Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
IOS Security Android

Android and iOS Devices Impacted By New Sensor Calibration Attack (zdnet.com) 59

A new device fingerprinting technique can track Android and iOS devices across the Internet by using factory-set sensor calibration details that any app or website can obtain without special permissions. From a report: This new technique -- called a calibration fingerprinting attack, or SensorID -- works by using calibration details from gyroscope and magnetometer sensors on iOS; and calibration details from accelerometer, gyroscope, and magnetometer sensors on Android devices. According to a team of academics from the University of Cambridge in the UK, SensorID impacts iOS devices more than Android smartphones. The reason is that Apple likes to calibrate iPhone and iPad sensors on its factory line, a process that only a few Android vendors are using to improve the accuracy of their smartphones' sensors. "Our approach works by carefully analysing the data from sensors which are accessible without any special permissions to both websites and apps," the research team said in a research paper published yesterday. "Our analysis infers the per-device factory calibration data which manufacturers embed into the firmware of the smartphone to compensate for systematic manufacturing errors [in their devices' sensors]," researchers said. This calibration data can then be used as a fingerprint, producing a unique identifier that advertising or analytics firms can use to track a user as they navigate across the internet.
This discussion has been archived. No new comments can be posted.

Android and iOS Devices Impacted By New Sensor Calibration Attack

Comments Filter:
  • by Waffle Iron ( 339739 ) on Wednesday May 22, 2019 @02:06PM (#58637584)

    Spock (peering into visor): Sensors indicate that the early 21st-century communicator device belongs to one "William Shatner".

    Kirk: Reverse Polarity!

  • While this is a way to fingerprint a phone, but heck it is easier by just recording the MAC address of the device. It just seems like an academic study, much like tracking keyboard typing speeds and accuracy to get a good idea on who is using the computer.

  • by servo335 ( 853111 ) on Wednesday May 22, 2019 @02:15PM (#58637632) Homepage
    From tfa Apple fixed in already back in march with Ios 12.2 but higher end androids have not been fixed yet. Lower end droids don't have the issue as they dont have the calibration sensor
    • TFA says Apple likely fixed it because iOS was more vulnerable to it (its sensors are calibrated at the factory and the calibration never changes, Android sensors can be calibrated in the field so are mutable). Reading through TFA, it appears this vulnerability only applies to sensors which (1) are accessible to all apps and websites without any special permission, and (2) contain calibration data. AFAIK (I'm no expert on this), only the gyroscopic sensors fall under this category.

      So the fix would appe
      • On android, almost everything requires a permission, including these sensors.

        "Stay awake when the phone is being moved around" is not a normal mode for Android apps. Instead, it is almost always based on either the screen being on, or the lock screen being active. There are specific permissions for being able to keep the device awake.

    • Didn't Chrome already reduce the accuracy of sensor data available to the Web year or two ago?

      This seems like the same or nearly identical problem with an existing codepath to deal with it on Chrome. I would guess Orfox already does it though Fennec can be slow to pick up their privacy work.

  • by Fly Swatter ( 30498 ) on Wednesday May 22, 2019 @02:16PM (#58637636) Homepage
    This is, up to this point, a freely read data point. There is no attack here. The title makes it sound like someone requests a calibration of the device's sensors to do devious things, or something....
    • Agree, /. headlines have been going downhill for some time, "user tracking" is not as catchy as "attack".
  • by Anonymous Coward

    Sensationalistic title for certain. This is not an attack, it is just a method for tracking users. It would be an attack if they used an exploit to crack the system. Using data that is readily available? That's like suggesting a DNS search is an attack against internet hosts.

    • These devices have a unique device ID, and app permissions to control which apps can read it.

      It is permission-controlled data.

      Leaking side channel data that is supposed to be unrelated, but acts as a proxy for other permission-controlled data, that's clearly an attack.

      Like all the other data, if steps hadn't been taken to protect it, then leaking it wouldn't be an attack. But also like all other data, if steps have been taken to protect the data, then something that leaks it without permission is an attack.

  • And more importantly, why isn't there a checkbox to turn that function off? And why isn't it off by default?

    There's absolutely no reason a web page should be able to ask my magnetometer offset. That's not part of turning HTML into pixels.

    Is there a list of browsers which do and don't implement this function?

Disc space -- the final frontier!

Working...