Some Phone Sensors Can Be Exploited By Sound Waves

Exploits and malicious attacks come in many forms, and thanks to sensors belonging to the MEMS group found in some modern smart devices, certain sound wavelengths are now among those forms. The WALNUT attack, discovered and refined by researchers the University of Michigan, consists of feeding a device tainted audio that's been laced with a certain acoustic pattern. This, in turn, tricks the sensors in question into outputting whatever the attack signal dictates, rather than their normal output. This applies to things like the accelerometer, gyroscope, pressure sensor, microphone and other sensor gear that, generally speaking, is not vital to the core computing function of the device and measures outside variables.

While such an attack may not sound like much of a threat at first, the theoretical implications are actually pretty chilling. The most obvious example is applications that actually use these sensors. This can range from things like keeping you from playing a game that requires you to turn your phone in landscape mode to hijacking control apps for RC cars, drones, and the like that are usually controlled through tilting your device. Hijacking these sensors can also provide wonky output to test programs, or even control the audio output of a recording, causing the attack sound to spread to other devices that play the recording. Naturally, souring any sort of measurement done with these sensors could also be annoying or even disastrous, depending on the case at hand; cars come to mind as a particularly frightening form of this vulnerability, especially the self-driving kind.

Not all MEMS sensors are vulnerable to these attacks. The types and models of sensors that are vulnerable can, in some cases, be braced against this vulnerability prior to deployment. Likewise, future software updates to devices featuring vulnerable equipment could help to protect the equipment from this sort of attack. Casual users likely won't need to worry about this sort of attack having any harmful effects on the devices that they use and interface with every day any time in the near future, if at all, but the potential is there. Now that the vulnerability has been thoroughly detailed, including a section in the white paper about safe deployment of vulnerable equipment and how to help bolster current deployments against attack, there likely won't be much, if anything, to worry about.

You May Like These
More Like This:
About the Author
2018/10/Daniel-Fuller-2018.jpg

Daniel Fuller

Senior Staff Writer
Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, voice assistants, AI technology development, and hot gaming news in the Android world. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now