SonarSnoop Framework Can Track User's Touch

This is not a replacement for the usual touchscreen, but the developers with this research wanted to point out a new possible vector of attack
05 September 2018   760

A group of scientists from Sweden and the United Kingdom developed the SonarSnoop framework, which allows to track touch on the screen of a smartphone. The technology works by the method of echolocation, using the standard equipment of the device. This is not a replacement for the usual touchscreen, but the developers wanted to point out a new possible vector of attack by their research. This is reported by Russian IT media Xakep.

The smartphone's speakers are used to generate sound at frequencies of 18 to 20 kilohertz, which a humancan not hear. Microphones catch signals reflected from a finger or stylus. The received data is processed to obtain possible patterns of motion. Most modern devices have a pair of speakers and microphones, which allows to get a fairly accurate result.

SolarSnoop Framework
SolarSnoop Framework

The published work demonstrates the possibility of stealing graphic keys. For the experiment, the developers of SonarSnoop chose a Samsung Galaxy S4. Theoretically there are 389,112 possible variants of the graphic key, however, practice shows that the most popular is only 12.

Ten volunteers were offered to reproduce these keys in a special application on smartphones. The researchers decided to abandon the standard Android solution for reading graphics keys. Own software should provide more control over the course of the experiment.

Only SonarSnoop was installed directy on the devices in order to collect data, processing was performed on a separate computer. With the best method of processing, it was possible to reduce the average number of possible options from 12 to 2.71. And in some cases, the program immediately gave the right version.

SonarSnoop still exists in the form of a concept demonstrating the possibility of using echolocation. The effectiveness of the technology depends heavily on the particular device model. At the same time, developers noted that background noise has virtually no effect on the result.

Security professionals are constantly looking for and regularly detect the vulnerabilities of modern digital devices. In late August, researchers published information about the vulnerability of smartphones, inherited them from modem 80-ies of the last century.

Android-x86 8.1 Released

Let's see what team has made in the fresh release of Android to x86 port
17 January 2019   191

The team of the Android-x86 project, which is the independent community porting the Android platform for the x86 architecture, have published the first stable release of the assembly based on the Android 8.1 platform, which includes fixes and additions that ensure seamless operation on x86-based platforms. Universal Android-x86 8.1 Live-builds for x86 32-bit and x86_64 architectures suitable for use on typical laptops and tablet PCs are prepared for download. In addition, assemblies in the form of rpm-packages are available for installing the Android environment in Linux distributions.

Let's check new features:

  • Support both 64-bit and 32-bit kernel and userspace with latest LTS kernel 4.19.15.
  • Support OpenGL ES 3.x hardware acceleration for Intel, AMD, Nvidia and QEMU(virgl) by Mesa 18.3.1.
  • Support OpenGL ES 2.0 via SwiftShader for software rendering on unsupported GPU devices.
  • Support hardware accelerated codecs on devices with Intel HD & G45 graphics family.
  • Support secure booting from UEFI and installing to UEFI disk.
  • A text based GUI installer.
  • Add theme support to GRUB-EFI.
  • Support Multi-touch, Audio, Wifi, Bluetooth, Sensors, Camera and Ethernet (DHCP only).
  • Auto-mount external usb drive and sdcard.
  • Add Taskbar as an alternative launcher which puts a start menu and recent apps tray on top of your screen and support freeform window mode.
  • Enable ForceDefaultOrientation on devices without known sensors. Portrait apps can run in a landscape device without rotating the screen.
  • Support arm arch apps via the native bridge mechanism. (Settings -> Android-x86 options)
  • Support to upgrade from non-official releases.
  • Add experimental Vulkan support for newer Intel and AMD GPUs. (Boot via Advanced options -> Vulkan support)
  • Mouse integration support for VMs including VirtualBox, QEMU, VMware and Hyper-V.

Get more infoand download links at official website of the project.