Share this page!

Mysk 🇨🇦🇩🇪 Profile picture
Twitter logo
19 Oct 21, 9 tweets, 3 min read
We prepared this video to illustrate why access to the accelerometer should get a permission in iOS. Unrestricted access to accelerometer data can breach user privacy. We used Facebook as an example in the video.

#Cybersecurity #Privacy #iOS

It's amazing what algorithms can extract from accelerometer data:
- Detect if you're walking, sitting, cycling.. etc
- Count your steps
- Figure your heart rate
- Find your precise location
- Analyze sound vibrations of your phone speaker and infer what you're listening to
The iPhone is equipped with a very accurate accelerometer. It helps algorithms achieve their goals with high accuracy.
Good news: iOS only allows apps to access the accelerometer when apps are active in the foreground
Bad news: apps can access the accelerometer without any system permission and without the user being aware.
Well, what could go wrong with that, it's only accelerometer data?
Here's why you should care:
As shown in the video, Facebook reads accelerometer data all the time. If you don't allow Facebook access to your location, the app can still infer your exact location only by grouping you with users matching the same vibration pattern that your phone accelerometer records
For example, if you are on the bus and a passenger is sharing their precise location with Facebook, Facebook can easily tell that you are in the same location as the passenger. Both vibration patterns are going to be identical, e.g. the bus suddenly stops or takes off.
More examples: this research shows that phone speaker vibrations can be detected by the accelerometer and then further algorithms can be applied to reconstruct the speech:

arxiv.org/pdf/1907.05972…
And this research applies algorithms to predict heart rate by analyzing and processing accelerometer data:
venturebeat.com/2018/07/13/res…
In addition, there are many github projects that implement sophisticated methods to count steps based on accelerometer readings:
github.com/bagilevi/andro…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Mysk 🇨🇦🇩🇪

Mysk 🇨🇦🇩🇪 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @mysk_co has new unrolls!

Check out other threads from @mysk_co!

Read all threads by @mysk_co

:(