'A new device fingerprinting technique can track Android and iOS
devices across the Internet by using factory-set sensor calibration
details that any app or website can obtain without special
permissions. From a report:
This new technique -- called a calibration fingerprinting attack, or
SensorID -- works by using calibration details from gyroscope and
magnetometer sensors on iOS; and calibration details from
accelerometer, gyroscope, and magnetometer sensors on Android devices.
According to a team of academics from the University of Cambridge in
the UK, SensorID impacts iOS devices more than Android smartphones.
The reason is that Apple likes to calibrate iPhone and iPad sensors on
its factory line, a process that only a few Android vendors are using
to improve the accuracy of their smartphones' sensors. "Our approach
works by carefully analysing the data from sensors which are
accessible without any special permissions to both websites and apps,"
the research team said in a research paper published yesterday. "Our
analysis infers the per-device factory calibration data which
manufacturers embed into the firmware of the smartphone to compensate
for systematic manufacturing errors [in their devices' sensors],"
researchers said. This calibration data can then be used as a
fingerprint, producing a unique identifier that advertising or
analytics firms can use to track a user as they navigate across the
-- source: https://it.slashdot.org/story/19/05/22/1852204
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174