Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Security Risk of Keyboard Clicks

Posted by simoniker on from the tap-tap-oops dept.

Gudlyf writes "First the blinking LED security issue, now this: listening to tell-tale keyboard clicks to decipher from afar what a person is typing. This isn't limited to just computer keyboards -- ATM's, telephone keypads, security doors, etc. Apparently with $200 worth of sound equipment and software, these keyboard clicks can be translated to within 80% accuracy. Of course, a whole lot of this is just theory."

31 of 361 comments (clear)

  1. Great... by ebob9 · · Score: 5, Funny

    Now when I log in to my account at work, instead of just needing password, secureid, smartcard, fingerscan, eyescan, and a note from my mother, I'll also need to use an on-screen touch-screen keyboard!

    Of course, someone will probably now figure out that tapped glass reverberates at a different frequency...

    1. Re:Great... by orangesquid · · Score: 4, Funny

      True. But you could also read the screen via Tempest-like technology!

      It seems that no matter what you do, we'll be screwed anyway. We might as well go to a trust-based system. How about everybody just changes all their passwords to 'secret'?

      --
      --TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
    2. Re:Great... by MadBiologist · · Score: 5, Funny
      Darn.... now I'm gonna have to change my password.

      First somebody gives away the 12345, now secret.

      Sheesh.. What's this world coming too?

      -J-

      --
      'Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?'
    3. Re:Great... by evil-osm · · Score: 4, Funny

      or you can just look for the smudge marks...

      --


      E.

      Never rub another man's rhubarb - The Joker
    4. Re:Great... by steveb964 · · Score: 2, Funny

      ...yeah, great!

      Now everyone will be able to know that I'm typing slashdot.org in my browser at work!!

      Sheesh, if this is true, I may actually have to do something!!

    5. Re:Great... by los+furtive · · Score: 2, Funny
      12345? That's the combination on my luggage!

      Ah Spaceballs, what would we do without you?

      --

      I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.

    6. Re:Great... by Opie812 · · Score: 1, Funny

      Nah. Think about it: pressing different spots of your screen is like pressing down a guitar string at different points. You will cause the screen to resonate with a multitude of frequencies with distinct audio "fingerprints" for different points on the screen, which can also be picked up by very sensitive equipment.

      Sorry.

      Personally, I'd just look at where the smudges are on the screen and go from there, but I'm not no uber-Linux guy or anything. :)

      --
      I'm not a nerd. Nerds are smart.
    7. Re:Great... by Don'tTreadOnMe · · Score: 2, Funny
      Exactly !

      "The first rule of ATM security is: there is no ATM security".

      "The second rule of ATM security is that we talk alot about ATM security."

      "The third rule of ATM security is that at some point someone will mis-quote a movie."

  2. "Of course, a whole lot of this is just theory." by REBloomfield · · Score: 4, Funny

    Sounds like bollocks to me. The amount of crumbs under my keys, I'd be mighty impressed if you got anything intelligble.

  3. Great by MrRuslan · · Score: 1, Funny

    Pretty soon they will find a way to desipher hidded messeges from human and animal farts.

  4. LED clock by donnyspi · · Score: 3, Funny

    I can't even tell what freakin time it is on my LED clock from ThinkGeek, much less deciper keyboard clicks and modem blinks :-)

  5. This is easy to overcome by JosKarith · · Score: 4, Funny

    Al you have to do is install voice-recognition software, then train it to only understand you when you speak in a broad Glaswegian accent.
    Thereby ensuring NOBODY's going to be able to decipher a word you're saying.

    --
    'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
  6. Re:low~ by Anonymous Coward · · Score: 1, Funny

    More hits == increased ePenis size!

  7. Huh by finkployd · · Score: 4, Funny

    Wait, there is a theory that with $200 of equipment, you can get 80% accuracy on this. Is there any reason why this is still just a theory? Can anyone scrap together the $200 to test this theory?

    If only science weren't so expensive. Imagine how many other theories we could test if we could somehow get our hands on $500!

    Finkployd

  8. will never break my password by GarbanzoBean · · Score: 4, Funny

    I don't type my passwords. I use voice recognition software and just say them. No clicks to overhear baby!!!

    Doh

  9. Future - Speech Recognition by jabex · · Score: 3, Funny

    Good thing the whole future of "speech recognition" didn't pan out. Oh those silly Star Trek episodes, everyone can hear when Picard announces his secret password to everyone!

    --
    Like Teddy with an elephant gun.
  10. In other news: by Big+Nothing · · Score: 4, Funny

    In other news: hackers can connect to the internet by whistling into the phone.

    --
    SIG: TAKE OFF EVERY 'CAPTAIN'!!
  11. Re:Security risks by the_mad_poster · · Score: 5, Funny

    Anywho, my girlfriend just yelled at me so I needed to vent.

    Huh? Quit making up words!

    --
    Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
  12. No worries. by Chess_the_cat · · Score: 2, Funny
    Today's keyboard, telephone keypads, ATM machines and even door locks have a rubber membrane underneath the keys.

    My Model M doesn't have a rubber membrane so I'm not worried. Then again you don't need a microphone to hear me typing on it. My neighbours can hear me typing. If someone were to stick a microphone up to it I'd be interested to know how much of their hearing they'd retain.

    --
    Support the First Amendment. Read at -1
  13. Re:Covering noise by madman101 · · Score: 2, Funny

    Nah, just a boom box with volume on 11 playing Spinal Tap.

  14. I should have saved my Atari 400 by zymurgy_cat · · Score: 2, Funny

    Now I know that I should have saved my Atari 400. With that flat quiet keyboard, no one would be able to snoop on my typing. Of course, I'd have carpal tunnel so bad I couldn't pick up a spoon...

    --
    -- Fugacity: Confusing chemists since 1908
  15. Re:Hmmm by alib001 · · Score: 3, Funny

    It's only a matter of time before they interpret the crinkling noises made by our protective hats and are able to read our very thoughts!

  16. Who needs a machine when we've got the Mounties!?! by Rahga · · Score: 2, Funny

    "Apparently with $200 worth of sound equipment and software, these keyboard clicks can be translated to within 80% accuracy. Of course, a whole lot of this is just theory."

    Anybody who saw the episode of the CBS evening buddy-cop-drama "Due South: A Hawk and a Handsaw" knows that you don't need any special equipment. Just get a Canadian Mountie, have him listen to a nurse while she types in her password, and after several tries, the Mountie will be able to reproduce the password based solely on the sound of the clicks... Results are even better if the password is typed in to the tune of "I've been working on the railroad.".

  17. In theory... by pbryan · · Score: 2, Funny

    Of course, a whole lot of this is just theory.

    Of course, in theory:

    - the earth is spherical in shape
    - the earth revolves around the sun
    - we evolved from lower species
    - energy equals mass times the speed of light squared

    --

    My car gets 40 rods to the hogshead, and that's the way I likes it!

  18. easy fix. by dj245 · · Score: 4, Funny

    what, you guys don't use a binary keyboard? 99 less keys to break.

    --
    Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
  19. that guy needs a better hobby by jimmajamma · · Score: 2, Funny

    i mean, if someone wants to spy on your keystrokes they could install one of those $20 keycatcher thingies, freeware keyboard capture software, network snifers, or just look over your shoulder.

    what kind of idiot would use a mic, and have to use neural nets to analyze the recording?

    i wonder how many hours that guy flushed doing this study.

    it would have been arguably more useful if he could determine what someone ate the night before by the sound of the splash.

  20. Re:"Of course, a whole lot of this is just theory. by AnonymousKev · · Score: 2, Funny
    From an old (and eccentric) college Physics prof:

    The difference between theory and practice is, in theory, there is no difference between theory and practice, but in practice, there is.

    --
    Anonymous Kev
    Proudly posting as AC since 1997
    (Finally got a dang account in 2004)
  21. Re:Covering noise by NanoGator · · Score: 2, Funny

    "Now we just need some covering noise while logging in. Time for a kernel patch? "

    Are you trying to tell me I won't be secure until I get sound working in KDE? Crap.

    --
    "Derp de derp."
  22. Oh, it hurts... by amstrad · · Score: 2, Funny

    smartcard with a PIN number

    somewhere a kitten just died.

  23. Re:my bank's ATM's and Internet smart keyboards by Kent+Recal · · Score: 2, Funny

    Yes, I've seen a simplified design.

    [ 3 or 7 or 9 or 6 or 0] [ 5 or 1 or 2 or 0 or 8 or 4 ] [ I'm feeling lucky! ]

  24. Whew thats a relief by Tandoori+Haggis · · Score: 2, Funny

    Its just as well I use my mouse to click on porn.....

    --
    My hyperlinks aren't worth the paper they're printed on.