Comments

  • henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    2 months ago

    Starting with version 12, the Android operating system introduced a limit of 200Hz to help mitigate such attacks, but as you indicate research shows that some reconstruction may be possible in some scenarios. This is an ongoing area and future mitigations continue to be considered.

    From Kaspersky:

    In 92% of cases, the accelerometer data made it possible to distinguish one voice from another. In 99% of cases, it was possible to correctly determine gender. Actual speech was recognized with an accuracy of 56% — half of the words could not be reconstructed.

    The monitoring application would also need to run in the foreground to access the data on a continuous basis.

    Overall it does look like an interesting theoretical concern.

    • Reddfugee42@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      Background app can request “disable battery optimization” aka continuous operation. Users will just click okay

    • Trailblazing Braille Taser@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      Here’s an exotic conspiracy theory: advertisers are performing sensor fusion / superresolution on many colocated gyrophones to exceed the per-device 200Hz cap. Phone clocks are certainly not aligned to the millisecond, so this would enable them to get a higher time resolution.