The odds are you can't make out the PIN of that guy with the sun glaring obliquely off his iPad's screen across the coffee shop. But if he's wearing Google Glass or a smartwatch, he probably can see yours.
Researchers at the University of Massachusetts Lowell found they could use video from wearables like Google Glass and the Samsung smartwatch to surreptitiously pick up four-digit PIN codes typed onto an iPad from almost 10 feet away-and from nearly 150 feet with a high-def camcorder. Their software, which used a custom-coded video recognition algorithm that tracks the shadows from finger taps, could spot the codes even when the video didn't capture any images on the target devices' displays.
(Score: 4, Interesting) by LoRdTAW on Wednesday June 25 2014, @03:56AM
A simple fix for that problem would be to randomly rearrange the number pad.
So instead of something like:
1 2 3
4 5 6
7 8 9
0
You would instead get something like this:
3 7 1
4 8 0
9 2 5
6
Yea its a bit more confusing but you would need a direct line of sight to the display to see the actual number placement to read the pass code.
(Score: 0) by Anonymous Coward on Wednesday June 25 2014, @04:19AM
It wouldn't matter if you did, it is already trivial for criminals to place a small camera so that the keypad is totally visible. It would be like preventing theft by putting items on a higher shelf, it will do nothing to prevent determined thieves and will inconvenience ordinary consumers.
(Score: 2) by Foobar Bazbot on Wednesday June 25 2014, @04:40AM
Indeed, according to TFA, they've implemented just such a fix:
I'm not entirely sure what "as an Android operating system update" is supposed to mean in this context -- as there are plenty of apps that replace the stock lockscreen, it seems an ordinary app would suffice, so the most obvious interpretation is that Google will include it in Android and/or AOSP. But that sounds a little odd (Google has the fix, has committed to including it, but is waiting till their Black Hat talk to do so?), so I'm not sure.
(Score: 2) by kaszz on Wednesday June 25 2014, @04:46AM
An even more "evil" version is to re-randomize the position of the numbers for every pin-number that has been typed..
(Score: 2, Interesting) by anubi on Wednesday June 25 2014, @04:52AM
I did something similar for a store that wanted a "permission granter" that would power up a lumber saw... little ATMEL thing.
Problem is keys got swiped or lost, and keypads were too easily observed.
I ended up with a little quadrature encoder ( it was actually a stepper motor acting as a generator, chosen because it was so rugged and would magnetically cog ) wired to a little ATMEL chip. When the knob was messed with, the ATMEL would wake up and look at the knob speed to arrive at a starting number, which appeared to be completely random... it would then increment CW, decrement CCW. To engage the saw, you "opened" the lock as you would a combination lock... that is right to some number, left to another number, right to another number, zero. If you did it right, it would pull in the relay to the saw for ten minutes or until the knob was messed with again. If the saw itself was powered down and up, that would also reset the timer. It did not turn the saw directly on, but enabled it to where its start button would work. You could tell it was ready as the saw control buttons were illuminated when power was available.
The LED display was arranged behind a chute-like tunnel so the display could only be seen head-on by the operator. If a bad code was entered, the device would just flash at you, and if you entered three bad in a row, it would make a lot of noise. It took a zero entry to make it count it as a try, hence, if someones child decided to screw around with the knob, it would just harmlessly rotate until the kid got tired of playing with it. It was smart enough that if you overshot or undershot and backed up to fix your mis-entry, it would understand. Two digit display, 00 to 99. Typical code would be something like 17,76,25,0, and the last zero would stay there until either it timed out or the knob was messed with.
You could not have two numbers too close together because that would have interfered with the grace logic which allowed you to redo a botched attempt, as the program was counting direction reversals as its cue to enter the key number at the apex of the knob travel.
You could watch the operator spinning the knob left and right, but it was really hard to tell exactly what number he was landing on, as the way I had coded it, if he missed it the first go-around, it was easier just to keep turning the knob in the same direction until the number showed again, so watching a guy open this thing was tricky at best to duplicate, but given one could see the display and knew the code, it was very intuitive.
Like you say, if its something external cues the operator - and he makes his action as a function of that cue, it makes it a lot harder to deduce the access code by simply watching him.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 1) by unauthorized on Wednesday June 25 2014, @05:08AM
An even better fix is to use multifactor authentication. A wireless "keychain" device stored on your person will foil any kind of "over the shoulder" attack, and the only added inconvenience would be the initial device pairing process.
(Score: 2) by kaszz on Wednesday June 25 2014, @05:12AM
And the radio giveaway.. "I'M HERE!" ..
(Score: 0) by Anonymous Coward on Wednesday June 25 2014, @05:49AM
Unless the device is not radio but optical or mechanical or whatever.
(Score: 1) by unauthorized on Wednesday June 25 2014, @04:32PM
So what? If someone is willing to forcefully take it off my hands, then they are probably also willing to implement the $5 wrench [xkcd.com] attack.
(Score: 2) by kaszz on Wednesday June 25 2014, @04:42PM
Force is hard if you can't find the person to apply onto..
(Score: 1) by unauthorized on Wednesday June 25 2014, @06:31PM
You are missing the point. This technique is meant to deter skript kiddies with cameras and too much free time on their hands. If you are worried about people who use wrenches, then you presumably will be vigilant enough not to input your password in plain sight.
(Score: 2) by edIII on Wednesday June 25 2014, @05:18AM
Another good fix is layered security. Apple and Android just need to add something like a FIPS compliant fingerprint reader.
The combination of biometrics and a randomized keypad is going to be pretty hard to beat.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by Open4D on Wednesday June 25 2014, @03:59PM
That seems a sensible countermeasure.
There are other slightly less simple fixes. My preferred solution would be a built-in fingerprint scanner - because I think it would have a good combination of convenience and security. But my Galaxy Nexus doesn't have one, and it's not worth upgrading just for that.
So I'd settle for a screen-tap unlock mechanism that can be done without me looking at the screen.
One approach I think could work on a multi-touch screen would be chords, like on a piano. So the first 'character' of my 'password' could be [thumb, forefinger, little finger]. The second 'character' could be [forefinger, ring finger]. Etc..
So for security I could aim the screen at the floor so that no-one can see the 'password' being entered. Or for convenience I can unlock the phone without looking at it - e.g. while walking along the street, or while maintaining a conversation with someone.
(Note, this is not the same as http://gkos.com/ [gkos.com] which uses chords for speed, and it seems you do need to look at the screen.)