Boffins silently track train commuters without tripping Android checks Nanjing University boffins Jingyu Hua, Zhenyu Shen, and Sheng Zhong have tracked commuter train trips with 92 percent accuracy using stolen phone accelerometer data. The trio says tracking users on Android phones is possible in part because the platform does not require permission or consent to access the dataset. Here's the …
I'm not even sure they can. Even assuming they can extract purely the train movements from the phone moving while being held by someone who's standing and swaying about and tapping away merrily, each train if driven by a human will be driven slightly differently and what happens if it stops at a red light in a tunnel? How do they account for that in their line signatures? Also smartphone accelerometers arn't exactly the last word in accuracy either.
Sounds like a puff piece to me based on some extremely selective data.
How do they account for that in their line signatures?
How about demonstrating you've read the paper before criticizing it?
based on some extremely selective data
Care to show us in what sense their experiments with the Nanjing Metro are "extremely selective"?
Their classifier is 89% accurate for routes that include four stations, and 92% for routes that include six stations. If you'd care to show us your experiments contradicting their results, I'm sure we'd be very interested.
Honestly, the amount of "I didn't do it, so it didn't happen" here is pathetic.
"Care to show us in what sense their experiments with the Nanjing Metro are "extremely selective"?"
Its ONE metro. Plus its automaticaly driven - ie the train accel/decel rates and phases will be extremely consistent.
"Their classifier is 89% accurate for routes that include four stations, and 92% for routes that include six stations. "
Actually if you'd bothered to read the paper it says:
"The results show that the inferring accuracy could reach 89% and 92%"
"could" is a whole different kettle of fish to "does".
All they're doing is pattern matching on low frequencies vs time which an in an ideal world that might work. In the real world it sure as hell won't and is also easily gamed.
Why doesn't the accelerometer require permission? I mean, if you are using a game that uses tilt etc. (or "shake to do x" function in an app") you expect it to need it, otherwise it'd at least raise questions when some emoji app or something asks for accelerometer permission on install.
Even if you have an app that has a legitimate need for it, that doesn't mean it can't also use the permission for "evil". Let's say you played a game this morning for a bit. Unless you killed the program once you're done with it, how do you know it isn't still grabbing your accelerometer data when you go to work tomorrow?
Unless you killed the program once you're done with it, how do you know it isn't still grabbing your accelerometer data when you go to work tomorrow?
Even if you kill it, you don't, under the assumption that you are concerned with reducing the risk of it being malware. If there are examples in the wild of malware that keeps your phone running when you try to turn it off, then one that lets you think you have killed a process when you actually have not shouldn't be a surprise.
"Why doesn't the accelerometer require permission?"
I have a better question - why doesn't opening a webpage (or indeed even THINKING about doing anything off-device) require permission? Once you're allowed to open an arbitrary URL in a browser (which requires zero permissions AFAIK) you're free to exfiltrate moderate amounts of data any time you want...
Why bother with complicated accelerometer data when you can just request location permission?
Something like 36% of all apps on the Android store request your location data (at least according to an article I read by Zscaler research). It's so common that only the most paranoid of users will hesitate to install an app that asks for it. Another common permission is audio/video, and combined with the common "run in background" permission allows much more worrying forms of surveillance.
The problem in my opinion is the lack of oversight users are given to see what apps are running and doing on THEIR phones. If you could easily see that your "calculator" app runs in the background 50 times a day and requests your location and audio recording every time, then you'd uninstall it. Especially if this were exposed better as part of the "battery usage" then I think average users would care about it more.
The VAST majority of apps should not need unrestricted access to run in the background. When they do run in the background they should be put in a sandbox with no access to hardware/sensors, and limited access to poke around the filesystem etc. Apps that want to background without a sandbox should trigger a notification e.g. "App X has recorded 22 seconds of audio"; clicking on it should give users the option of forcing the sandbox, uninstalling the app, reporting the app for malware, and permanently ignoring this kind of hardware access for this app.
But since there are perfectly legitimate reasons for background location tracking (navigation, geologging, et al), you'll just raise a culture of "Click OK to get the hell out of my way." Put mildly, the average person doesn't want to know all the gritty details. They just want their app and that's that. Sure, they complain when they get pwned, but they also complain when they have to jump through too many hoops (which is the only practical way to safeguard against being pwned without your knowledge). Sounds to me like you can't win.
But since there are perfectly legitimate reasons for background location tracking (navigation, geologging, et al), you'll just raise a culture of "Click OK to get the hell out of my way."
Well, yes, of course. It has ever been thus.
However, there are few "perfectly legitimate reasons for background location tracking", and many users are perfectly capable of saying "oh, hell, no" when an app that doesn't satisfy any of them asks to do it.
Put mildly, the average person doesn't want to know all the gritty details.
That doesn't mean no one does.
"However, there are few "perfectly legitimate reasons for background location tracking", and many users are perfectly capable of saying "oh, hell, no" when an app that doesn't satisfy any of them asks to do it."
Not really. Not enough people care. They don't have time to care. They just want their stuff, thank you. Like it or not, the smart are outvoted by the stupid. Plus what if ALL the apps are doing it, basically making it a Take It Or Leave It? You may be willing to Leave It, but you'd be in the minority.
It's so common that only the most paranoid of users will hesitate to install an app that asks for it.
A big part of the problem is that the Android permission model is wrong. It shouldn't be "only install this app if you want to grant it all these privileges"; it should be "app is asking for these privileges - which ones do you want to grant?".
If the app authors want to write it so it refuses to run if it doesn't have all the goodies, fine; but then market forces can be brought to bear, and some apps might be written to run even if they don't have access to everything.
(Even better, of course, would be built-in support for spoofing sensor data, Internet connectivity, etc. There's rarely any reason for an app to know whether it's getting valid data.)
"If the app authors want to write it so it refuses to run if it doesn't have all the goodies, fine; but then market forces can be brought to bear, and some apps might be written to run even if they don't have access to everything."
Not necessarily. Remember that without this level of control from the devs, they would'nt have coded for Android at all and would've stuck to the Apple Store. Besically, the devs held Android hostage over this. This level of freedom was a necessary evil to allow Android to penetrate the market, but it's also a Pandora's Box, as in once it's set this way there's no going back without backlash that could affect Android's future. Do you think people and phone manufacturers will stick to Android if the app devs start abandoning the platform?
There is a lot of potential for this to be used for legitimate research purposes into travel habits. For instance, the overall efficiency of transportation of people on a particular day. Rather than quantifying the effects of a signal failure on the tube in minutes delay for trains that were actually affected, such a survey would take into account the resilience of passengers taking other methods of transport to get to their destination.
Much easier just to get subscriber's movements from their phone companies. I saw a demo by TfL a few years ago, using live data from Vodafone, that showed commuter movements during rush hour ouside the hotel the conference was happening in. They use it for the purpose you suggest.
Vaguely interesting, and there's no doubt that Google needs to lock down all sensor data. But tracking someone on a fixed subway route isn't nearly so alarming as tracking them with an accelerometer in a more general sense, where they may be walking or driving or riding a bike.
I'm not terribly impressed by this accomplishment.
It's a start (sorry didn't spot the pun first time round). The gaps can be filled in later. If the level of acceleration and deceleration can be measured accurately then velocity (speed) can also be implied. However it wouldn't be accurate for someone if they chose for example to go on a roller-coaster as mentioned by someone earlier. But how many of us do that on a daily commute?
Given how easy it is to get people to agree to giving away location information, and the current settings in Android are either give an app everything it wants or you can't install it, I don't think this has much general applicability. Add to that the fact that the accelerometer won't tell you very much about direction: it can tell whether someone is walking or running but not in which direction.
And this is in China where I'm pretty certain the state has access to all mobile phone data and the mobile phone operators routinely collect all the data they can.
As I understand it, it's not about trying to work out your speed or direction of travel directly.
I think they gather typical acceleration /deceleration characteristics associated with transport routes where this data is typcally relatively constant (A Japanese train route, or even the above mentioned rollercoaster)
Of course, at a start of a journey, the tracked results will not provide an accurate result until a certain length of the route has been covered.
So, the rollercoaster could easily be tracked too; the UK unreliable rail network no so much!
"Add to that the fact that the accelerometer won't tell you very much about direction: it can tell whether someone is walking or running but not in which direction."
Most phone accelerometers are TRI-AXIAL, meaning they can measure acceleration in a space. Most commonly, it's used to determine the phone's orientation by triangulation for g. They CAN know direction.
Didn't we see a story recently here where some Israeli Boffinry figured out that they could track location using battery consumption stats?
Now we have a story pushing people to invest in sophisticated battery monitoring apps in order to defeat a location tracking exploit?
Hmmm....
What's the deal here?
A bunch of card number scrapers in China releasing dodgy apps to track your position by metro accellerometer measurements? Seriously they don't care.
Or a bunch of clandestine state security experts releasing dodgy apps to track your position by metro accellerometer measurements? Seriously they don't need to.
Third option, a bunch of security researchers trying to get some attention... Ahhh now it make sense.
Seriously though I'd like to see someone try and work out location on the London Underground using acceleration data, that strikes me as a different class of problem just the idea that you ride the route in order to get reliable data is a joke in itself.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
