1. Field of the Disclosure
This disclosure generally relates to a portable wireless device solution that utilizes machine and input/output (I/O) virtualization techniques to effect spying attacks against general-purpose operating systems that commonly control portable wireless systems.
2. General Background
As portable wireless devices—such as smartphones, tablets, automotive infotainment systems, and so-called “Internet of Things” sensor-based devices—gain in popularity and use, they are increasingly being targeted by cyber attackers, who use device wireless communications pathways to launch remote attacks against the device's operating system. Many such operating systems, for example, iOS, Linux, Windows, and Android, are extremely complicated and have a lengthy track record of containing numerous exploitable security vulnerabilities. One family of attack vectors attempts to surreptitiously activate the portable device's input peripherals—such as audio, wireless communications (Wi-Fi, Bluetooth, etc.), and cameras—to gather locally available/generated private information without proper authorization (i.e. spy).
Portable device operating systems employ a number of security controls aimed at preventing unauthorized manipulation of input peripherals; however, the vulnerabilities in the operating systems themselves may render such controls impotent, since an attacker can simply use one of these vulnerabilities to commandeer the operating system and disable or otherwise circumvent its security controls.