Tag Archive for: Measuring

Security researchers show how to eavesdrop on mobile phone calls by measuring the ear speaker’s tiny vibrations

/in


While it’s possible that malware on your smartphone could record your calls, it’s an increasingly difficult technical proposition. Instead, researchers from Texas A&M University and colleagues have demonstrated that it’s possible to eavesdrop on phone calls by measuring the tiny vibrations of the ear speaker using a phone’s built-in accelerometers and then decoding that data remotely to determine what was said. They call the method EarSpy. From Security Week:

They conducted tests on the OnePlus 7T and the OnePlus 9 smartphones — both running Android — and found that significantly more data can be captured by the accelerometer from the ear speaker due to the stereo speakers present in these newer models compared to the older model OnePlus phones, which did not have stereo speakers.

The experiments conducted by the academic researchers analyzed the reverberation effect of ear speakers on the accelerometer by extracting time-frequency domain features and spectrograms. The analysis focused on gender recognition, speaker recognition, and speech recognition[…]

When it comes to actual speech, the accuracy was up to 56% for capturing digits spoken in a phone call.

EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers(arXiv)

Source…

Measuring your Android device’s hidden hack hazards: The vital diagnostic check to keep devices secure

/in


With the Optus hack attack sparking fresh data security concerns across the country, Android users again have been urged to run security checks on their devices given the popular operating system’s ongoing susceptibility to hackers and malware.

For example, there’s Android malware like Ads Blocker, which as CNET points out, promises to prevent pop-ups, but instead simply serve up more ads which the app’s developers are paid to flood your screen with.

WATCH THE VIDEO ABOVE: Optus facing serious bill over massive data breach.

Watch the latest News on Channel 7 or stream for free on 7plus >>

Then there’s the more serious Man In The Middle (MITM) attacks, in which a hacker can set up a fraudulent WiFi network disguised as an innocuous public network like those usually made available to patrons in a cafe or shopping centre.

However, once the Android user joins it, the hacker then has complete access to the device and can either log keystrokes or install more Android malware.

Malware found in multiple Android apps. Credit: Dr. Web/Google Play Store

So why are Android users at more risk? It comes down to the fact that the operating system is Linux-based and partly open-source, which means it can be modified by anyone.

In contrast Apple’s iOS system is closed source. That same point of difference is what makes Android currently the world’s most popular system with 2.5 billion active users on devices made by a number of different companies, such as Samsung, Oppo and Motorola. Meanwhile Apple’s iOS is totally confined to Apple devices.

But there’s an easy diagnostic check Android users can run on their device to highlight how much hacking danger they are in.

Simply head to your device’s settings section and click on the Security tab.

On the top of the page a small chart will outline the security status of the device, with the following classifications:

  • No problems found: No security issues are present on your device or Google Account (usually with a tick inside a green circle)
  • Security can be improved: You have security recommendations (usually with a tick inside a green circle)
  • Security may be at risk: Please review the security recommendations and take action to secure your account…

Source…

Measuring your carbon footprint? There’s no app for that • The Register

/in


Column I recently installed an app that promised to measure my carbon footprint, then offer meaningful recommendations that could help me to reduce it.

I thought that sounded like a good enough offer that I was willing to endure a modestly nosey survey that gathered information about my lifestyle, income, and personal habits. The result was an indication that my footprint was in the “high” range.

I found that a little surprising. I did fly a lot, back when that was still a thing. But I don’t have a car, walk and bike everywhere, use renewably generated electricity, and am vegetarian.

The app informed me that 70 percent of my CO2 emissions came from an area defined simply as “purchases”.

Uh … ok? I tapped on that, to see if it might be broken down in any meaningful way, only to find that my rating was an estimate drawn from averages that may or may not have reflected my personal circumstances.

I’d like to believe that I tread lightly on the environment, though I know as a middle-class Australian that’s unlikely to be the case. In the absence of any meaningful information, how can I make changes? I could follow the app’s suggestions – though these seem to be more broad brushstrokes than highly targeted activities.

That leaves me little wiser than before I launched the app.

It’s not really the app’s fault. It’s doing the best it can to offer advice in an environment that almost completely lacks auditability, transparency, or solid sources of data.

When I buy an apple at the supermarket, I have no idea how much carbon was burnt bringing it to me, nor do I have any obvious way to learn this. That’s broadly true for almost everything – although here in Australia automakers are required by law to let you know how many litres of petrol it will burn to take you 100 kilometres (each litre of petrol adds around 2.2 kilograms of carbon…

Source…

Feds need to do a better job of measuring telecommuting benefits

/in

With one of the largest telecommuting communities – over 1 million — in the country many of the Federal agencies that support it have little information to show about its benefits.

Watchdogs at the Government Accountability Office this week issued a report that found that many agencies “had little data to support the benefits or costs associated with their telework programs. All of the selected agencies could provide some supporting documentation for some of the benefits and only two could provide supporting documentation for some of the costs.”

+More on Network World: Black Hat: Quick look at hot issues+

To read this article in full or to leave a comment, please click here

Network World Security