Smartphones have progressed considerably over time and are equipped with brand new technologies. Although we see many benefits of these technologies, they can sometimes endanger phones.
A new attack that fingerprints phones has been discovered. It is quite easy to carry out the attack and theoretically it is impossible to stop it unless Apple or Google directly intervenes. While iPhone devices and Google’s Pixel 2 and Pixel 3 phones are known to be affected by this attack, other high-end Android devices can also be exposed to these attacks.
Websites collect information as you browse. The data they receive from the browser can be used to create a unique fingerprint for your device. It is possible to set up a system that can track all the sites you visit from the same device using the same browser. The system developed by the researchers, called SensorID, can record the information it sends by using the fingerprints of smart devices. The research was introduced at the IEEE Security and Privacy Symposium on May 21.
SensorID uses mechanisms in smartphones. These devices have gyroscopes, accelerometers, magnetism meters. These sensors generally do not work as well as they should be. Manufacturers calibrate each device and market the products as such. This calibration is also processed in the software of the device. In most cases, the calibration data is generated specifically for the smartphone. The researchers’ attack removes the fingerprint of the phone through this calibration.
It is almost impossible to stop this attack. The data needed to create this fingerprint goes to every site visited, and is included in every application used. This data is not protected. In most cases, a one-second visit to a site is all it takes to generate a fingerprint.