Brain-Hacking thru mindreading Game-Controllers

„Die Gedanken sind frei, wer kann sie erraten?“

Wissenschaftler haben eine Reihe von Experimenten durchgeführt, mit denen sie nachgewiesen haben, dass man bereits heute die Gehirne von Leuten mit einem EEG-Gamecontroller hacken und damit Infos wie Bankdaten oder Adressen auslesen kann. Dazu haben sie den recht einfachen Trigger P300 genutzt, einem Gehirnsignal, das ausgelöst wird, wenn Leute Dinge als relevant einstufen… wie eine bekannte Adresse oder eine bekannte PIN-Nummer. Dann haben sie den Leuten eine Reihe von Optionen gezeigt und die P300-Signale aufgezeichnet. Bruteforce Brainhacking, quasi, gibt dem Wort „Mindhack“ eine ganz neue Bedeutung. So it starts…

The researchers ran various experiments based on the same idea: they’d ask a question to make sure the key information was at the forefront of the study participant’s mind, and then they’d fire a bunch of information at the volunteer to pick out which was most associated with the P300. For example, in one experiment participants were told they would have to type in the first digit of their newly acquired PIN number into the computer, but before this happened, the volunteers were shown a series of single digits, while the software recorded which numerals were most associated with the P300.

In another, the P300 was recorded while participants were shown pictures of branded credit cards and bank machines. Another experiment asked participants to think of their month of birth before showing them all the options, while another flashed up maps of the local area to determine their approximate home address. You can see how the researchers were angling to get the equivalent of essential account details out of the volunteers.

Although the set-up was a little artificial, the researchers note that this sort of unconscious personal detail dredging could be incorporated into a game-like activity, so people would be unaware of what was really happening. The test was a success scientifically, in that the key information was identified more often than chance, but fraudsters are unlikely to be eschewing email hacking for NeuroSky pwning anytime soon. The hit rate was about 10-20%.

Nevertheless, as a demonstration of a ‘hacking brain wave data from a commercial gaming equipment to get personal information’ you have to take your hat off to the research team.

Hacking the brain for fun and profit