You know the stereotype: the tinfoil-hat-wearing conspiracy theorist raving about the government scanning your brain. While that remains a far cry off from the truth, researchers at UAB have shown that your local conspiracy buff might have a point (soon)!
What’s up, doc?
Medical technology has come a long way since electroencephalograph (EEG) machines needed a room of their own and a supply of conductive gel paste to work. Portable, personal EEG monitors have made headway into the world of gamers and meditation buffs. Whether it be MUSE, EMOTIV, or even a home-brew machine, EEG offers the potential to read and interpret the entirety of your brain signals via computer. I think you might be able to see where this is going.
“Hackers can read your mind” might not sound very zen. Fortunately, there is a brighter future thanks to UAB. Nitesh Saxena, Ph.D., Ajaya Neupane, and Lutfor Rahman have found a method to capture brain signals. Because researchers found this first, there remains a chance for pre-emptive security! I far prefer this to having companies play catch-up.
How it all works
The attack relies on access to the device recording and interpreting the victim’s brain-signals. This includes phones or computers – meditation apps regularly come bundled with the EEG devices. This makes the security of the phone or computer more important than the actual password you use! After a “control” test of as little as 120 characters, the network can guess what buttons you press on an ATM with almost 50% accuracy.
There are no recorded incidents of this attack’s use (yet), but that’s no reason not to read up on computer security! I also wrote a crash course on keeping control of your data and your devices, and it remains relevant today. But I’d add one more thing: if you’re a meditation buff who owns a personal EEG trainer, take it off before you type in any passwords!