It’s hard to imagine something more futuristic than a helmet that lets you control machines with your mind. As if out of an X-Men comic, this technology became a reality about five years ago when not one but two devices, the NeuroSky MindWave and the Emotiv EPOC, that used brainwaves as an input hit the market. At first, the headsets were more or less novelties, a fun new way to play video games, but as the technology improved, all kinds of industries — from medicine to education, security to government — are looking for ways to take advantage of brain-controlled interfaces. We may never have to push a button again.
Turns out there’s a downside to hooking your brain up to a computer. If you’re not careful, hackers could manipulate the game you’re playing or program you’re using and literally read your mind. (Sidenote: I’m pretty sure this was actually the horrifying premise of one of the latest X-Men movies and at least two Arnold Schwarzenegger flicks from the ‘90s.) A new study by a team of researchers from the University of California at Berkeley, Oxford and the University of Geneva shows how these devices can give unwarranted access to your private thoughts. By taking some backdoor approaches to reading the electronic signals the brain machines pick up, the team gained access to subconscious thoughts, including the location of the subjects’ homes and their banking PIN numbers.
Hacking into someone’s brain isn’t exactly a straight-forward task. To find these private thoughts, the team of researchers had to do a fair amount of coaching and prepping in order to separate the signal from the noise. In other words, they had to get the subjects thinking about what they wanted them to think about. First, the subjects were shown a series of familiar images while hooked up to a brain reading device, so that the researchers could measure how their brainwave data, also known as electroencephalography or EEG data, reacted. Then, they were shown a series of random images, some familiar, some foreign. By matching the EEG data of reactions from the first set with reactions from the second set, the researchers were able to when the subject recognized an image of something, say the location of their house on a map. It’s very basic mind-reading but mind-reading nevertheless.
This doesn’t mean that thought thieves can come at your in the middle of the night, hook you up to a machine and download the contents of your brain. It is an indication that these brain-control devices pick up more information than what it needs to accomplish the task at hand. And, the researchers warned, the technology will improve over time and make it easier to identify and translate those signals. So you could look forward to hackers developing fake applications aimed at getting your brainwaves going.
“In this threat model, the attacker doesn’t need to compromise anything,” says Dawn Song, a Berkeley computer science professor who helped lead the study. “He simply embeds the attack in an app, such as a game using [brain-machine interface] that the user downloads and plays. In this case, the malicious game designs and knows the visual stimuli the user is looking at and also gets the brain signal reading at the same time.” It’s like phishing, only it happens inside of your skull.
I can picture it now. Angry Birds 4D, now with brain-machine technology. You think you’re just crushing some blocks and killing some of those green pig things. But really, there’s an incredibly sophisticated algorithm sifting through your brainwave data and stealing your credit card numbers.
Maybe not yet. But one day, thought thieves, you’ll steal our dreams.