SCIENTISTS CAN HACK OUR BRAIN AND EXTRACT OUR PERSONAL INFORMATION??

Scientists can hack our minds  with cheap EEG gear 

Inexpensive brain-computer interfaces could be used maliciously to obtain private information such as PINs stored in one's memory, according to researchers. 

• Are you ready for brain spyware?
• Are the deepest secrets of your mind safe? 
• Could thieves trick you into revealing your bank card PIN or computer passwords just by thinking about them?

-->Theoretically, it could happen.

Ivan Martinovic of the University of Oxford and colleagues at the University of Geneva and University of California at Berkeley describe research into that question in a paper entitled "On the Feasibility of Side-Channel Attacks With Brain-Computer Interfaces" presented earlier this month at the 21st USENIX Security Symposium.

The research was inspired by the growing number of games and other mind apps available for low-cost consumer EEG devices such as Emotiv's EPOC headset, which lets users interact with computers using their thoughts alone.

Malicious developers could create a "brain spyware" app designed to trick users into thinking about sensitive information, which it would then steal.

The research focused on the P300 brain signal, often emitted when something meaningful is recognized. It has been considered in the design of recent lie detectors. 

Twenty eight subjects using Emotiv headsets were shown images such as numbers, bank cards, ATMs, and people's faces while being asked specific questions that target specific information.

Their brain waves, specifically the P300, were treated with signal processing software.

The scientists then sat their subjects in front of a computer screen and showed them images of banks, people, and PIN numbers.

They then tracked the readings coming off of the brain, specifically a signal known as P300.

The P300 signal is used by the brain when a person recognizes something meaningful, such as someone or something they interact with on a regular basis.

 

It is released by the brain around 300 milliseconds after recognition occurs, hence its name.
The team used a picture of President Barack Obama to test the readings, and saw a spike of recognition from participants.
They were also shown their home, which caused a similar reaction.
'These devices have access to your raw EEG [electroencephalography, or electrical brain signal] data, and that contains certain neurological phenomena triggered by subconscious activities,” says Ivan Martinovic, a member of the faculty in the department of computer science at Oxford.
'So the central question we were asking with this is work was, is this is a privacy threat?'
The team found they could find a person's home 60% of the time with a one in ten chance, and had a 40% chance of recognising the first number of a PIN number.Researchers could guess the correct answer for participants ,the regional location of their home 30%, birth month 60%.

The private info extracted from the tests was 15-40 percent less random, or uncertain, compared to guessing alone.

"The captured EEG signal could reveal the user's private information about, e.g., bank cards, PIN numbers," the researchers conclude.

"This is still very noisy data signal, (and the) devices are not made for detecting these kinds of patterns," Martinovic told the conference, "but it was possible to see that in any of these experiments, we could actually perform better than a pure random guess."

He noted that the quality of the EEG devices and the signals they produce is bound to improve, and attackers could exploit that increased accuracy.

"There's a question about whether there is a potential for more sophisticated attacks -- can we embed these attacks in videos, online games?"

In the future when you're playing Professor X and controlling things your thoughts, have a care for who might be eavesdropping.