Ambient light sensors in smartphones can pose unexpected privacy risks.
In George Orwell’s novel “1984”, television screens are everywhere, symbolizing an invasion of privacy. In this fictional narrative, TVs are installed in people’s homes and public spaces, serving as both propaganda machines and unblinking sentinels of the state. Although there are no cameras, these TVs can still monitor individuals.
Now, a new study by researchers at MIT suggests this is not a far-fetched idea. Scientists have developed a method to hack ambient light sensors, tiny components designed to adjust your screen brightness, effectively creating a window into our private lives. This is the first time researchers have demonstrated that these sensors can essentially transform into a secondary camera.
Ambient light sensors are photovoltaic devices that convert detected light energy (photons) into electrical energy (electrons). They come in various types and are used in different applications.
A Hidden Camera in Disguise
At first glance, ambient light sensors appear harmless. They measure the light around you, automatically adjusting the clarity of your screen in sunlight or dimming it for an optimal viewing experience. However, researchers at the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT have discovered these sensors can capture images of what is happening in front of them without needing a camera. This represents a significant privacy risk that has gone unnoticed until now.
Unlike applications that require camera permissions, these sensors operate silently, collecting data without asking for consent.
Lead author Yang Liu, a PhD candidate at MIT’s Department of Electrical Engineering and Computer Science and a member of CSAIL, stated in a press release: “Many people believe these sensors must always be on.”
“But like TV screens, ambient light sensors can passively record what we are doing without our permission, while applications are required to request access to our cameras. Our experiments show that when combined with displays, these sensors can pose certain image privacy threats by providing that information to hackers monitoring your smart devices.”
On smartphones, the ambient light sensor is responsible for automatically controlling the screen brightness. When you receive a call and hold the phone to your ear, the smartphone screen turns off thanks to the ambient light sensor.
How Ambient Light Manipulation Works
This process is complex yet remarkably clever. Ambient light sensors detect subtle changes in light intensity due to movement and interaction with the screen. When you touch the device’s touchscreen to interact with a page or enter private data, the light is blocked by your hand and reflects onto your face.
Using a sophisticated algorithm, the researchers can map these variations into a two-dimensional space, essentially recreating a pixelated image of the activity in front of the screen. The resulting images are not as sharp as those captured by traditional cameras, but they still represent a privacy invasion that could be exploited in various illicit ways.
In their experiments, the MIT team used an Android tablet to conduct three tests, ranging from a mannequin interacting with the device to recording the nuances of human hand movements. These tests showed that gestures like swiping, scrolling, and tapping could be monitored, turning every touch into potential data points for hackers.
The researchers also proposed several measures to safeguard our privacy. They suggested tightening app permissions for ambient light sensors and reducing the accuracy and speed of these sensors, making it more difficult for unwanted observers to capture detailed information. Altering the light sensor could decrease performance, but consumers would feel more secure.
Additionally, repositioning the sensors on devices could prevent them from facing users directly. In the vast majority of devices like smartphones, laptops, and tablets, the ambient light sensors are placed right next to the camera.
While the idea of a computer screen monitoring our every action may sound like science fiction, the reality is that technology is evolving in ways that continuously challenge our perceptions of privacy. This serves as a reminder that even basic technological features in our devices can be manipulated for surveillance.
These findings were published in the journal Science Advances.
