Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Android Security Cellphones Wireless Networking

Proof-of-Concept Android Trojan Uses Motion Sensors To Steal Passwords 105

Posted by Soulskill from the for-when-normal-keylogging-is-just-too-precise dept.
judgecorp writes "TapLogger, a proof-of-concept Trojan for Android developed by resarchers at Pennsylvania State University and IBM, uses information from the phone's motion sensor to deduce what keys the user has tapped (PDF), thus revealing otherwise-hidden information such as passwords and PINs."
This discussion has been archived. No new comments can be posted.

Proof-of-Concept Android Trojan Uses Motion Sensors To Steal Passwords More

Proof-of-Concept Android Trojan Uses Motion Sensors To Steal Passwords

Comments Filter:

  • Swype (Score:5, Interesting)

    by Pat Attack ( 1353585 ) on Monday April 23, 2012 @03:19PM (#39774697)
    I wonder if it would work on those of us who use a Swype keyboard. Then again, I do tap out my passwords. A thought: If you randomize the keyboard for password entries, that would make it harder to discern from malware like that and the over-the-shoulder attack.

  • Re:Swype (Score:5, Interesting)

    by robmv ( 855035 ) on Monday April 23, 2012 @04:53PM (#39775751)

    long term better solution is that OS fields for passwords and PIN keypads disable applications access to motion sensor data. If you are custom drawing a password field and not using the OS provided one, add an API to hide motion sensor data when you need it

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close