Discussion on:

Android proof of concept shows remote surveillance is possible

More scary news, another arrow to the heart of privacy.

As for "A real attacker would want to identify people with interesting environments worth snooping on, and only collect data from these interesting places to avoid being swamped in too much data." I suppose GPS would help, eg only enable sensing when within a specified radius.

Fascinating stuff.

That something can become that usable from random images is amazing.

Definitely the most fascinating aspect. I wonder if there is any input from motion sensors/gyros or GPS in the algorithms that generate the 3D view... That would make it all the more amazing by a factor of ten.

The paper goes into the details, but hang on. It's quite a ride, at least it was for me.

On the device side in paring down duplicitave / non useful images for the backend point cloud generation. Otherwise a user might notice they were infected by their bill for data transmission.

I didn't see any IMU type data in the paper and the tools they used for MISFM wouldn't be able to use it.

What is IMU (inertia?) and MISFM?

Inertial Measurement Unit and Multiple Image Structure from Motion.

What these folks are doing is using your mobile device as an Xbox type kinect sensor, just not in real time. You get the same 3d point cloud data that can be explored with an appropriate viewer. When you see something interesting you can click on the point cloud and the relevant set of images are displayed (ala check number example.) That's what they mean by virtual theft and exploration. Its really a virtual environment.

Finally the world is waking up.
I first demo;ed this type of attack on an IBM laptop in 1999, listening in on conversations in a global bank. Reception was crystal clear even beyond the dividers in the office. Usual precautions apply.

The ability to develop a 3D reconstruction is new, particularly when it does not require a monster super mainframe to create.

Per 1990s specifications when I was working in active vision. Just so happens we all have them on our desks or entertainment centers now!

I just setup several CAD stations that are for solid-modeling videos. The video card had four times the memory of my notebook.

Pixel pipeline unit hooked up to a dedicated Sun box. As I recall it had a whopping 512 linear processing units. I just noticed that you can get Nvidia cards with three times the pixel units and about 1000 times the memory for $299 on newegg.

so that really is pretty easy to deal with. And I bet if proof of concept has been done, the black hats will have app waiting or being prepared to load on to your phone. Better cover the lens over.and be careful what you say because audio can give away much.

Wouldn't a cheap fix for this type of attack from the camera standpoint anyway be adding a lens cover on the camera at least for the back camera the front would be a little different.

Place and opaque lens cover over your camera unitl needed....

But, you have to admit, it would be a pain and I know I'd lose it in a day.

Paper pointer! I guess I'm more optimistic that such pervasive sensor fusion might help mankind. Imagine if phones had temperature and pressure sensors and those could be fed into weather modeling systems. Or radiation sensors feeding into global mapping to determine environmental duress.

...can be flushed with a piece of electrical tape (or a built-in, mechanical lens cover). How productive.

What if the research team didn't put forth the effort -- only the bad guys would know.

What if the "research team" ARE the bad guys?

That's the weak link in any kind of security, it always reactive.

Bruce Wayne did this int he Second batman movie. Life imitating art??

...the crown jewels my cats leave in the litter box every day!

Sure, it is amazing stuff, and would make a great CSI-style effect in a movie or TV show, but who is going to do this to break into my house? For 98% of us, we should be more afraid of a crack-head breaking in than being the subject of this kind of spying. I got nothing worth this much cost or effort. Crimes of opportunity or crack-heads are a more realistic threat, and even then, mostly for the damage they would do looking for valuables that don't exist, (or tearing out the plumbing in the walls.)

(On a separate note, it takes a very special kind of person to do $30,000 worth of damage to a building to steal $50 worth of copper...)

(Edit: just noticed the Batman post above, That's why he's the friggin' Batman!)

But, what if you left a check out or some sensitive private information. What is the cost of that? And, the real intent of the article was to increase awareness. I am glad you read the piece and now know about it. It allows you to make an informed decision.

Both for writing the article and for replying.

Hello to all the ships at sea. Flash the government has figured out how to use WIFI as radar to see in see through buildings. So give it up they are going to get it anyway. For me I dont care it is after all my government and my country.

"it is after all my government and my country"

The same attitude has allowed every tyranny the world has ever known. You are the 80% who "have eyes but do not see, have ears but do not hear" Jesus spoke of.

"Government" is NOT "my country," the two do not equate, they are polar opposites. People are led by the nose from birth, through "public education" to equate "government" with "society." Governments traditionally seek to enslave, command and control societies to their own (government's) gains, and always most detrimental to the people, in the long run. Learn some history.

Led through my nose. I dont need to hear from some unintelligent ass . Trying to tell me a values are wrong. Do you have a home ,a job and freedoms that only you can get here in America. Then shut up. I have never broke the law,never done anything against my country and my government I have voted in to office. Drone I have served my country at time of war and peace. Served my community,and my church. . All I hear is some one crying that the government is bad it is out to take are freedoms away by spying on us. You know what kid you sound like all the others. Oh the government is out to get you crap. Dont like it change it. But dont sit in your mothers basement and think you know how the world thinks. I wont even tell you who I am ,were I am from,who I work for,or my credentials. I am one of the folks who do rebel against the machine. I have made changes In the way my government works and to be honest the only thing I like to change is the draft. So you folks who say my government is out to get you would be right . But then again you yes you would run to Canada. You want to reply go for it.

I've been writing here for a long time now and enjoy it when members start a conversation that differs from the topic of the article.

My apologies, but I sense this divergence is not one that will end well. My favor is to respectfully ask each of you to agree to disagree and leave it at that.

What are practical applications of such technology, apart of spying ?

The only references I have of practical does not refer to applications. Can you please help me, by point out where you taking the quote from.

"Stupid vision tricks". Or you need a hook to perk up interest in your paper for citation .

The real meat was in proving that you didn't need highly controlled rigs and calibration to snap images for the Surface from Motion software/algorithms they already had. That and that you could generate 3D point clouds from really lo-res image sets.

Practical applications would be in automation E.G. robot navigation and kinematics. The paper mentioned it was possible to do SFM on the phone, but it would have snapped up so many resources as to render the phone incapable of doing any other task.

ADDENDUM: The other practical application is using exisiting information which is overwhelming "lots 'O images" into an intuitive point-n-click interface. E.G. Big Data graphical frontend.