The constant war against security dangers with smartphones continues. A new vulnerability discovered by researchers at Cambridge University’s Computer Laboratory makes it possible to fingerprint a smartphone to track and record all its internet activity.
Called SensorID, the vulnerability utilizes the unique coding of the device’s firmware to create a digital ‘fingerprint’ of the phone. This data is particular to each device and is recorded by websites to identify users. This information can then be used to track that device digitally.
Smartphone Fingerprints
The vulnerability in question doesn’t use the fingerprint scanning data on the phone. Instead, it generates a ‘fingerprint’ of the phone’s firmware. Smartphones must be individually tweaked after production to smooth out variations in accelerometers, magnetometers, and others. This coding is unique to each phone and built into the firmware of the device. Each phone’s fingerprint is unique and easy to access. By marking the fingerprint of the phone, hackers are able to follow the device anywhere it visits. Because the data is linked to the firmware of the phone, hard resets, different browsers, and memory cleaning do nothing to reduce the risk.
Apple and Android
The risk is most problematic for Apple and Android smartphones, which utilize this specific technology. All iPhones and some Android phones have the tracking fingerprint software already embedded. The researcher team contacted Apple after its discovery. A new software update for iOS 12.2 contains a patch that protects the phone’s fingerprint data, however, users of some Android phones are still at risk.
Wallet Security
The fact that the phone can be tracked over internet sites without issue is concerning. An adept hacker could easily mimic the phone’s fingerprint, allowing for access to a website that was previously unknown. Furthermore, hackers could easily track the internet activity of a phone and potentially gain access to hot wallets accessed from devices. Wallet security is already a complex issue, and the SensorID vulnerability is more reason for another layer of necessary protection. Do you think the SensorID vulnerability provides another way for black hat hackers to access crypto wallets? Will the iPhone patch and future Android patches protect users? Let us know your thoughts in the comments below!
Top crypto projects in the US | April 2024
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Jon Buck
With a background in science and writing, Jon's cryptophile days started in 2011 when he first heard about Bitcoin. Since then he's been learning, investing, and writing about cryptocurrencies and blockchain technology for some of the biggest publications and ICOs in the industry. After a brief stint in India, he and his family live in southern CA.
With a background in science and writing, Jon's cryptophile days started in 2011 when he first heard about Bitcoin. Since then he's been learning, investing, and writing about cryptocurrencies and blockchain technology for some of the biggest publications and ICOs in the industry. After a brief stint in India, he and his family live in southern CA.
READ FULL BIO
Sponsored
Sponsored