Gyrophone Attack: Q&A part 2

A journalist from the Danish Consumer Council has contacted me recently regarding our Gyrophone attack on mobile devices (published in 2014). I’m posting the questions and my answers to them. Note that I haven’t been keeping up with the most recent developments around gyroscope access on mobile device, so I encourage you to verify
the state of matters nowadays.

Q: Can Android phones with gyroscopes still read up to 200 hertz, being within the spectrum of the human voice?
A: There’s no one Android phone. Android is an operating systems with many versions currently being used by users. The access depends not only on the operating system but on the hardware capabilities as well. As far as I know gyroscope measurements are still accessible without special permissions to applications.
I’m not aware of protective measures taken to limit the available sampling rate by software or hardware vendors. However, as we already noted in the paper, the Chrome browser, and other browsers based on the WebKit framework, impose a software limitation on the sampling rate available from JavaScript, bringing it down to 25Hz. So at least Chrome protects its users from malicious access to gyroscopes.
What’s important to note, is that most of the human speech is beyond the sampling frequency, and the access to it is due to an effect named “aliasing”. Low-pass filtering can mitigate the attack. It seems for instance that Samsung Galaxy use hardware that applies certain low-pass filtering (I’m not sure on what frequency), and our phrase recognition attack did not perform as well on those phones as it did on Nexus 4 devices. As we did not test it on many different models, it remains to be studied how well it can perform on them.

Q: In 2014 the technique was not refined enough to pick up more than a fraction of the words spoken near a phone. What about now? Have gyroscopes in smartphones evolved enough to pick up entire sentences and conversations? From how far away can the gyroscopes pick up conversations?
A: The statement “the technique was not refined enough to pick up more than a fraction of the words” is inaccurate. In the experiments we did we purposely trained the algorithms on small sets of phrases to recognize. Since we did not conduct experiments with larger dictionaries, it remains to be studied how well it can perform for larger sets of phrases.
The task (as many other machine learning tasks) definitely becomes harder as the dictionary grows. Our aim was to show a proof of concept, but the full potential of the attack can only be understood by conducting more experiments.
The distance on which this can work depends on the loudness of the signal. If the signal is coming from a further source but is loud enough, perhaps the attack can work. In our experimental setup, the source of the sound was pretty close to the device and was fairly loud. What can amplify the attack is a reverberant surface that responds to sound waves and conducts them well.
To calm things down, I believe that this attack won’t work well when the speakers are several meters away from the device with most gyroscopes. However, this is a very general claim, and it all depends on the particular hardware model and characteristics.

Q: Does the user of an Android phone need to give permission for recording before gyroscopes pick up sound and words? Does Google require the user to give permission for recording?
A: Android phones notify the user when an application requires access to the microphone. However (and that’s the point of our work) it doesn’t notify the user when an application accesses to the gyroscope, which is what enables stealthy eavesdropping. I’m not sure what you mean by Google, since that’s a property of the Android operating system (which is mostly maintained by them), and it’s important to not confuse the two. There are many Android distributions that come without pre-installed Google applications, and Google doesn’t have access to the data on those phone. It’s important to be precise about it and phrase it accurately. Since the Android OS is mostly maintained by Google, it might be a natural expectation that they would address such issues, however, since it is an open source system, technically inclined users can compile their own version of it, and mitigate the attack.

Q: Can the user choose not to be recorded (through gyroscopes)?
A: As far as I know, the user of a standard Android distribution doesn’t have an option to block access to the gyroscopes.

Q: What do Google do with the sound data they pick up via gyroscopes?
A: I don’t have any evidence that Google collects such data and does anything with it. And since Google anyway has access by default to Android devices, we need to worry about the general lesson from this attack, rather than about Google in particular. More important, is that any Android application can collect gyroscope data. So more than worrying about Google (that has reputation to maintain), we should be worried about malicious third-parties that have the same access to our data.

Q: Do you know if it is stored someplace or Google use it through voice recognition?
A: Again, there’s no evidence that Google records gyroscope data, stores it or uses it anywhere else except for on the phone itself. The point is that our work shows new implications of having potential to access this data.

Leave a Reply

Your email address will not be published. Required fields are marked *