Some smartwatch apps may be less interested in your jogging than you think.
Researchers at the University of Illinois at Urbana-Champaign have found that the accelerometer and gyroscope in your smartwatch can be used to track what you type on a keyboard, in addition to your heart rate and blood oxygen levels. Using a custom-built app, they were able to infer what a person wearing a smartwatch was typing, from a the list of the 5,000 most common English words.
Clues such as the positioning of the watch-wearing hand and the rhythm of the typing let the researchers narrow down the list of possible words by statistical inference. So they can make a good guess with information from just one hand, He Wang, one of the researchers and a Ph.D. candidate in electrical and computer engineering, told Popular Science.
“We are not guessing passwords or sentences yet,” he adds, but that doesn’t mean that they – and other people – aren’t working on it. After all, isolated words aren’t particularly helpful to hackers. “The very next step would be attacking the space bar, because if we can separate a sentence into words, we can understand the whole sentence,” Wang says. His group also has yet to get numbers into the mix of guessable characters.
So your personal emails are probably safe for now. But future smartwatch developers could perfect guessing algorithms, and disguise malicious apps as health tracking tools. Wang laments that “the user cannot do too much” to keep the illicit motion tracking at bay, and that it is up to companies like Google and Apple to develop better protections against the surveillance.
Short of simply not wearing a smartwatch, however, there is a way for wary computer users to protect themselves: type with your watch-free hand. “If you only use your right hand to type, there’s no chance that we’re gonna get anything if the watch is on the left hand,” Wang says.