Researchers from Stanford University, working in tandem with a team from defense firm Rafael, have discovered a way to use the gyroscope found in most modern smartphones as a basic microphone, potentially opening the door to malicious eavesdropping.
The gyroscope in a smartphone uses a vibrating pressure plate to measure the orientation of the device through the principles of the Coriolis effect. As it turns out, this plate can also sense tiny air vibrations caused by sound waves, and through some clever programming, an audio file can be extracted.
There are restrictions to the capabilities of using a gyroscope as a microphone, though. For one, the polling rate of the sensor is limited to 200 Hz (in Android at least), meaning only sound waves up to this frequency can be detected. The human voice does fall into the 200 Hz range, but it's tricky to extract words from sounds the gyro can capture.
Through special voice recognition software, the team were able to register a few words here and there, as well as the speaker's gender; not quite as good as what an actual microphone can capture. However, the project is only intended to be a proof-of-concept rather than a perfect implementation, with the team noting that they're not speech recognition experts.
The main security issue that arises with using a gyroscope as a microphone is that it could be used to eavesdrop on someone without their knowledge. Smartphone apps that require the use of the microphone will display a permission request during the install phase, however there is no such permission for use of a basic sensor like the gyroscope.
Some platforms, such as iOS, restrict the gyroscope poll rate to 100 Hz, making it useless for audio capture. The researchers claim there is no reason why a game should require a gyroscope access rate as high as 200 Hz like you get with Android, and recommend Google either lower the poll rate, or get apps to ask for permission to use high-rate sensing.