SCIENTISTS HAVE DEMONSTRATED an attack that could allow hackers to potentially crack your smartphone's PIN from the way that you hold your device.
Boffins from Newcastle University found that by monitoring a smartphone's sensors they were able to work out a user's PIN code 74 per cent of the time on just the first guess. Given five attempts, they were able to figure it out 100 per cent of the time.
For example, if a user opens a malicious link in their smartphone's web browser, the website can ask for, and be given, data such as device orientation without the user being aware.
The researchers note that each 'touch action', be it clicking, scrolling, holding or tapping, created a unique orientation and motion trace that tells a hacker where the user was clicking and what they were typing.
Dr Mehrnezhad added: "On some browsers, we found that if you open a page on your phone or tablet which hosts one of these malicious codes and then open [another one], then they can spy on every personal detail you enter.
"And worse still, in some cases, unless you close them down completely, they can even spy on you when your phone is locked."
Don't go throwing your phone in the bin just yet, though, as in order to carry out the attack the researchers had to first had to use data from people keying in their PIN codes to train an artificial neural network. Each user each had to type 50 known pin numbers in, five times over, before it learned enough about how they hold their phones to guess a hidden pin with 70 per cent accuracy.
Still, the researchers say they have notified Apple, Google and Mozilla about the issue, and says the firm's are working together to fix it. µ
'Ah - yes - we're ignoring your wishes for a reason there, leave it alone'
And, er, not much else
To serve, protect, and get incredibly hot and dusty
Symantec links attack to prolific Lazarus hacking group