Published in IoT

Smartwatches used to spy

by on14 September 2015

Data leak

In another reason not to own a smartwatch, a team of boffins have turned them in to devices which can spy on their owners.

Most of the expensive smartwatches come with a gyroscope and an accelerometer, which means that micromovements can be tracked and decoded.

Software can detect what keys you're pressing with your left hand and thus guess what words you may be typing on a keyboard.

Romit Roy Choudhury, Associate Professor at ECE Illinois, together with a group of students, worked on a project called Motion Leaks (MoLe), funded by the National Science Foundation, set to be presented during this week at the MobiCon 2015 conference in Paris.

Researchers created a 3D map of the user's hand movements while typing on a keyboard.

The researchers then created two algorithms, one for detecting what keys were being pressed, and one for guessing what word was typed.

The first algorithm recorded the places where the smartwatch's sensors would detect a dip in movement, considering this spot as a keystroke, and then created a heatmap of common spots where the user would press down.

Based on known keyboard layouts, these spots were attributed to letters on the left side of the keyboard.

Another algorithm took this data, and analysing the pauses between smartwatch (left hand) keystrokes, it was able to detect how many letters were pressed with the right hand, based on the user's regular keystroke frequency.

The MoLe project still has a long way to go and there are flaws in the system, but it does mean that if a hacker can get the software onto the watch, the spooks can know what you type. This is not as difficult as it sounds.

Wearable security is still a bit of a grey area with few experts knowing what they are doing yet..

Last modified on 14 September 2015
Rate this item
(3 votes)

Read more about: