Your smartwatch might let hackers track your typing

Using a smartwatch, researchers tracked typing with a keylogger program
6707-original
Wareable is reader-powered. If you click through using links on the site, we may earn an affiliate commission. Learn more

Researchers at the University of Illinois Urbana Champaign have figured out a way to track what a person types based on wrist motion.

The data produced is incomplete, but it shows that, with some ingenuity, hackers could take advantage of the smartwatch's motion sensors via an app installed on your device to figure out your password or other personal information.

Read this: Samsung Gear Live review

The research group asked eight volunteers wearing a Samsung Gear Live smartwatch to type 300 words. Thanks to the device's accelerometer and gyroscope, the group recorded the movement of the volunteers wrists and uploaded the data to a program they created to interpret the data.

The tracking program, dubbed "MoLe" is only able to capture the typed keys from one hand (the one wearing the smartwatch), and isn't particularly accurate at that. However, the researchers were able to narrow down the words to five possibilities about 30% of the time.

The group noted in a published paper that one of the biggest hurdles deals with the fact that the tracking program has a difficult time distinguishing the difference between certain adjacent keys. For example, there is almost no movement when typing an "a" and then "s." Additionally, MoLe cannot identify when the space bar is used, which means there is no way to tell when a person has begun typing a new word. The program is based on guessing English dictionary words, which makes detecting passwords made using random characters difficult.

There is also the matter of different typing methods. While some people may have taking typing classes in school to learn finger placement and touch-typing, others still use the hunt-and-peck method, which means motion ranges significantly, depending on the user. It would be difficult to code a program that could take these variations into account.

More reading: Android Wear hack alert


Still, the researchers claim that, at least in theory, a hacker to use a smartwatch as an imperfect keylogger that can detect some keystrokes, which would make it easier to guess what the victim is typing.

The group believes that their technique could be perfected with time. "As long as you can detect the space bar you're very, very close," said He Wang, one of the researchers in the group. "I think it's not an impossible task, but very doable."

TAGGED Smartwatches

How we test



By

Lory is a freelance technology writer, who specializes in apps and games. She now works as a contract editor for Apple.

Lory has written for iMore, Lilliput Computing and Applewatchdaily.com.


Related stories