Latest in Blackhat

Image credit:

Researchers crack iPad PINs by tracking the fingers that enter them

Jamie Rigg, @jmerigg
June 25, 2014
Share
Tweet
Share

Sponsored Links

What's the easiest way to find out someone's password? Watch them enter it, of course, using the simple hacking technique known as shoulder surfing. Cameras and software have successfully been used by researchers to automate and improve the accuracy of snooping on smartphone users with such observational methods, but they require a direct line-of-sight to work. Now, as Wired reports, a group at the University of Massachusetts Lowell has developed a way to capture iPad passcodes without needing any kind of on-screen cue. A camera is still required, but because the position of the lockscreen keypad is static, their software references finger movement against tablet orientation to estimate the PIN by the way it's entered.

Using Google Glass to emphasize how this could done quite inconspicuously, researchers found video from the wearable could capture a four-digit PIN from three meters away (nearly ten feet) 83 percent of the time (or over 90 percent with a little human help). Figures were similar using one of Samsung's camera-equipped smartwatches, and at the same distance, video from an iPhone 5 increased the success rate to 100 percent. Better cameras unsurprisingly produced better results, and at 44 meters (around 144 feet), a $700 camcorder and a little elevation also scored 100 percent on the test. Understanding that some might be genuinely worried about this kind of carry on, the same researchers are currently developing an Android app that randomizes the layout of the PIN-entry keypad, which they plan to release at the same time they present their work at the Black Hat USA conference in August.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Apple program will replace AirPods Pro buds with crackling, ANC issues

Apple program will replace AirPods Pro buds with crackling, ANC issues

View
$149 Playdate handheld is 'ready to go,' orders start in early 2021

$149 Playdate handheld is 'ready to go,' orders start in early 2021

View
Chevy will start selling EV retrofit kits in 2021

Chevy will start selling EV retrofit kits in 2021

View
Roborace engineer explains why a driverless racecar drove into a wall

Roborace engineer explains why a driverless racecar drove into a wall

View
Ubisoft pulls post about PS4 games not working on PS5, cites 'inaccuracies' (updated)

Ubisoft pulls post about PS4 games not working on PS5, cites 'inaccuracies' (updated)

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr