Smartphone apps leaking out data, giving away GPS location to hackers
Sensors installed in mobile phones that gather up data could be leaving it vulnerable to vicious cyber-attacks according to the newest research findings. In fact, tapping on the no option to applications that ask for a smartphone's location is just does not cut it when trying to have a device blocked from being tracked from the get-go.
A brand new study has discovered proof that accelerometers—which are in smartphones to detect motion and are also used for apps for gaming and pedometers— leave behind "unique, trackable fingerprints," that can be used when trying to identify a person and actually keep a close eye on an individual's phone. According to University of Illinois electrical and computer engineering professor Romit Roy Choudhury and his team of researchers, there is a special process by which smartphones can get tracked. Tiny imperfections in the manufacturing process of the device make a unique fingerprint on a smartphone's accelerometer data.
The team of researchers compared this to cutting out sugar cookies with a cookie cutter. Even though the cookies may look the same, each one has a slight difference than the one that had been cut out moments before. The same idea is true for smartphones.
Once a user's data is sent off to a cloud to get processed, the phone's special signal can be used to place the identity on the user. It is scary to realize that the same exact data that helps people achieve high scores in their favorite app games is also being used to find out their exact location. What is even more worrying, Choudhury's team was able to pinpoint a phone's location with 96 percent accuracy, according to an article on qz.com. "Even if you erase the app in the phone, or even erase and reinstall all software," Choudhury said in a press release, "the fingerprint still stays inherent. That’s a serious threat."
It has been suggested by Professor Choudhury that other sensors in the phone are potentially as vulnerable such as cameras, microphones, and gyroscopes. Apps like these could be leaving crucial clues on the cloud, making it far easier for thieves to identity where a phone is located. "Imagine that your right hand fingerprint, by some chance, matches with mine," Choudhury said, as stated in a qz.com article, then he continued, "But your left-hand fingerprint also matching with mine is extremely unlikely. So even if accelerometers don't have unique fingerprints across millions of devices, we believe that by combining with other sensors such as the gyroscope, it might still be possible to track a particular device over time and space."
For the time being, there is not really much that can be done to fix this ordeal, according to Choudhury. It is almost impossible to create millions of cellphone parts to be exactly the same down to the smallest detail. Each time a mobile phone component is made, it is slightly unique and never a 100 percent clone of the previous one that had been manufactured. There is no magic bullet solution to protecting such signals from hackers.
The only plausible way of keeping privacy entirely private would be to cut off the data connection streaming from smartphones to the cloud for processing. However, in this day and age, mobile units do not have enough processing power or battery allowance to have this trick work out in their favor.