Attackers can keep track on users by sensors in their smartphones

Specialists from Cambridge University presented new way of tracing Android – and и iOS- devices user’s activity on the Internet.

For executing an attack, SensorID used gyroscope and magnetometer calibration data (iOS-devices), and accelerometer, gyroscope and magnetometer (Android-devices). According to SensorID authors, devices from Apple are more vulnerable to attack than Android-powered gadgets. This explained by the fact that during manufacturing of all devices Apple performs precise calibration of all sensor while Android-producers not always do it.

Attack based on careful analysis of sensors’ data that is available without any permissions.

“Our analysis allows getting factory calibration data for every device that producers implement in smartphone’s hardware for compensation of systematic production errors in sensors” – reported SensorID authors.

Calibration data can be used as fingerprints – unique identifiers that allow analytic companies and cybercriminals tracing users’ activity on the Internet. Data collection does not affect device’s performance and victim may suspect nothing.

According to researchers, getting calibration data takes one second only, and not affected by device’s position and environmental conditions. As calibration data remains unchanged, it allows keeping eye on user’s activity on the Internet even after settings reset.

Authors of the research are not aware if attackers used SensorID technology, but argue that:

А study shows that motion sensor data is accessed by 2,653 of the Alexa top 100K websites, including more than 100 websites exfiltrating motion sensor data to remote servers.

Apple fixed vulnerability (CVE-2019-8541) in March this year with the release of iOS 12.2 by adding random noise in sensor calibration output. Google did not launched any patches and reported about necessity to study an issue.

Source: https://sensorid.cl.cam.ac.uk