Washington D.C.: You may want to think twice before buying a smartwatch as a new study suggests that these gadgets can leak your data to hackers.
Using a homegrown app on a Samsung Gear Live smart watch, the University of Illinois researchers were able to guess what a user was typing through data "leaks" produced by the motion sensors on smart watches.
The project, called Motion Leaks through Smartwatch Sensors, or MoLe, has privacy implications, as an app that is camouflaged as a pedometer, for example, could gather data from emails, search queries and other confidential documents.
Researcher Romit Roy Choudhury said that sensor data from wearable devices will clearly be a double-edged sword, adding that while the device's contact to the human body will offer invaluable insights into human health and context, it will also make way for deeper violation into human privacy.
Choudhury added that the core challenge is in characterizing what can or cannot be inferred from sensor data and the MoLe project is one example along this direction.
The app uses an accelerometer and gyroscope to track the micro-motion of keystrokes as a wearer types on a keyboard. After collecting the sensor data, researchers ran it through a "Keystroke Detection" module, which analyzed the timing of each keystroke and the net 2D displacement of the watch. For example, the left wrist moves farther to type a "T" than an "F."
While Illinois researchers developed MoLe, it is conceivable that hackers could build a similar app and deploy it to iTunes and other libraries.
A possible solution to these motion leaks would be to lower the sample rate of the sensors in the watch, researcher He Wang said.
The work is being presented this week at the MobiCom 2015 conference in Paris.