Even Nolan didn’t think it could be possible when he made Inception, but it turns out that researchers at Usenix Security conference have been speaking of using a computer interface to hack the brain! Yes, it might actually be possible to enter the brain and retrieve information that you’d prefer to keep secret. Like retrieving a combination key to a safe that your dying father might have given you and you have it stored somewhere in the subconscious.

Reading the Mind

The idea is simply this: have your brain mapped by sensors (here, an EEG or Electroencephalograph is used), which pick up crucial brain activity and then sophisticated software can help understand what it is that the brain is trying to do! These are called ‘brain-computer interfaces’ (or BCI’s) for obvious reasons.

These can actually help you mentally control your computer using specific thought patterns.

The BCI from Emotiv technologies.

Controlling a video game using BCI

Machine over Mind

What is interesting is how a computer can browse through your mental database and steal away some pieces of sensitive information. Security researchers from the Universities of Oxford and Geneva and University of California, Berkeley have developed a program to be used by the software that has only one purpose – finding information like home address, debit card PIN and date of birth. They found 28 willing participants, who didn’t know about the hacking (of course, otherwise the whole exercise is futile, right?) and tested this program on them. The success rate varied from a mere 10% to a respectable 40% for different fields of sensitive data.

The four experiments

The technique is a lot like hacking passwords. The key response tracked by the program is known as a P300 response – the brainwave activity that the brain undergoes when it recognizes something familiar, like a known face, own neighbourhood, own debit card PIN and so on! The peaks in the P300 activity were noted and the analysis of this data can give a very good indication of what the right answers are!

The P300 activity. Notice the black peak indicating a high for the target stimulus

The EEG results for a target and a non-target stimulus

Future thoughts – You might know them already!

Yes, cool, innovative and scary! Imagine the chaos which will ensue if the bank manager is kidnapped and crucial information is extracted from his brain using these kinds of hacking techniques. How can a big bank cope with that threat in the not-so-far future? What about the fear of malware – say you use the BCIs to control devices, but some pop-ups show you some random numbers and your P300 activity indicates that this might actually be your PIN? How do you protect yourself against that? The only viable option seems to be to not think about it, but then that is, believe it or not, the hardest thing to do!

Maybe, militarizing your subconscious is the only way to go. Don’t be scared to dream a bit bigger – and a bit weirder.

All pictures taken from the paper below.

Paper: https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final56.pdf