American scientists from the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a vulnerability in all devices equipped with light sensors and displays. Almost all modern smartphones and other mobile devices meet these criteria. The study was published in the scientific journal magazine Science Advances (SciAdv).
Light sensors adjust the brightness of the screen by evaluating the ambient light level. However, unlike smartphone cameras, applications do not need to ask the user for permission to use these sensors.
The CSAIL team created a computational imaging algorithm to reconstruct the image of the environment captured by a light sensor.
“Light sensors can passively record our actions without our permission. Our demonstrations show that sensors, when combined with a display, pose a privacy risk by allowing information to fall into the hands of hackers,” said Yang Liu, lead author of the study.
To mitigate the consequences of the discovered vulnerability, scientists suggested two measures to operating system developers: tightening permission policies and reducing the accuracy and speed of sensors.
By reducing the accuracy and speed of these components, sensors will reveal less sensitive information. On the hardware side, it is claimed that the ambient light sensor on any smart device should not be pointed directly at the user, but should be placed on the side that will not detect important touch interactions.
Previous researchers was created Chatbot for hacking the protection of other AIs.