Researchers keeping themselves busy finding theoretical ways in which your security could be compromised have found a new method, one involving using a phone's accelerometer data to track movement.
They say we should be worried about this because, on Android, it's not necessary for an app to ask for permission to access the system's accelerometer data, meaning any app installed on your phone could be a legitimate front for a shady data-harvesting tool.
All they need to do is be a bit clever in overlaying accelerometer data with real world layouts, matching the ups and downs of your day with the ups and downs of wherever you live, to see that you spent an entire afternoon trudging between local pound shops in pursuit of the largest quantity of broken biscuits currently on the market.
The team from Nanjing University said: "We believe this finding is especially threatening for three reasons. First... it is extremely easy for attackers to create stealthy malware to eavesdrop on the accelerometer. Second, metro is the preferred transportation means for most people in major cities [which] means a malware based on this finding can affect a huge population."
Their third point is that, once a pattern of movement has been established, any potential troublemaker could attack someone in the darkest corner of their route. Theoretically. [We Can Track You If You Take the Metro [PDF] via The Register]