Wednesday, April 12, 2017

PIN Crack Hack, or The Gyro Knows

Turns out your phone's PIN code is less secure than previously thought. Researchers demonstrated how to hack it with gyroscope data.

It’s no secret that smartphone PIN codes are not perfect, but new research suggests they might be next to worthless. A team of scientists at Newcastle University in the U.K. was able to guess a user’s phone PIN code with nothing more than data from the device’s sensors.

In a paper published in International Journal of Information security, researchers demonstrated how a phone’s gyroscope — the sensor that tracks the rotation and orientation of your wrist — could be used to guess a four-digit PIN code with a high degree of accuracy. In one test, the team cracked a passcode with 70 percent accuracy. By the fifth attempt, the accuracy had gone up to 100 percent. highlights the danger of malicious apps that gain access to a device’s sensors without requesting permission. more

  • Make sure you change PINs and passwords regularly so malicious websites can't start to recognize a pattern.
  • Close background apps when you are not using them and uninstall apps you no longer need.
  • Keep your phone operating system and apps up to date.
  • Only install applications from approved app stores.
  • Audit the permissions that apps have on your phone.
  • Scrutinize the permission requested by apps before you install them and choose alternatives with more sensible permissions if needed.
The above is just the tip of this iceberg. For the full scare, read what Dr. Maryam Mehrnezhad had to say. ~Kevin