Used to be if spies wanted to eavesdrop, they planted a bug. These days, it's much easier. Because we all carry potential bugs in our pockets—__1___. One team of researchers used an iPhone to track typing on a nearby computer keyboard with up to 80 percent __2___. They presented the findings at a computer security conference in Chicago.

The researchers designed a malicious app for the iPhone 4. When you place the phone near a keyboard, it exploits accelerometer and gyroscope data to sense vibrations as the victim types—detecting whether keystrokes come from the left or right side of the keyboard, and how near or far __3___ keys are from each other. Then, using that seismic fingerprint, the app checks a pre-created "vibrational" dictionary for the most likely words—a technique that works __4___ on words of three letters or more.

Of course, you'd need to install the app to allow it to spy. But whereas most apps have to ask __5___ to access location data or the camera, that's not so for the accelerometer. This kind of attack may offer good reason to limit accelerometer access too—and keep iPhones from becoming "spiPhones."

【視聽版科學(xué)小組榮譽(yù)出品】
smartphones accuracy subsequent reliably permission
曾幾何時(shí),特工要想竊聽,就得安裝竊聽器,現(xiàn)在這一切就小菜一碟了,其實(shí)我們的口袋里都帶著竊聽器——智能手機(jī)。一個(gè)調(diào)查團(tuán)隊(duì)用iphone識(shí)別出了附近的一臺(tái)電腦鍵盤上輸入內(nèi)容,準(zhǔn)確率高達(dá)80%。,他們?cè)谥ゼ痈缗e行的計(jì)算機(jī)安全大會(huì)上公布了這一發(fā)現(xiàn)。 調(diào)查人員研發(fā)了一款惡意應(yīng)用程序,安裝在iPhone 4上。把手機(jī)放在鍵盤附近,手機(jī)利用加速器和螺旋儀的數(shù)據(jù)來感知振動(dòng)頻率,檢測(cè)用戶按鍵是從左邊還是右邊,以及相鄰擊鍵相隔多遠(yuǎn),之后,程序根據(jù)振動(dòng)特點(diǎn)查詢其先前創(chuàng)建的“振動(dòng)式”字典,找出最相近的單詞,這項(xiàng)技術(shù)要求輸入的單詞最少有3個(gè)字母。 當(dāng)然了,要想讓iphone成為特工,你需要安裝該程序才行。但是大多數(shù)程序要求許可證,才能訪問定位數(shù)據(jù)或攝像機(jī),加速器則不需要。加速器的攻擊或許會(huì)給限制加速器使用一個(gè)正當(dāng)?shù)睦碛?,由此一來,iphone自然無(wú)法成為“特工”。