24 January 2024

Jaw-Dropping New Hack Turns Your Phone Screen Into Covert Spy Camera

Davey Winder

In a new study published in Science Advances, researchers from the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory have revealed how hackers can turn your smartphone into a spying device akin to the TV screens featured in Orwell’s 1984.

The paper, Imaging privacy threats from an ambient light sensor, reveals how seemingly harmless ambient light sensors, used in most smartphones to auto-adjust screen brightness, are capable of covertly capturing user interactions thanks to a newly developed computational imaging algorithm.

How Smartphone Screens, Not Cameras, Can Spy On Users

I have written plenty of articles covering how seemingly innocuous items can be used to spy on users and create a security threat that one might not ordinarily imagine. Forget the more obvious targets for such stories as smart speakers, and think more about light bulbs and vacuum cleaners, both of which have been subject to research regarding covert surveillance techniques.

More than a hint of 1984 shines through the research by Yang Liu, Gregory W. Wornell, William T. Freeman and Fredo Durand. Instead of Big Brother keeping tabs on citizens through enormous TV screens everywhere, the researchers talk of how hackers could covertly capture user gestures through the small screens we carry everywhere: smartphones.

More precisely, the researchers focus on the ambient light sensors that enable our smartphones to adjust screen brightness to match our environment. Apps can use ambient light sensors without the need to ask permission from the user. The lack of permission control is not exactly surprising, given that such sensors have not been considered a privacy or security risk. Until now.

Novel Smartphone Security Risk Revealed By MIT Researchers

“The ambient light sensor needs to be always on for functionality and is traditionally considered to be of low risk,” the researchers state, “because it provides a single value and does not appear to enable imaging of the environment.” But appearances, as we know, can be deceptive. By combining the smartphone display screen, an active component, with the ambient light sense, which is passive, the researchers realized that capturing images in front of that screen was possible without using the device camera.


Image showing ambient light sensor capturing hand gestures.

Are you ready for the science bit? If you are wondering how an image can be captured without a camera, there is no lens between the screen and ‘scene’ after all; this is explained by the screen acting as a virtual sensor that ‘sees’ an admittedly very blurred image at a distance. “For objects that are in contact with or close enough to the screen,” the researchers explain, “lenses are not required. This is because each pixel of the virtual sensor sees the one-to-one mapping blocked by the scene pixel.” The lensless scenario is described as a “deformation of an occluder to form an accidental pinhole between the scene and the screen.”

How Much Of A Real-World Risk Is This Ambient Light Sensor Hack?

Writing on the MIT CSAIL blog, Alex Shipps notes that the real-world possibilities of such a hack are still restricted. As well as the speed at which any image capture retrieval rate can be applied being a stinking 3.3 minutes per frame, Shipps points out that the pictures “are still a bit blurry if retrieved from a natural video” which could lead to further research being required. “While telescreens can capture objects away from the screen,” Shipps concludes, “this imaging privacy issue is only confirmed for objects that make contact with a mobile device’s screen, much like how selfie cameras cannot capture objects out of frame.”

File under more research needed, but don’t discard ambient light sensors as a surveillance target out of hand. Given the ubiquity of smartphones and the speed with which hacking evolves, it’s only natural that eyes will increasingly be on those parts of a device we don’t consider threat-worthy. It would be nice, therefore, to see stricter permissions for apps to access these sensors by way of future mitigation.

No comments: