of hoops to ensure that you’re able to use these features in Google Messages, starting with making sure you’ve updated your phone to the latest operating system version. That’s just good life advice anyway, so double-check your phone’s settings for updates before you proceed.

Obviously, you’ll also need Google Messages installed on your phone as well. The app is free to download from the Google Play Store, and it should be compatible with most devices.

Once your phone is updated and Google Messages is installed, you can set Messages as your default texting app from within settings. This process will differ slightly depending on the Android model you have, but the easiest way to do this is by opening Google Messages after installing it, and then following the on-screen prompts to set it as your default texting app.

If you’ve ignored these prompts in the past and you don’t want to redownload the app, you can search your Android’s settings for “chat” or “text” to narrow down the possibilities for where the default texting app setting is hiding.

There is one last step you’ll need to accomplish before you can actually use Google Messages’ chat features, and that’s enabling the features themselves. Google Messages will usually prompt you to upgrade to these features once you start a conversation (this typically takes the form of a message asking if you want to see when your friends are typing), but you can also navigate to Google Message settings, elect to “turn Chat on”, and follow the ensuing prompts.

From here, you’re free to use Messages, much like you would iMessage; you can react to messages by long-pressing them, check and respond to messages from Google Messages on your computer, organize and view message history, and so on. If you’re someone who feels like you missed out on the iMessage craze–or you’ve recently switched from an iPhone to an Android–Google Messages should feel right at home on your phone.

Continue Reading

Tech News

“Mine” helps you find your digital footprint and DELETE it

(TECH NEWS) Most people value their online security, but don’t know to manage their data without abandoning the apps and websites that they love. Mine is trying to change that.

Published

on

I’m pretty concerned with keeping my personal data safe these days: I recently got a VPN and I try to use a privacy browser for everything I do on the internet. But it’s impossible to completely avoid sharing my personal information, especially if I want to watch, buy, say, or do anything at all online.

So when I first heard about Mine, a new machine-learning tool which claims to be “the future of data ownership”, it really piqued my interest. 

Using your email history, Mine identifies companies that are most likely to be storing your information based on the headers of the messages in your inbox. Its AI then independently locates the privacy policies for these companies to determine what kinds of information they’re storing, rather than looking through the actual contents of your emails.

Mine seems very mindful of the fact that they must be trustworthy in order to be successful. It’s free right now while they’re still new; Mine only got started in January. But they have plans to introduce a subscription service in the future.

To quote their FAQ: “Tech companies that are not interested in your money are interested in your data, your online behavior, or other personal assets they can monetize. In other words, if an app is free, they’re probably getting their money from somewhere else 🙂 Our goal is the opposite – we want to make data ownership accessible for all without monetizing our users’ data.”

Of course, when I saw the smiley face, I figured I’d give it a shot. Hey, if they help me get my information out of the hands of a less smiley entity, everything evens out, right?

After sifting through my emails, Mine spat out a list of the places that were allegedly storing my information. I was pretty shocked to see around 100 different companies pop up. Some of them were there for obvious reasons. Google, for example, was self-explanatory… but there were also names that I could swear I’ve never heard of.

I ended up submitting over 50 data deletion requests. The tool made it really easy to see who had my information, and streamlined the process of sending requests to these companies. With two taps, it was bombs away.

My inbox was suddenly buried in automated messages, mostly about how “support” would get back to me “as soon as possible.” I spent the next few days virtually waist deep in what was, for all intents and purposes, spam mail.

The select few that promptly, and properly, addressed my request produced mixed results: only three companies immediately confirmed that they had erased the data they were storing about me. The rest were going to make me do a bit more legwork, with each having their own rabbit holes for me to jump through before they would delete a dang thing. I won’t lie, this frustrated me, but the reasons for these extra steps are not necessarily sinister.

When I spoke to Gal Ringel, co-founder and CEO of Mine, he shared that often, companies do this because they need to be provided with more information than an email address in order to fully complete the request. He says that Mine will soon be incorporating “enriched” data erasure requests that should cut back on the need to inconvenience users with these outside processes.

In the meantime, he and his team have been working with businesses to develop policies that facilitate the process of data erasure. The majority of businesses, he says, consider it a good investment in building trust with the public. It’s also a prudent move to prevent identity theft, should others gain access to their records.

So, what’s my verdict on Mine? It really simplified the process of asking companies to delete my personal information. It is an important step on a long journey towards redefining the relationships that we have with our data, since the majority of people simply don’t have an accessible way to exercise control over it.

Mine is still in development, and I really look forward to seeing what it becomes in the future. (Hopefully, something that involves fewer emails!)

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!