SonarSnoop Framework Can Track User's Touch

This is not a replacement for the usual touchscreen, but the developers with this research wanted to point out a new possible vector of attack
05 September 2018   1147

A group of scientists from Sweden and the United Kingdom developed the SonarSnoop framework, which allows to track touch on the screen of a smartphone. The technology works by the method of echolocation, using the standard equipment of the device. This is not a replacement for the usual touchscreen, but the developers wanted to point out a new possible vector of attack by their research. This is reported by Russian IT media Xakep.

The smartphone's speakers are used to generate sound at frequencies of 18 to 20 kilohertz, which a humancan not hear. Microphones catch signals reflected from a finger or stylus. The received data is processed to obtain possible patterns of motion. Most modern devices have a pair of speakers and microphones, which allows to get a fairly accurate result.

SolarSnoop Framework
SolarSnoop Framework

The published work demonstrates the possibility of stealing graphic keys. For the experiment, the developers of SonarSnoop chose a Samsung Galaxy S4. Theoretically there are 389,112 possible variants of the graphic key, however, practice shows that the most popular is only 12.

Ten volunteers were offered to reproduce these keys in a special application on smartphones. The researchers decided to abandon the standard Android solution for reading graphics keys. Own software should provide more control over the course of the experiment.

Only SonarSnoop was installed directy on the devices in order to collect data, processing was performed on a separate computer. With the best method of processing, it was possible to reduce the average number of possible options from 12 to 2.71. And in some cases, the program immediately gave the right version.

SonarSnoop still exists in the form of a concept demonstrating the possibility of using echolocation. The effectiveness of the technology depends heavily on the particular device model. At the same time, developers noted that background noise has virtually no effect on the result.

Security professionals are constantly looking for and regularly detect the vulnerabilities of modern digital devices. In late August, researchers published information about the vulnerability of smartphones, inherited them from modem 80-ies of the last century.

TIOBE Index June 2019 to be Rolled Out

Java is still on the top, but experts noted fast growth of Python search queries, and they believe it can reach 1st place in 3-4 years
13 June 2019   256

June 2019 TIOBE Index has been released. Analysts noted a sharp increase in the proportion of searches for Python.

This month Python has reached again an all time high in TIOBE index of 8.5%. If Python can keep this pace, it will probably replace C and Java in 3 to 4 years time, thus becoming the most popular programming language of the world. The main reason for this is that software engineering is booming. It attracts lots of newcomers to the field. Java's way of programming is too verbose for beginners. In order to fully understand and run a simple program such as "hello world" in Java you need to have knowledge of classes, static methods and packages. In C this is a bit easier, but then you will be hit in the face with explicit memory management. In Python this is just a one-liner. 
 

TIOBE Team

Experts attributed the growing popularity of Python to the fact that now many have hit the development of software. And newcomers prefer Python - succinct and concise. According to analysts, Java for beginners is too verbose, and C sooner or later will force to understand the intricacies of memory management.