You know that case-sensitive password you have? The "unguessable" alphanumeric cipher you think is safeguarding your private accounts? Well, the jig is up.
That's because a team of researchers from the University of Oxford in Geneva and the University of California in Berkeley just showed how easy it is to hack a human brain and pluck things such as bank details from your head. Not only that, they did so using an off-the-shelf Emotiv brain-computer interface that only cost a few hundred dollars.
Volunteers for the security experiment were asked to wear an Emotiv BCI head piece and sat in front of a computer screen that showed images of maps, banks and card PINS.
Researchers then tracked the P300 brain signal, which is given off when the brain registers meaningful stimuli. The team found they could consistently reduce the random data in each variable by 15 to 40 percent, a marked advantage over random guessing.
Subjects were essentially leaking valuable information through the BCI units, making it easier to calculate their address or bank account numbers.
"The simplicity of our experiments suggests the possibility of more
sophisticated attacks," the team explained in their paper on the
experiment. "For example, an uninformed user could be easily engaged
into 'mindgames' that camouflage the interrogation of the user and make
them more cooperative. Furthermore, with the ever increasing quality of
devices, success rates of attacks will likely improve."