New research claims that a telephone's accelerometer be used to track the device owner. How does this work? Is...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
there anything we can do to prevent the accelerometer from being used as an eavesdropping device?
Traditional telephones don't have an accelerometer or GPS, and the word "smartphone" doesn't fully capture the power and capabilities that people carry in their pocket every day. With this power comes new risks that users should weigh against the benefits.
In order for the accelerometer tracking to work, the attacker first needs to install malware on the target smartphone. This could be both a malicious or a functional app included in a legitimate app from a rogue library. This is similar to a side-channel attack that allows an attacker to track the mobile user. This type of eavesdropping uses machine learning to monitor the path of a phone through a train system. Since the train system is along a fixed path, it can calibrate the attack based on specific points.
Accelerometer tracking prevention is difficult and requires more than putting tape over the camera lens on the smartphone or laptop. It may be impossible to disable all of the different features on a smartphone that can be used to track someone. Not to mention that most users willingly give newly installed apps access to the sensors in the smartphone and increase the risk of tracking even more. The most effective method of preventing the accelerometer from being used by malware to track your users is to prevent the malware from getting installed on the device. Do this by only installing approved apps from authorized app stores and running a security tool -- such as antimalware -- to monitor for malware.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Check out this introduction to mobile device management products for enterprises
Learn about device tracking laws before you decide to keep an eye on users
Find out how to stop phone tracking and GPS data leakage
Dig Deeper on BYOD and mobile device security best practices
Related Q&A from Nick Lewis
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and ...continue reading
A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend ...continue reading
A vulnerability in Microsoft's Windows Defender antivirus tool left users open to remote code exploitation. Expert Nick Lewis explains how it ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.