That tape over your webcam might not be enough — the hackers are watching; it might be the right time to install another privacy shutter.
In a report just published in Science Advances, researchers at the Massachusetts Institute of Technology (MIT) emphasized the risks to imaging privacy that ambient light sensors can offer. Users of devices worried about security may find solace in software permissions that limit webcam use and hardware solutions like shutters. Nonetheless, studies have demonstrated that one of the typical ambient light sensors used in a variety of devices can be used to collect visual data. These tiny sensors are normally permission-free on a device level and aren’t closed or deactivated by users.
MIT researchers utilized the Samsung Galaxy View 2 in their investigations. The ambient light sensor on this relatively dated and huge (17.3-inch) consumer tablet is located close to the front-facing (selfie) camera — which is still a pretty popular arrangement.
Manufacturers of devices classify ambient light sensors as low-risk since software (or malware) may frequently access them directly without requiring any authorization or privileges. However, prior research has demonstrated that in roughly 80% of cases — even a basic sensor can yield sufficient information to deduce keystrokes from a keyboard and steal a device’s authorizations and passwords. The latest study demonstrates the potential of an ambient light sensor in conjunction with the device’s screen, which serves as an active light source.
Some devices are more susceptible to these ambient light sensor espionage techniques.
Some devices will be more susceptible to this ambient light sensor espionage technique than others because every device has a different light sensor speed and measurement bit depth, screen brightness, and light sensor precision (see image above). As you can see from the source article numbers, some of the tablet device’s image captures took several minutes. However, ambient light sensor imaging spy technology is verifiably accurate and has room for improvement.
The MIT researchers pointed out that the light sensors are “quite useful,” and we need and want them. The MIT researchers said to adjust the following to stop your peeping-cyber-toms.
- Rethink ambient light sensor device permissions.
- Reduce sensor speed.
- Reposition the sensor so it doesn’t face the user.
Hopefully, when manufacturers become better aware of the ambient light sensor issues, they will implement a few changes to prevent the “snooping tech” from finding more victims.
