Yes, it means that even in your thoughts you can not trust. Find out how all this possibility could happen.

Celebratory waves can tell our passwords

Researchers at the University of Alabama (USA) suggest that headphones equipped with brainwave sensors, also known as EEG or electroencephalographic headphones, are already in the market, need to provide consumers with more safety. This is because, through this technology, a hacker can “guess” the passwords of a user observing their brainwaves. There are several of these devices for sale for a variety of purposes, but the most common ones are used by players controlling robots and other toys in the area of robotics. There are even headphones for gamers specially developed for certain games that use the EEG technology. But there is a home market too, where music and casual have an equipment that has an EEG “reader” already inserted in a headset.

How access to passwords achieved?

Researchers Nitesh Saxena and Ajaya Neupane have found that a person who uses an EEG earpiece dedicated to the game, when he/she pauses and goes to his online bank, even with his headphones on, the software can detect the passwords that he/she uses in accessing his/her Banking account or any banking services.

In the study, the scientists used an EEG handset currently available to consumers through online purchase and another clinical handset used in scientific research to demonstrate how easily a malicious program could “listen” to a user’s brainwaves.

Attempt to attack the mind

In practice what is captured are the muscular movements of the hand, the eyes, and the head. Twelve volunteers were placed in a scenario where they typed in a series of randomly generated PINs and passwords as if they were accessing an online account while using they were using EEG headphones so that the software would observe user activity typing data and Corresponding brain waves. “In a real-world attack, a hacker could facilitate the necessary training step to make the malware more accurate, prompting the user to enter a predefined set of numbers to restart the game after pausing it, similar to how CAPTCHA is used to verify human users in a log-in of certain sites” the researcher Nitesh Saxena explained. In this investigation, the team found that after a user entered 200 characters, the algorithms within the software program can make good assumptions just by looking at the recorded EEG data. The algorithm was able to shorten a hacker’s chances of guessing a four-digit numeric PIN from one in 10,000 to one in 20, and the chance to guess a six letter password from approximately one in 500,000 to approximately one in 500.

More safety required

The technology is becoming more and more advanced, as this type of resource is basically intended to connect the human to the so-called IoT and the EEG can be combined with a brain-computer interface to allow a person to control external devices. In this way, the technology that was essentially used for scientific and medical research in order to help certain patients to control prosthetic limbs thinking about movements is nowadays much more expanded. However, its commercialization has reached many levels, from the gaming area to the robotics and is already at levels of domestic consumption, as casual as possible, as a simple, conventional device to monitor our sleep. “Given the growing popularity of EEG headphones and the variety of scenarios by which they can be used, it is important to analyze the potential security and privacy risks associated with this emerging technology to increase users’ awareness of the risks and develop viable solutions to bad attacks -wanted”. Left the researcher Nitesh Saxena alerted.

What type of security solutions could be used?

It is incredible how a technology that is still coming to the market, which passes through brainwaves, but the main thing is that this machine has a crucial weakness, that has already need to have measures of protection at the level of attacks. However, these are the realities we face today and the fact that we can think and hardware and software have the ability to decipher these thoughts require us to have security. Thus, a potential solution proposed by researchers will be the insertion of noise whenever a user enters a password or PIN while using an EEG handset. Of course, all this until the black side of the force does not bypass this countermeasure. So, what do you think about this? Simply share your views and thoughts in the comment section below.