- From: Greg Norcie <gnorcie@cdt.org>
- Date: Fri, 1 Jul 2016 15:02:55 -0400
- To: Nick Doty <npdoty@ischool.berkeley.edu>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
- Message-ID: <CAMJgV7ZWqZah_ADSKpcP=mctkU17YMKny-i=XR=+9i9XypXMgg@mail.gmail.com>
Nick, thank you for sharing this, this is incredibly useful work. CDT has heard reports that some tracking providers may abuse sensors that have a legitimate use. To give a hypothetical example, a game that utilizes the accellerometer to n to move the player's character around the map might also utilize this data for fingerprinting purposes as well. This is especially troubling to me because accelerometer inputs, unlike input from other sensors like cameras and microphones, does not require special permission. The paper also speculated that such permissions could go beyond merely identifying users, and start doing things like inferring keystrokes. Previous literature has in fact shown that accelerometer data can be used to infer passwords[1], and that these attacks are not merely theoretical[2], so I hope now that we've seen that these sensors can be used to de-anonymize and phish users, mobile browser makers will consider whether the benefits of asking for permission to access the slight usability costs of additional dialogs. The paper expresses concern that users will merely "click through" accelerometer permission requests. I don't have data to prove or refute that specific claim. But if anyone were to obtain some, I suspect the FTC's Privacycon[3] would welcome studies testing that theory any findings on such matters. (And the CFP explicitly states that works submitted to academic conferences may also be presented there) [1] ACCessory: Password Inference using Accelerometers on Smartphones http://www.hotmobile.org/2012/papers/HotMobile12-final42.pdf [2] Practicality of Accelerometer Side Channels on Smartphones https://www.cs.swarthmore.edu/~aviv/papers/aviv-acsac12-accel.pdf [3] https://www.ftc.gov/privacycon-call-for-presentations /********************************************/ Greg Norcie (norcie@cdt.org) Staff Technologist Center for Democracy & Technology District of Columbia office (p) 202-637-9800 PGP: http://norcie.com/pgp.txt /*******************************************/ On Thu, Jun 23, 2016 at 5:41 PM, Nick Doty <npdoty@ischool.berkeley.edu> wrote: > Hi public-privacy, > > Attached is a workshop paper from the Mobile Security Technologies (MoST) > 2016 workshop at IEEE Security & Privacy last month. It may be of interest > to our community, as it's suggesting that: 1) motion and orientation data > can be used for cross-origin fingerprinting and, perhaps more novel for us, > 2) motion and orientation sensors could potentially be used to gather the > content typed into a soft-keyboard for a different iframe. > > I think perhaps the general risk to be aware of here is that sensor data > is inherently cross-origin and so if those APIs are accessible to different > origins, they can allow correlation or inference of data in ways that are > unexpected. > > Thanks, > Nick > >
Received on Friday, 1 July 2016 19:03:43 UTC