With PlaceRaider, Cell Phone Privacy Is Nonexistant

In light of my classmates’ posts about internet safety, I was inspired to carry over the vibe to cell phones.

A couple years ago, a friend told me to be wary of my cell phone.  She said that a hacker had tapped into a family’s cell phone system, monitoring their habits for months until finally robbing them.  At the time, I hadn’t heard anything about this crime, nor had I read any follow-up information. But recently, I began to wonder – could this be true?

It turns out, it can.

Recently, a crew of researchers at Indiana University, led by Robert Templeman at the Naval Surface Warfare Center in Crane, Indiana, teamed up to develop “PlaceRaider,” a form of malware.  Designed for Android devices, the program takes over a cell phone’s camera to capture user behavior and download personal information.  Simply put: PlaceRaider can record users’ surroundings, identity and financial information, such as credit cards and PIN numbers. The program can even tap into calendar notes to document when users are away from their homes.

Normally, when Android phones take pictures, a shutter sound plays.  To combat this, PlaceRaider has the power to shut off this sound, taking pictures while “recording the time, location and orientation of the phone”  without user awareness.

According to PlaceRaider’s research document :

“The final objective of PlaceRaider is to siphon images from a user’s surroundings such that reconnaissance and visual theft can occur in an efficient manner.”

To test the program, Templeman and his colleagues provided 20 individuals with PlaceRaider-affected cell phones. The individuals, who were unaware of the program, were asked to use their phones for “various ordinary purposes in an office environment.” The study yielded detailed images of the office collected by the phones, deeming the test a success.

But, the program isn’t entirely foolproof.  At least, not yet.

The PlaceRaider research document also states:

“While providing a very general and powerful surveillance capability, our implementation of PlaceRaider relies solely on human vision for the extraction of detailed valuable information.”

In other words, the device only works if we allow it. If our cell phones are placed face-down while in office, the camera cannot physically photograph documents or surroundings.

The system also isn’t universal.  It only runs on the Android system, but will probably expand to different markets in the future. And even though various articles about PlaceRaider claim that it shouldn’t be of concern [yet], we can never be too sure.

 

Advertisements
2 comments
  1. This is very interesting, Escapist Theory. While I’m not surprised, I am intrigued. I can understand how someone’s habits can be monitored for physical acts of robbery, but I’m not convinced that they would be lucky enough to capture credit card and pin numbers. It would have to rely on the camera’s capabilities, and why would we pick up our phone to point it at our credit cards or ATMs? I think the cameras at ATMs are more of a threat. Many people use the same pin # for everything.

    This was written well – not a single writing critique 🙂

    • Thanks! You have a good point there. My paranoia may have gotten the better of me with this post. But, as someone who carries the phone into the bathroom when showering to monitor the time, I’ve always wondered, “could it be possible?” The sources I read were pretty convincing. The cameras on our modern smart phones are actually of pretty good quality nowadays. You’re definitely right in that most people don’t point their phone at credit card information or pin numbers, but these sites reported the actual camera doing all the work for us. The camera and the microphone can actually be fixed to “listen” to our typing habits, on both the computer and phone, to recognize when certain numbers and letters are used. Wild, actually.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: