Article about paper: http://www.extremetech.com/extreme/...man-brain-successfully-extract-sensitive-data The paper: https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final56.pdf In this paper, we designed and carried out a number of experiments which show the feasibility of using a cheap consumer-level BCI gaming device to partially reveal private and secret information of the users. In these experiments, a user takes part in classification tasks made of different images (i.e., stimuli). By analyzing the captured EEG signal, we were able to detect which of the presented stimuli are related to the user’s private or secret information, like information related to credit cards, PIN numbers, the persons known to the user, or the user’s area of residence, etc. The experiments demonstrate that the information leakage from the user, measured by the information entropy is 10 %-20% of the overall information, which can increase up to 43 %. The simplicity of our experiments suggests the possibility of more sophisticated attacks. For example, an uninformed user could be easily engaged into “mindgames” that camouflage the interrogation of the user and make them more cooperative. Furthermore, with the ever increasing quality of devices, success rates of attacks will likely improve.