In a recent article published on the MIT Technology Review website, Tom Simonite, MIT Technology Review’s San Francisco bureau chief, explains how malicious software could use brain interfaces to help steal passwords and other private data:
Nitesh Saxena, an associate professor at the University of Alabama at Birmingham, has shown that it can also help software guess PINs and passwords by monitoring a person’s brain waves. The study joins a small but growing body of evidence on brain-interface security that researchers say shows even the limited headsets available today need better security.
Tom Simonite writes the new study tested the idea that a person who paused a gaming session and logged into a bank account while still wearing an EEG headset could be at risk from malicious software snooping on personal credentials via brain waves.
Researchers at the University of Washington have demonstrated another way to extract private information using an EEG headset. They created games that subliminally flashed up images such as bank logos and noted when a person’s brain waves registered recognition. That could provide data valuable for phishing campaigns or ads, or even elicit information about a person’s sexual orientation, says Tamara Bonaci, a researcher who was involved in the work.
Bonaci adds: ‘Companies working on EEG headsets should engage with these issues now, because the stakes are rising as advances in machine learning are helping researchers extract more and more from EEG data.“
Our brainwaves can betray us and there is nothing we can do…