Any chance of an Accelerometer Switch?


#1

There are some ways of “fingerprinting” accelerometer data via a nefarious app (which seems rather innocuous at first pass analysis) & sending the fingerprint on connection event / intervals where a connection is available. So i’m curious if we will get the ability to turn of the accl chip with the 3 radio off-switch feature? It wouldn’t impact the phone core functionality- except orientation reframe of course.


#2

I don’t know what you mean with fingerprinting in this context.
The potential threat is to leak movement data and indirectly reveal touch keyboard input.
In the Librem 5 you can disable all sensors by disabling all 3 kill switches.


#3

According to the product information it only turns off radios: BT, WIFI, GPS- not accelerometer. Fingerprinting is not a subjective term in systems threats, so not sure why you don’t understand. Fingerprinting is any technique by which you sample a given object looking for unique or by composite- unique pattern(s) which can ID that object.


#4

On topic: https://puri.sm/posts/lockdown-mode-on-the-librem-5-beyond-hardware-kill-switches/

Fingerprinting (mostly inside the browser) usually means to collect information bits that are hopefully more static than the IP address, allowing to re-identify a device/user with high confidence, even if the IP address changed. An accelerometer does not really qualify for such static information bits.
:thinking: Caveat: If you live in a sky scraper, 20+ stories, it might actully produce a pattern that is very unique to exactly this skyscraper. Would be a very interesting experiment :slight_smile:

More info: https://en.wikipedia.org/wiki/Device_fingerprint
Try it out: https://panopticlick.eff.org/

So, fingerprinting and accelerometers are both privacy related, but there is little overlap, IMO.


#5

Fingerprinting (mostly inside the browser) usually means to collect information bits that are hopefully more static than the IP address, allowing to re-identify a device/user with high confidence, even if the IP address changed.

I agree that is accurate.

An accelerometer does not really qualify for such static information bits.

I’m not so sure about this statement. Accelerometers have become very accurate such that small defects in phones at manufacturing time or due to wear and tear can have measurable effects on the data. In addition, because smart phones are typically carried in a user’s pockets, analyzing how the phone moves through time can reveal a distinct fingerprint due to a given user’s gait.

News articles:


Scholarly papers:



#6

At this state of arts I think it’s time to introduce something like low-band and high-band filters to accelerometers, so that they won’t be able to detect anything higher frequency than doubletap and anything lower than turn around. And IIRC this is a kind of thing invensense doing with their DMP - they don’t give raw motion data rather aggregated decision on what is happening.


#7

As a first measure, just don’t give websites access to the sensor. And/Or allow white listing of apps.