The Investor Sentiment - Equity and investments forum for Sri Lankans

Join the forum, it's quick and easy

The Investor Sentiment - Equity and investments forum for Sri Lankans
The Investor Sentiment - Equity and investments forum for Sri Lankans
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Please send an email to contact.lankaninvestor@gmail.com if you face any technical difficulties when posting
Search
Display results as :
Advanced Search
Latest topics
When Will It Be Safe To Invest In The Stock Market Again?Wed Apr 19, 2023 6:41 amකිත්සිරි ද සිල්වා
Dividend AnnouncementsWed Apr 12, 2023 5:41 pmකිත්සිරි ද සිල්වා
MAINTENANCE NOTICE / නඩත්තු දැනුම්දීමThu Apr 06, 2023 3:18 pmකිත්සිරි ද සිල්වා
SEYB.N0000 (Seylan Bank PLC)Thu Mar 30, 2023 9:25 amyellow knife
The Korean Way !Wed Mar 29, 2023 7:09 amකිත්සිරි ද සිල්වා
In the Meantime Within Our Shores! Mon Mar 27, 2023 5:51 pmකිත්සිරි ද සිල්වා
What is Known as Dementia?Fri Mar 24, 2023 10:09 amකිත්සිරි ද සිල්වා
SRI LANKA TELECOM PLC (SLTL.N0000)Mon Mar 20, 2023 5:18 pmකිත්සිරි ද සිල්වා
THE LANKA HOSPITALS CORPORATION PLC (LHCL.N0000)Mon Mar 20, 2023 5:10 pmකිත්සිරි ද සිල්වා
Equinox ( වසන්ත විෂුවය ) !Mon Mar 20, 2023 4:28 pmකිත්සිරි ද සිල්වා
COMB.N0000 (Commercial Bank of Ceylon PLC)Sun Mar 19, 2023 4:11 pmකිත්සිරි ද සිල්වා
REXP.N0000 (Richard Pieris Exports PLC)Sun Mar 19, 2023 4:02 pmකිත්සිරි ද සිල්වා
RICH.N0000 (Richard Pieris and Company PLC)Sun Mar 19, 2023 3:53 pmකිත්සිරි ද සිල්වා
Do You Have Computer Vision Syndrome?Sat Mar 18, 2023 7:36 amකිත්සිරි ද සිල්වා
LAXAPANA BATTERIES PLC (LITE.N0000)Thu Mar 16, 2023 11:23 amකිත්සිරි ද සිල්වා
What a Bank Run ?Wed Mar 15, 2023 5:33 pmකිත්සිරි ද සිල්වා
104 Technical trading experiments by HUNTERWed Mar 15, 2023 4:27 pmkatesmith1304
GLAS.N0000 (Piramal Glass Ceylon PLC)Wed Mar 15, 2023 7:45 amකිත්සිරි ද සිල්වා
Cboe Volatility Index Tue Mar 14, 2023 5:32 pmකිත්සිරි ද සිල්වා
AHPL.N0000Sun Mar 12, 2023 4:46 pmකිත්සිරි ද සිල්වා
TJL.N0000 (Tee Jey Lanka PLC.)Sun Mar 12, 2023 4:43 pmකිත්සිරි ද සිල්වා
CTBL.N0000 ( CEYLON TEA BROKERS PLC)Sun Mar 12, 2023 4:41 pmකිත්සිරි ද සිල්වා
COMMERCIAL DEVELOPMENT COMPANY PLC (COMD. N.0000))Fri Mar 10, 2023 4:43 pmyellow knife
Bitcoin and Cryptocurrency Fri Mar 10, 2023 1:47 pmකිත්සිරි ද සිල්වා
CSD.N0000 (Seylan Developments PLC)Fri Mar 10, 2023 10:38 amyellow knife
PLC.N0000 (People's Leasing and Finance PLC) Thu Mar 09, 2023 8:02 amකිත්සිරි ද සිල්වා
Bakery Products ?Wed Mar 08, 2023 5:30 pmකිත්සිරි ද සිල්වා
NTB.N0000 (Nations Trust Bank PLC)Sun Mar 05, 2023 7:24 amකිත්සිරි ද සිල්වා
Going South Sat Mar 04, 2023 10:47 amකිත්සිරි ද සිල්වා
When Seagulls Follow the TrawlerThu Mar 02, 2023 10:22 amකිත්සිරි ද සිල්වා
Re-activatingSat Feb 25, 2023 5:12 pmකිත්සිරි ද සිල්වා
SAMP.N0000 (Sampath Bank PLC)Wed Nov 30, 2022 8:24 amකිත්සිරි ද සිල්වා
APLA.N0000 (ACL Plastics PLC)Fri Nov 18, 2022 7:49 amකිත්සිරි ද සිල්වා
AVOID FALLING INTO ALLURING WEEKEND FAMILY PACKAGES.Wed Nov 16, 2022 9:28 pmකිත්සිරි ද සිල්වා
Banks, Finance & Insurance Sector ChartTue Nov 15, 2022 5:26 pmකිත්සිරි ද සිල්වා
VPEL.N0000 (Vallibel Power Erathna PLC)Sun Nov 13, 2022 12:15 pmකිත්සිරි ද සිල්වා
DEADLY COCKTAIL OF ISLAND MENTALITY AND PARANOID PERSONALITY DISORDER MIX.Mon Nov 07, 2022 6:36 pmකිත්සිරි ද සිල්වා
WATA - WatawalaSat Nov 05, 2022 8:44 amකිත්සිරි ද සිල්වා
KFP.N0000(Keels Food Products PLC)Sat Nov 05, 2022 8:42 amකිත්සිරි ද සිල්වා
Capital Trust Broker in difficulty?Fri Oct 21, 2022 5:25 pmකිත්සිරි ද සිල්වා
IS PIRATING INTELLECTUAL PROPERTY A BOON OR BANE?Thu Oct 20, 2022 10:13 amකිත්සිරි ද සිල්වා
What Industry Would You Choose to Focus?Tue Oct 11, 2022 6:39 pmකිත්සිරි ද සිල්වා
Should I Stick Around, or Should I Follow Others' Lead?Tue Oct 11, 2022 9:07 amකිත්සිරි ද සිල්වා
DV-2024 Program: Online RegistrationThu Oct 06, 2022 11:26 amකිත්සිරි ද සිල්වා
Tile - SnapshotWed Sep 28, 2022 12:45 pmකිත්සිරි ද සිල්වා
Disclaimer


Information posted in this forum are entirely of the respective members' personal views. The views posted on this open online forum of contributors do not constitute a recommendation buy or sell. The site nor the connected parties will be responsible for the posts posted on the forum and will take best possible action to remove any unlawful or inappropriate posts.
All rights to articles of value authored by members posted on the forum belong to the respective authors. Re-using without the consent of the authors is prohibited. Due credit with links to original source should be given when quoting content from the forum.
This is an educational portal and not one that gives recommendations. Please obtain investment advises from a Registered Investment Advisor through a stock broker

Go down
කිත්සිරි ද සිල්වා
කිත්සිරි ද සිල්වා
Top contributor
Top contributor
Posts : 9679
Join date : 2014-02-23
Age : 65
Location : රජ්ගම

Spatio-temporal dynamics - Sounds Greek to me. Empty Spatio-temporal dynamics - Sounds Greek to me.

Tue Apr 21, 2015 7:11 pm
Message reputation : 100% (1 vote)
At a restaurant, you pull out your phone to check email. Without even thinking about it, you tap in a PIN to unlock your phone. Your back’s to the wall and nobody can see what you’re typing, so there’s no reason to worry that somebody could intercept your passcode.

Except, sadly, there is. Researchers at Syracuse University have demonstrated that hackers can guess PINs by analyzing video of people tapping on their smartphone screens -- even when the screen itself isn’t visible. Software used to analyze such video relies on “spatio-temporal dynamics” to gauge the distance from the fingers to the phone’s screen, and then approximate which characters the fingers tap on a keypad. “It’s like lip reading,” says Vir Phoha, an engineering and computer science professor at Syracuse and co-author of a paper on the technology. “Based on hand movement and the known geometry of the phone, we can see which keys are pressed.”

There don’t appear to be any known instances of hackers stealing PINs this way, but technologists think it’s only a matter of time. “We believe that it is very likely to be adopted by adversaries who seek to stealthily steal sensitive private information,” Phoha and three others Syracuse researcherswrote in their paper, published last year by the Association for Computing Machinery. The technology is fairly simple for anybody familiar with programming, and the exploding use of smartphones provides many millions of targets.

On top of that, the increased use of phones for banking and managing other financial accounts makes PINs a lucrative prize for hackers. And the same video-analysis technology can be used to infer PINs punched into ATMs, smart locks on the front doors of homes, garage door openers and other gizmos requiring similar codes.

Publicizing such black-hat technology through articles such as this one can obviously tip fraudsters to possible new methods of ripping people off. Security experts and some of their criminal foes already know about it, however, since such research has been published in technical journals. So Yahoo Finance decided it’s appropriate to alert consumers to this new form of hacking. National security and law enforcement agencies could also use it to keep track of bad guys; DARPA, the Pentagon’s technology skunk works, for instance, partly funded the Syracuse research.

The Syracuse experiments involved 50 volunteers typing PINs into HTC One smartphones, in a variety of different settings and postures. For each volunteer, researchers shot four different videos. The recordings were made using two off-the-shelf devices: a Google Nexus 5 smartphone camera and a Sony camcorder. All the videos were shot from the side or back of the phone, from 12 to 15 feet away. None of the videos captured the phone screen or explicitly showed what users were typing.

Software filled in the gaps, however, with a combination of image analysis and motion tracking algorithms being remarkably effective at “guessing” the PINs users typed in. On the first guess, software determined the correct password between 40% and 62% of the time, depending on the quality of the video and the zoom ratio. The highest-quality video produced an 82% accuracy rate after 5 guesses and 94% accuracy after 10 guesses. Using more than one video for each phone raises the odds of success even further.

“We can do it in about 30 minutes once we capture the video,” says Phoha. “We have almost 100% accuracy.” This graph lays out the results of computer guesswork for video shot using the Nexus smartphone and the Sony camcorder at zoom levels of 2x, 4x and 6x:

Hackers could shoot the necessary video without phone users ever noticing, especially in busy settings such as a bar, restaurant, bus, train, airport or shopping mall. Thieves have long nabbed people’s credit card numbers or ATM PINs by “shoulder snooping” during a transaction, or even looking on from a distance with binoculars or a camera with a zoom lens. So in a way, hacking via video—which can be done surreptitiously on a smartphone while the perpetrator appears to be harmlessly tapping on the screen—is nothing more than a new variation on an old theme.

There are still several additional steps hackers would have to take to steal or vandalize with a captured PIN. For starters, they’d have to crack into separate bank or financial accounts. They might be able to do that by stealing the phone, logging in with the hacked PIN and opening apps that aren’t password protected because the user assumed the smartphone PIN was protection enough.

Hackers could also glean additional information about targeted individuals, like email addresses and account numbers, and use those to log into accounts. If acquaintances or work colleagues were the target, some of that information might already be available. Since hackers already have partial information on millions of consumers, a smartphone PIN could be a crucial missing piece -- especially if it doubles as a passcode for other accounts.

They'll eventually get lucky enough

The odds of any one person getting digitally robbed in this fashion are low, but hackers would probably get lucky often enough to make it worth the trouble, since a lot of people use the same PIN for multiple accounts and devices. On top of that, the same technology used to crack 4- to 7-digit smartphone PINs could be refined to decode longer passwords such as those often required for computer access.

There are limits to such image-analysis technology. It’s harder to detect PINs when people type them with two fingers rather than one, for example. The use of a full keyboard instead of a 10-character phone-style keypad makes it harder still, as does the use of capital letters and symbols that aren’t on a 10-character pad. And fingerprint validation in lieu of a PIN solves the whole problem, even though it’s available on only a small portion of smartphones at the moment, and not at all on ATMs and other gadgets requiring PINS.

As always, countermeasures will ensue if unseen PIN hacking were to grow into a major problem. Smartphone makers could create keypads that appear in different locations on the screen every time, foiling pattern-recognition algorithms that rely on consistent spatio-temporal dynamics. Keypads that jumble the 10 numerals in a different random order during each use might also do the trick, though they could also drive users crazy and encourage them to ditch the passcode because it’s too much trouble.

Meanwhile, protecting yourself against sneaky PIN hacking wouldn’t be difficult, once you know what to do. Keeping your phone completely out of sight when entering a PIN or other sensitive data is the most obvious step. Newer iPhone and Android devices allow you to choose a longer, more complex alphanumeric passcode over a simple 4-digit one (although typing it in can be a pain). And practicing good security—by using two-factor authentication, password-tracking apps and so on—helps improve security and speed the notification time if somebody has infiltrated your accounts. It’s probably safe to assume somebody is always watching. Sooner or later, they will be.

http://finance.yahoo.com/news/an-alarming-new-way-to-steal-your-passwords-135027327.html
avatar
serene
Top contributor
Top contributor
Posts : 4850
Join date : 2014-02-26

Spatio-temporal dynamics - Sounds Greek to me. Empty Re: Spatio-temporal dynamics - Sounds Greek to me.

Tue Apr 21, 2015 8:18 pm
Message reputation : 100% (1 vote)
Thanks kith.
Ane manda. .
Back to top
Permissions in this forum:
You cannot reply to topics in this forum