W3C home > Mailing lists > Public > public-geolocation@w3.org > August 2020

Re: [deviceorientation] Move fingerprintable APIs behind permissions (#85)

From: Maryam Mehr via GitHub <sysbot+gh@w3.org>
Date: Wed, 12 Aug 2020 09:21:25 +0000
To: public-geolocation@w3.org
Message-ID: <issue_comment.created-672760121-1597224084-sysbot+gh@w3.org>
Hi Everyone, 

We have been running experiments on Android devices as well as some gyro on some sensor kits via native apps to fingerprint them according to SensorID paper and got similar unstable results. These attacks work on the sensors that are factory-calibrated. According to the [project webpage](https://sensorid.cl.cam.ac.uk/):
"Can we conduct the same attack to fingerprint other Android devices?
We have found that the accelerometer in Google Pixel 2 and Pixel 3 can be fingerprinted by our calibration fingerprinting attack. It is possible that some other Android devices are also factory calibrated and thus can be fingerprinted. However, we only have data from a few Android device models; the Android device models we have tested, apart from Google Pixel 2 and 3, cannot be fingerprinted using our approach."

GitHub Notification of comment by maryammjd
Please view or discuss this issue at https://github.com/w3c/deviceorientation/issues/85#issuecomment-672760121 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 12 August 2020 09:21:28 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 12 August 2020 09:21:29 UTC