Hacking Car, Phone Sensors with a $5 Speaker

Sensors have become intertwined with our everyday life. From the cars to phones to medical devices, sensors are embedded in many of the technologies we consistently use.

However, microelectromechanical systems (MEMS) accelerometers, which measure the rate of change in an object’s speed, can be tricked, according to a new study from the University of Michigan.

This from the University of Michigan:

Researchers used precisely tuned acoustic tones to deceive 15 different models of accelerometers into registering movement that never occurred. The approach served as a backdoor into the devices—enabling the researchers to control other aspects of the system.

Read the full article.

“The fundamental physics of the hardware allowed us to trick sensors into delivering a false reality to the microprocessor,” says Kevin Fu, professor at the University of Michigan, who led the research team. “Our findings upend widely held assumptions about the security of the underlying hardware. If you look through the lens of computer science, you won’t see this security problem. If you look through the lens of materials science, you won’t see this security problem. Only when looking through both lenses at the same time can one see these vulnerabilities.”

The researchers were able to use a $5 speaker to hack a Fitbit and Samsung Galaxy S5.

“Analog is the new digital when it comes to cybersecurity,” Fu says. “Thousands of everyday devices already contain tiny MEMS accelerometers. Tomorrow’s devices will aggressively rely on sensors to make automated decisions with kinetic consequences.”

Posted in Technology
DISCLAIMER

All content provided in the ECS blog is for informational purposes only. The opinions and interests expressed here do not necessarily represent ECS's positions or views. ECS makes no representation or warranties about this blog or the accuracy or reliability of the blog. In addition, a link to an outside blog or website does not mean that ECS endorses that blog or website or has responsibility for its content or use.

Post Comments

Your email address will not be published. Required fields are marked *