Mobile phone accelerometer data can be read at will, iOS cannot turn off permissions, Android can limit it this time

[[435012]]

This article is reprinted with permission from AI new media Quantum Bit (public account ID: QbitAI). Please contact the source for reprinting.

It is not new that apps leak information now, including mobile phone storage, application list, location, clipboard...

However, these can be turned off through permission management.

However, there is one permission request that cannot be turned off, and the app will not even notify you if your data has been accessed.

It is related to the accelerometer encapsulated in the Core Motion Framework.

Recently, an iOS developer Tommy Mysk discovered and tested the situation of accelerometer data being read, which caused heated discussion on social media.

In addition to the accelerometer, the core motion framework also has high-precision measurement devices such as gyroscopes and barometers. Their data can be used in many applications.

This time, iOS, which is famous for its privacy protection, seems to have overlooked this point.

Tommy discovered that currently iOS allows any installed app to access accelerometer data without the user's explicit permission.

Core Sports Module Has a Lot to Say

But what good is an accelerometer?

It is hard to imagine that with your acceleration data, combined with devices such as the gyroscope in the core motion module, very accurate information can be collected.

First of all, different motion states will have different acceleration change distributions.

Therefore, acceleration can reflect the way you hold the phone, whether you are standing or lying down, walking or cycling, and count steps.

Although the pedometer on your iPhone is protected by system permissions, many pedometer algorithms can directly access acceleration data to estimate your step count.

Second, the accelerometer detects slight vibrations in your body when you hold the phone, and this data can be used to detect or even predict your heart rate.

Researchers from Philips and the University of Bristol published a related paper on Arxiv, using only sensor data to predict heart rate through an algorithm.

Also, what should you do when you are bored on the bus or subway? Check your social media?

There is also a risk of leakage.

If a passenger in the same car also opens the same app as you, if the software reads the acceleration data, it can determine that the two of you have the same vibration pattern, such as starting, turning left, and braking.

Even if you have turned off location permissions, if the other person has not turned it off, they can use his location to determine your location and which bus or subway you are on.

What's even more terrifying is that the accelerometer can also reverse-engineer your voice based on the sound wave vibrations of the speaker.

If the application requires a higher sampling frequency, it must declare the permission:

The article was published at NDSS, one of the four major information security conferences, confirming the feasibility and severity of such attacks.

In summary, the information that the accelerometer can reflect covers almost all aspects...

App Test

Tommy also actually tested how apps like Facebook read accelerometer data.

After connecting the iPhone to Xcode and opening the console: the accelerometer data is read continuously.

However, although the reading of acceleration data is pervasive, there is a solution.

Currently, apps can only access accelerometer data in the foreground, and iOS will prevent background apps from reading data.

After exiting from the foreground, the reading behavior stops:

Therefore, it is a good idea to clean up the foreground in time after using the App.

For Android users, the Android system has limited the sampling rate of accelerometers, gyroscopes, and geomagnetic field sensors in Android 12:

Although the problem has not been completely solved, it is already possible to limit behaviors such as collecting acceleration data to restore voice.

Because the human voice is generally above 85Hz, and if the sensor sampling rate is limited to below 200Hz, the voice signal that can be fully restored will be limited to below 100Hz.

This way, less useful information can be collected.

If the application requires a higher sampling frequency, it must declare the permission:

However, some people expressed different opinions on the question raised by Brother Tommy.

For example, some netizens pointed out that the key is accuracy:

There are so many articles these days that say "computers can predict..." Actually any information can predict something, usually only slightly better than a blind guess...

Another highly praised comment said:

The positioning and activity monitoring are still very reliable, but the scenes like leaking heart rate and restoring sound are not very convincing to me. However, it is still good to know that such things exist.

What do you think?