Submission + - Android malware uses motion sensors to log keystrokes (itworld.com)
DillyTonto writes: A proof-of-concept app for Android, written as a casual game to keep users from deleting it, runs in the background and monitors everything a user does, even logging most keystrokes despite lacking permission to read keyboard input. Instead it uses the motion sensors almost any third-party app can access to figure out when a user is typing on a virtual keyboard and infer from angle, force and movement which keys they were. It's the second of its kind for Android, but the same approach would work on Blackberries or jailbroken iOS devices as well. For Android, though, this exploit demonstrates the number of potential security holes created by its already problematic permission-based security system.