Researchers at the University of Michigan and University of South Carolina recently discovered how to hack anything from a smartphone to a car by using sound waves to manipulate accelerometers, tiny chips that measure acceleration by sensing vibrations.
Accelerometers are common in a variety of consumer devices, and the way they respond to sound presents the possibility for hackers to remotely control such devices undetected. The chips are made up of axis-based motion sensing, which are used in cars to deploy airbags and in fitness monitors to measure distance traveled.
The team started the project on accelerometers by researching for vulnerabilities in hardware components to protect against hackers, hoping to find more answers about the effectiveness of current cybersecurity measures.
In one trial, using only sound waves emitted from a $5 speaker, the researchers tricked an unmoving Fitbit into adding thousands of fake steps. In another, they figured out how to control a smartphone’s accelerometer simply by playing a malicious music file on the phone’s own speaker. Once they had control over the phone, the researchers were able to pilot an app-controlled toy car by altering the readings from the accelerometer.
“It’s like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words,” said Kevin Fu, one of the project’s researchers. “You can think of it as a musical virus.”
The results are relatively minor, but they demonstrate the need for stronger security measures. The team’s research points out possible cybersecurity vulnerabilities with common, everyday household devices. The interferences could even extend to more drastic devices that also depend on accelerometers, like self-driving vehicles or machines that control the automation of insulin dosages.
So if one day a song you’ve never downloaded before starts playing, beware. It could be a hacker trying to orchestrate their way into your phone. •
By Maddie Ngo
Out of Site
As of April 2, more than 100 gay men have been detained and three men killed by police in Chechnya, a predominantly Muslim federal republic ruled by Russia.
The men were detained after the Moscow-based gay rights group GayRussia applied for permits in March to stage gay pride parades in Russia’s North Caucasus region, of which Chechnya is a part. GayRussia expected the applications to be denied and planned to present them to the European Court of Human Rights as evidence of human rights abuses.
The resulting anti-gay demonstrations galvanized the police, who began posing as men looking for dates on social media sites, according to reports from Novaya Gazeta, a privately owned Russian newspaper known for its investigative reporting.
To make matters worse, the Chechen government is denying reports by dismissing them as April Fools’ jokes or going so far as to deny that gay people exist in Chechnya at all.
“You cannot arrest or repress people who just don’t exist in the first place,” a spokesperson for Chechen president Ramzan Kadyrov told Interfax, a Russian news agency.
Though Islam is the predominant religion in Chechnya, homosexuality wasn’t made illegal until Russia conquered the territory in the 1800s. Today, the region is torn between three competing powers: the remnants of the Chechen Republic of Ichkeria, the unrecognized secessionist government that’s indifferent toward sexuality; the Caucacus Emirate, a jihadist organization that views homosexuality as immoral; and the current Russian-backed government, which wants to execute queer people.
While Russia is not behind the arrests, Russian President Vladimir Putin has passed legislation banning “gay propaganda,” which has been used to persecute LGBTQ people.
The Russian LGBT Network is currently evacuating people from the region and organizing an appeal to the Investigative Committee of the Russian Federation to demand that information about the crimes be published in mass media. •
By Molly Minta