Slashdot Mirror
Keyboard Sound Aids Password Cracking
stinerman writes "Three students at UC-Berkley used a 10 minute recording of a keyboard to recover 96% of the characters typed during the session. The article details that their methods did not require a 'training text' in order to calibrate the conversion algorithm as has been used previously. The research paper [PDF] notes that '90% of 5-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80% of 10-character passwords can be generated in fewer than 75 attempts.'"
'90% of 5-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80% of 10-character passwords can be generated in fewer than 75 attempts.'
Looks like you're screwed because my luggage password is 5 digits long, but all digits are numbers in a sequential order starting with one. Ha ha!
-Valiss
Does this mean that instead of keystroke loggers, spyware is now going to monitor our microphone input? This almost sounds like something out of a bad 80's movie.
I'd have a hard time believing this method transcends all keyboard models, and all typists.
If you can get a mike that close to a keyboard to listen to the keystrokes, then you can probably place a micro camera and get the same results.
Ninjas don't carry tic tacs
Another old fashioned way to get passwords w audio: Just tap the "help desk" phone line.
... that my voice is my passport.
'90% of 5-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80% of 10-character passwords can be generated in fewer than 75 attempts.
All the systems where I work will lock you out after 5 bad attempts. What kind of password system lets you try 75 (or even 20) times?
It just goes to show that when you have physical access to a computer, the security's already broken...
Get a free iPod Nano 4GB!
Go figure, typing properly now means you get your password cracked.
Guess that's all the more reason to keep that Cheetos bag crinkling as you type. Gotta stop the commies!
Security experts recommend you don't speak the name of the key you're hunting for as you type your password with a single finger.
i like how they used basic methods of cryptanalysis in order to help find out what is what. an example is how they mentioned about the Digraphs such as TH from THE, which is a very common word. so its easy to pick out from the group because you can 'listen' for the space bar key and if only 3 keys are hit and they have been matching others, you can then find out what E is. :)
then lets say you find out whats THE is, then you find another word that is 5 letters that starts with 'THE', then you are going to find out what R is, then what I is (from there and their) and so on and so on. so good for them for just using basic methods
Now I'll need tinfoil wallpaper too, time to go to Cosco...
"In order to make an apple pie from scratch, you must first create the universe." -- Carl Sagan, Cosmos
H0miez hav mic's all 0ver i know. So I do wh4t is ne3ded to k3ep my info s4fe.
No, but they should.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
Honestly, I've always wondered about this. But then it occurs to be that you could type the ALT+Numeric equivalent of your password characters, just to throw off the bad guys. You know, ALT+100 = "d", etc. Or, just bang the drum slowly when entering the password - loud, thumpy keystrokes. Or put the keyboard in your lap momentarily to alter the acoustic signature.
Or, don't worry. I mean, realistically, what are the odds of this crack actually happening in the non-ultra-spooky world? And once you're in that playground, it's biometrics, smartcards, etc., anyway, right?
Don't disappoint your bird dog. Go to the range.
Why do we trust a computer science research paper coming from a Business College?
Just make a clicking noise with your tongue and the roof of your mouth as you type. It sounds almost identical, and you'll automatically sync the sound up with each keystroke.
Try it.
// no
Being an unsophisticated mouth-breather, I always mutter out loud anything I type.
Best Windows Freeware
Now I am going to have to look out for both seeing people and blind people looking/listening over my shoulder. Will my passwords ever be safe?
I'm glad my TouchSTream LP by the now defunct Fingerworks makes no noise at all while I type ;)
I haven't posted in so long, my sig is out of date.
Just keep the music pouring out of the speakers, and you're safe :-)
SIG: TAKE OFF EVERY 'CAPTAIN'!!
Wouldn't this only apply to people who type "properly"? Or did this apply to any and all forms of bastardized typing methods (for example, hunt'n-peck)?
> won't most systems lock a user out before 75 attempts?
Cool, new workplace prank, lock down all the office computers, with failed password attempts.
(a manual DNS attack, so guess not a new concpet, but probably still patentable, until I hit submit that is) doh
"What was his password?"
"I don't know, but it has a catchy beat!"
A feeling of having made the same mistake before: Deja Foobar
With these clicky buckling springs, they'll be able to sniff my password from miles away!
I notice that keys I use the most are the loudest and sound different, probably from wear. Stating that, how easy would this cracking method work on a brand new keyboard (or perhaps a laptop keyboard)?
$fortune
Tomorrow has been canceled due to lack of interest.
Also I notice this paper was funded in part by the USPS. What is the USPS doing with this type of research?
for membrane keyboards!
"Sounds let eavesdroppers determine what you're typing" plus "cellphone companies can remotely install software to activate the microphone when the user is not making a call" equals "a creepy feeling up and down my spine".
My phone is sitting right next to my keyboard now...so let me just say hi to my fans in domestic surveillance who might be listening to me typing this...
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Someone get this guy a Netfilx subscription.
-Valiss
1) Hide recording device in boss's office.
2) Crack boss's password using method mentioned
3) Log in as your boss and send a few nasty emails
4) Snicker as boss cleans our his/her desk
5) Apply for previous boss's position
6) ???
7) Profit
Be careful, chief. Lets type in the cone of silence.
-
Roses are #FF0000, Violets are #0000FF, find / -name '*base*' |xargs chown -R us && mv zig greatjustice
This reminds me of a sysop I once worked with. Every time he logged in you could clearly identify the rhythm of M-I-C-K-E-Y M-O-U-S-E. Sometimes he was even stupid enough to hum the tune as he typed it. And this idiot was one of the senior IT guys at a major oil company.
I was watching an episode of systm where they showed how to put together a mythtv box, and when they got to the part about typing the root password I noticed the keyboard became oddly silent. I figured it had something to do with this, but didn't know it could actually be done.
If they'd done a little more research, they might have come across the report of a certain national crypto agency, in the 1950's, having several blind personnel able to do the same thing with typewriters. it's a bit easier with typewriters as the fwap! of the type bars hitting the paper has more variation than your typical computer keyboard.
I prefer visual snooping. It's much more effective :)
Especially when looking for the Any Key.
It's also incredibly helpful when they mumble their password as they type it.
dupe
Trolls lurk everywhere. Mod them down.
Make sure nobody does the same thing to you.
I use the Dvorak layout myself. It would help prevent this in two ways.
1. The keystroke timing would be much different
2. Constantly making errors which require much backspace pressing
25 years ago (gah!) I really freaked out my boss because I made a big production of turning my back to him as he typed the root password. I turned back and told him what he just typed.
It wasn't anything fancy, just familiarity with the sound that keyboard made and the usual pauses as fingers move to various keys.
I also used to be able to tell you what number was dialed from the touchtones.
P.S. a college friend said that he would occasionally talk to others in morse code after a long duty shift when he was in the military. Forget the nonsense in the introductory material - anyone who really knows morse code and knows it fast hears it as words. It's not hard to take the final step and speak it like you hear it.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
1. Jack the target's phone.
2. Have it call your recording station.
3. Record keystrokes.
4. Recover passwords.
Or, an even easier way, give them candy:
http://news.bbc.co.uk/1/hi/technology/3639679.stm
Seriously, this "audial cracking" is a great idea (which I coincedentally thought of while watching "Sneakers".) Combine it with a laser microphone, and you can "sniff" passwords from far away, without requiring any additional equipment to be installed on the site being compromised.
This technique must be usable on most keyboards, because judging from this the FBI sometimes uses (or has used in the past) this technique. From the page:
Oh and by the way, that page was written in 1998, so these UC-Berkley students (and the /. editors) are about 7 years slow.
I remember an episode of "Due South." It was a silly show, but at least somewhat entertaining. Anyway, one of the guys made an interesting point.
They were in the room when a guy typed in his password, they could see the keyboard or anything. Anyway, the mounty said that each key sounds slightly different. Anyway, after playing with the keyboard a few minutes he was able to guess it within a few tries.
Granted, the show as as fictitious as they come: "Canadians have computers!?!?" But it made some sense and afterwords I started playing with my keyboard I too realized most of them sounded slightly different.
However, I don't have "the ear" for such things (ie, I can't tell what phone number was pressed by the tone." I wonder if someone with a good enough ear can use this too their advantage though. Perhaps someone blind who's trained his ears well enough.
Then again, it's probably just a load.
The USPS if facing a real problem with phones, teletypes, email and IM. Now that people are option for web payment methods, the volume of mail is dropping. Direct deposits and direct payment/debit cards are further cutting into their revenue stream.
They can't ass-u-me that they get at least five pieces of mail going in both directions.
If digital forms of communications can't be cracked except by 'social engineering', they are going to further disappear. (Of course I still get 'snail' mail spam.)
But how dependant are we now on the USPS for any communications? I'd bet very little.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
If you have the time to do it, why not just analyze the residual fingerprint oils left behind on the keys? The oldest oils would differ from the newer oils, and could essentially be used to backtrack any password.
Just because you can mod me down, doesn't mean you're right. Shoes for industry!
Why would you bother with keyboard acoustic attacks, when you could use a TEMPEST attack?
They didn't have to go to all that trouble; my password's taped to my display.
"Gosh!"
-- often wrong; never in doubt
This might be slightly off-topic, but our IT department recently got new Dell PCs and these keys are so loud and clicky. And not the good clicky, a bad, cheap sounding clicky that agrevates me.
what? what I thought we were in the trust tree in the nest, were we not?
For once, not having a password is a good idea.
oops.. was that out loud?
My understanding from reading the paper is that this approach is only effective for english-language words. Using complex passwords (special characters, numbers, etc.) seems like it would significantly reduce the effectiveness of this attack. A nice follow-up to this paper would be applying the research to analyze how this would impact password guessing in situations with complex passwords.
Sometimes, old tricks are the best tricks!
akad0nric0
This sentence no verb.
Meant to say "they couldn't see the keyboard or anything."
JeffK speak suins this assumption since we all know that "the" is properly spelled "teh" accodring to JeffK. I challenge these guys to be able to decode what someone is typing when they are being "leet" like JeffK.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
If you use Windows you can also use osk.exe (On Screen Keyboard) to enter your password, this will allow you to bypass the keyboard completely. This also assumes that you have taken precautions against TEMPEST and CRT diffuse visible light monitoring.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
like my voice-recording MP3 player/recorder with 256MB RAM - although they sell them in the GB range now ...
So when some music-listening person "forgets" their MP3 player next to your desk, you've been social-engineered.
Friends don't let friends become compromised.
-
-- Tigger warning: This post may contain tiggers! --
That doesn't mean much, I have hummed that tune no matter what password I'm typing in. Sometimes, I'll do that even when I post. That doesn't that we aren't stupid, it just means that his password wasn't necessarily mickeymouse just because he timed his keypresses that way, and my password is not trogdor.
The implication here is NOT passwords. It's key logging with out running a key logger. Theoretically I could "accidentally" leave my PDA on my boss's desc after a meeting and have it record a gig or two of his typing. come back a while later, grab the PDA, download the audio, run it through a machine learner, and viola! All of his correspondence. Even better, I could just run it over the wireless network and get a constant stream of his typing.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
Many, many crypto papers are based on "side-channel"
attacks like this one. These attacks are common and hard to overcome by design.
I remember reading a comment at Bruce Schneier's blog that that when the AES competition was running, the NIST did not consider papers using side-channel attacks because the consensus was that no matter what algorithm would be chosen, it would be vulnerable to various side-channel attacks.
Browsing the FA, I don't see any new material other than instead of learning to identify the keys from recording them being pressed one-by-one, the attack automatically calculates the sound-to-key correspondance using sounds of typing text from a known low-entropy source (like English language, or C code).
1. Use uppercase characters in your passwords (Can the AI determine if a user is a moron and types all lowercase, like "i love jesus" versus "I love Darwin"?)
2. Use numbers and special characters in your passwords.
Of course, we all do this...right?
it is 'password' It works about 25% of the time.
He who knows best knows how little he knows. - Thomas Jefferson
"NO MORE KEYBOARDS!" -PHB
Get paid to code OSS
But then it occurs to be that you could type the ALT+Numeric equivalent of your password characters, just to throw off the bad guys. You know, ALT+100 = "d", etc. Or, just bang the drum slowly when entering the password - loud, thumpy keystrokes. Or put the keyboard in your lap momentarily to alter the acoustic signature.
Or, just type in a random character or two and delete it right afterward. Or--this is a good way to confuse keystroke loggers too--type in part of your login, then part of your password, then delete a character or two of either field, and repeat until you're done.
Of course, it's often easier just to wear a tinfoil hat.
He warned us about these damn crackers always messing us.
There's nothing Intelligent about Intelligent Design.
Well actually, that WAS his password. Mind you, having called that guy an idiot, I have to confess that the reason I posted as Anonymous Coward was not to try to protect the identity of the aforementioned sysop. I had actually forgotten my /. password. I couldn''t even remember the tune.
Modest doubt is called the beacon of the wise. - William Shakespeare
would probably jump the percentage much higher since then you could accoustically triangulate where the sound came from. Just a thought....
Cliff Claven
K.E.G. Party Chairman
Founding Leader of: Koncerned for Egalitarin Governance
I imagine this type of thing could pick out Backspace quite well... but what of the readline keys? Could it figure out if you typed the middle of your password, ^a, the beginning, ^e, the end?
Unfortunately not all password fields accept these characters. Password fields in Firefox/Linux with gtk keybindings set to "emacs" allows this... however, if I open up a terminal and try to "su" to another user, that prompt doesn't work (although it does recognize backspace, as we all know).
Pound every key in your password at the same tempo with your thumb, randomly adding junk characters followed by appropriate backspaces. Also, throw some ASCII 3 digit equivalents in there for even more secure password fun. Cackle at the screen in sheer glee and scoff at anyone who dares question your sanity.
They use statistical analysis based on English words to match sounds to letters. Once they've done that, there are still keys that are indistinguishable by audio. So the awesome part is that they don't need a training text, but it's way more useful for bugging communications than for stealing passwords.
The FBI almost never has to bother brute-forcing encryption. They just bug your keyboard. Now they don't necessarily need to put a device physically inside your keyboard.
There are no trails. There are no trees out here.
While it is an interesting topic, controlled conditions are required for this to work correctly.
They use a deterministic method to find the next probable character for a given sequence. Deterministic in that if I type 't' and then type 'h' and there are only so many combinations available after that (this is the Markov chain part). Er basically a sort of decision coverage. That is used with the spell check dictionaries they mention for English text recognition. It is interesting too that they are using a neural network (though appropriate) to recognize the patterns. But because they did not make their own, the details are a bit brief.
The problem I see is that the password detection is not flushed out enough and based upon what they state, it is not as powerful as it sounds. The deterministic method won't work for all passwords (as they typically are not English). Their "analysis" is basically a speed up on a dictionary hack (it helps to know the size of the password from the keystrokes), eliminating possibilities by way of possible patterns. But what about special characters, does a shift+key sound that different? Mixed cases, etc? And the deterministic approach does not work if the password is random AND the network has to be trained for THAT persons typing style and keyboard. Is that likely?
I would be more worried about Van Eck Phreaking.
No wonder they can't protect their databases http://www.computerworld.com/databasetopics/data/s tory/0,10801,96900,00.html they spend their time doing earthshattering research such as this.
People who bite the hand that feeds them usually lick the boot that kicks them
I assumed when I first heard about this that hi-fidelity microphones were employed, however, the researchers used cheap PC mics. In addition,
they speculate that eavesdropping over the phone is possible:
It would probably identify these keys easily enough, remember that it deduces the key pressed by the sound. It would be easy enough to write the algorithm to take into consideration any key pressed.
I.e.
typing password
a b c "hit backspace"
if the software knows the backspace key was pressed because the sound of it is in the suspected position of the backspace key then the algorithm would decide your left with:
a b
One way to defeat this is to tap the key without actually pressing it which mimics the sound but would be more difficult to deduce that you actually didn't complete the keystroke.
Secondly, if you don't know what keyboard the user is using, it would throw off the software. I.e. I use the natural keyboard, keys are spaced and oriented differently so their positions are not inline with most rectangular keyboards.
I haven't thought of anything clever to put here, but then again most of you haven't either.
ooo sound and keyboards always go together like piano keyboads i bet those are easy to find passwords with... or what about my roll out keyboard its letters dont make noise so my speakers click for the keyboard... that would be really hard to crack hu? using a 2k wav file that plays the same sound (except for delete it plays it backwards) and also last time i checked if u hit a key really hard it makes a different sound (on regular keyboards) so if u hit A really hard it makes a diff sound than if u lightly tap A... oh well people must be running outta stuff to reasearch now of days so they turn to meaningless crap like "i can guess ur password all i need is a micophone and a sound analyzer and then ur keyboard and i can get it only after you type it in once..it may take about 75 times but i will guess it"
(yes i know i suck at spelling fell free to correct my grammar and/or spellin i dont care, im still not going to change
Man, it took a long time before the inevitable Dvorak comment showed up. I expected it to be the second or third post. You guys must be slipping!
Dave
/* No Comment */
I write /whois and /away much more often than my passwords.
Yes, I'm IRC addicted...
Actually, this is not new: and not even impractical.
The technology is available to produce a high resolution recording of the key strokes from a considerable distance, provided there is a glass window on a room. Laser technology is used to pick up the vibrations from the glass as a resolution that will astound.
Even if you are aware that you are being evesdropped and attempt to obfuscate the sound by using shift or caps locks keys, be aware that the key makes sounds both on being depressed and released - and the better the keyboard, the more defined [hence identifiable] the clicks are!
I've done some cryptography in my day, and can tell you that the probability of identifying they keys associated with their sounds goes up very quickly, provided the listener can make a couple of basic assumptions: language being the most basic, though awareness of non-standard keyboard layout would be another [US/UK keyboards have a number of symbols relocated; non-English keyboards have extra characters and relocation]. Like all crypto problems, the more data you have, the better your image of what's taking place, and the better you can identify the underlying data.
The bottom line is, there's more than one way to kill a cat than skinning it & the same applies to passwords: keystroke scanning trojans are only one route; a determined opponent will definitely crack your password if they are prepared to spend the time & money to do so.
ho hum.Here we see Agent Small and Agent Geoffries working on a real, live Password Hacking "Evesdrop Machine". If they can just hear enough of the nefarious criminal's activities, the can garner all of his secrets.
AS: Okay, we're getting something.
EM: *click click clickity click*
AG: What was that?
AS: It sounded like a URL. He must be going to a website. The machine will try to crack the URL.
EM: *click*
AG: That was a mouse click, wasn't it?
AS: Yup, not very helpful.
EM: *thump thump thump thump*
AG: What's that?
AS: It sounds like a hard and regular pounding of something. I can't quite make it out.
AG: Hey, the machine's got the url. www.ultimatepron....
EM: *thump thump thumpthumpthump...spalsh*
AG&AS: Ewwww!
UTF-8: There and Back Again
From the paper:
"The current attack does not take into account special keys such as Shift, Control, Backspace and Capslock."
Different keyboards and different typing styles probably also play a factor in the ability to extract the text patterns.
"Don't type angry!"
Read any good sonnets lately?
An iPod nano up his ass? There are worse things... one would barely feel it. Damn, they're small...
or for that classic british bad comedy...
A-L-E-X-E-I-S-A-Y-L-E
"How fine you look when dressed in rage."
Remove all the keys on your keyboard then put them back on at random!
If someone can get a recording device close enough to clearly pick up every keystroke I'd be more concerned about them attaching a logger to my keyboard. How many people, including yourself, do you know who accually check the keyboard before using the a computer, everywhere, home, office, public access(including internet cafe), school computer lab, someone else's. I'd say very few if any. With all the usb devices in use, someone plugging in a device in the back of a computer may be assumed to be plugging in their USB drive. No one would suspect their attaching a keylogger to steal other people's account info.
F7 doesn't work, ignore spelling and grammar
You can hear the incessant tapping of a vi user's escape key a mile away.
Weapons of Mass Analysis
nh
My turnips listen for the soft cry of your love
I can just see the FBI breaking into my house to put a bug near my keyboard, and then sitting in a van outside my house for a couple days analysing the sound of my keystrokes with their software -- and not having noticed that my password is on a stick-note on my monitor.
Instead of just speaking in English, we can "sound" it out... *tap tap tack* *tap tack tack* (My 6 digit password.)
Only 20 tries on average, eh? Anyone who needs more than three tries to log into my systems needs to call the IT helpdesk to unlock their account. If it's a sensitive system, they need to have their manager call in for them. Game, set and match.
Allowing brute-force attacks is stupid, although not quite as stupid as scaremongering about loud typists.
SoupIsGood Food
Oh great. Now in addition to having a 20-charactor password, composed of completely random letters, numbers, and miscellaneous punctuation, that changes every day, and an LCD monitor with DVI interface, I also have to enclose my workstation in a sound-proof booth? Hmm, wait, that might not be so bad.
Request a Linux Shockwave player here: http://www.macromedia.com/support/email/wishform/
Or what about:
a b c "shift+home" x z "backspace" y z
You can delete text with more than just backspace.
I don't think a natural (freak of nature maybe heh heh) keyboard would throw this off though. They don't CARE what your keyboard layout is like, just the sound of keys being typed. The keys could be arranged in a square grid, it wouldn't matter.
Coding with assembly is like playing with Legos. Coding an application in assembly is like building a car with Legos.
``Or, don't worry. I mean, realistically, what are the odds of this crack actually happening in the non-ultra-spooky world?''
Congratulations, you've just upped my university campus to ultra-spooky status.
Seriously, these attacks are pretty old and have been used successfully in the past. Now that the word is out, I can only assume it's going to be more common.
Of course, the good old packet sniffer does its job, too. Easy to thwart, but most people don't bother.
Please correct me if I got my facts wrong.
I use a FingerWorks TouchStream, so my typing is completely silent.
From the article: "And some keystrokes generate a category that doesn't seem to match the character in the original text, because the key happened to sound different that time, or because the categorization algorithm isn't perfect, or because the typist made a mistake and typed a garbbge charaacter."
So did anyone else notice the irony/coincidence that garbage was typed incorrectly in the statement above?
Sorry about not posting sooner, I post when I can.
The sad thing is that my post is absolutely true. I do use Dvorak and am not a good typist.
What makes it even worse is when the layout is changed on me. Mac OS (Panther) doesn't even show what the current layout is when resuming and Windows XP shows "EN" for Qwerty and "EN" for Dvorak. Very helpful indeed. At least with the Mac it alternates between a "DV" and an American flag on the menubar.
Then again, the flag only has 9 stars and 11 stripes. Meh, nothing is perfect.
Doug Tygar is a professor, not a student.
Corporate espionage? People don't talk about it much today, but it's just as alive and kicking as it has been for the last 40/50/60 years.
Any people standing around with a microphone pointed at my employees keyboards will be shot onsite.... hold on isn't it just quicker to take a peek, if you are close enough to hear, you must be close enough to SEE1
I was just thinking exactly that.
I was reading this article when a user called because he couldn't get into his website that we host. The first thing I did was log into our server's control panel while I had him on the phone. If this method of eavesdropping was powerful enough to detect keystrokes over the phone, that would be a very scary premise.
but I've been standing in line at the ATM and heard more than one person mumble their PIN as they punched it in.
It's a good thing I'm a nice guy. The only thing between me and cash were my morals. But I suppose that's the case most of the time in society.
"No fair, you changed the outcome by measuring it!" - Professor Hubert J. Farnsworth
The whole point is that they use smart algorithms to learn what sounds your particular keyboard makes.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
FTA "..it uses fancy machine learning methods to recover the sequence of characters typed.."
Is that like that Fancy Book Learnin'?
Seriously, this makes me think twice about typing my password in the presence of a blind person.
What part of their method makes it inapplicable to hunt-'n'-peck typists?
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
A couple of decades ago I spent a couple of summers working on implementing a relaxation algorithm to solve the same kind of problem in a different arena: font-independent OCR. Internal pattern matching was used to sort the characters into equivalence classes, and then a relaxation algorithm, fed with digram and trigram frequences, was used to solve the "cryptogram" for the letters. I wonder what method they're using these days...
This technique was used by MI5 and GCHQ as long ago as 1956. It was developed by Peter Wright, a former assistant director-general of MI5, and used to get the rotor wheel settings for a Hagelin crypto machine in the Egyptian embassy in London. The microphone was in a bugged telephone 2 feet away. He described the operation in his 1987 book, 'Spycatcher'.
Actually, it's biometrics and smartcards WAY before you get to the ultra-spooky world. For instance:
- At my county EOC
- Your friendly USAF Recruiter's office (check his laptop; his ID will probably be stuck in a smartcard reader in there).
I always play loud music and often misspell stuff since I'm drunk all of the time.
life in low-res
Actually, it's biometrics and smartcards WAY before you get to the ultra-spooky world.
Well, sure. I guess my point is that by the time we're talking about targets that would attract sophisticated, unorthodox cracking (such as audio cracking of keystrokes), you're already dealing with other security measures that are going to make that specific technique pretty much useless.
Don't disappoint your bird dog. Go to the range.
I assumed that anti-virus software would look for any program that monitors all keystrokes an alert the user.
If this is the case, it might not notify the user every time a program tries to monitor the microphone.
(though perhaps it should)
Abolish Copyright. Restore Freedom.
Isnt it time that computer security experts just give up on the idea of passwords? Instead of trying to get users to use ever increasingly complex passwords they can never remember why dont we just invent a new system of security? Its obvious the password paradigm of computer security is not very effective, and we should move beyond it and start reaching for new ideas instead of fixing a flawed old one.
got a source for that? i was under the impression that when a (traditional analog fixed wire) phone is on hook the mike and speaker are physically disconnected from the line.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
I use Dvorak too, but it won't make a difference. This technique does not depend on keystroke timing, it classifies keys based on their sound and guesses which letter each key-sound means based on English usage stats.
One thing that would work is to switch to a different layout when you enter your password and switch back when done. But you can't type an extended sequence of English in the alternate layout, else they'd be able to decipher it the same way.
i'd hit it so hard, if you pulled me out you'd be the king of britain [bash.org]
Malware nothing.
All the attacker has to do is call you on his recording phone (okay, tape recorder tied to the phone line), and convince you to type him a letter and email it to him.
Record the sound, match the sounds to the words of the letter, and bingo. He has your email password, and more if you logged on to type the email.
And yes, that doesn't require the use of a long amount of text, or their machine learning.
Human engineering takes a tech job, and makes it dismally simple.
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
Sheesh, I mean we're famous enough...
So much for my 15 year-old IBM Model-M (http://en.wikipedia.org/wiki/IBM_Model_M_Keyboard ). :-).
I still am proud if it, disregarding this basic hey-I-hacked-an-audio-subtitution-cypher. Certainly not losing any sleep over this. In the mean time, I can hear the keys even through the sound of trance pumping in my headphones.
Hmmm, not quite Van Eck Phreaking ...but close
(refresher)
obligatory refresher
I like to foil this effort by pressing "^U" a lot when I type my passwrod.
That is, for the passwords that aren't public keys...
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Ohh, I see. Yes, quite logical.
Schools, ironically, are the one place that I'd expect this not to be true. There are a -lot- of bored student crackers out there.
Spyware listening to your neighboring cucible's occupant trying to get her password, now - that's useful for some groups
Those who can, do. Those who can't, consult.
Schools, ironically, are the one place that I'd expect this not to be true. There are a -lot- of bored student crackers out there.
Alas, true. I'd actually be surprised if most schools aren't at least considering (if not already implementing) some sort of smart-card system for access to their networks. There's a lot at stake on a large campus system - but it does take a lot of cash to do it right. Of course, not as much cash as digging out of the lawsuits that can come from some of what happens when students abuse those networks (or each other, etc., through those networks). Good old just-a-password security is eventually going to be a quaint memory anyhow. At least anywhere that it counts. There will always be some twit that just won't be happy until he's cracked into his dorm-mate's laptop, but that guy is probably snooping through people's backpacks, too. It's a shame that people smart enough to rig up something like RF- or audio-based cracking (just because they're bored) don't have something more constructive into which they can pour all that energy and intellect. Some things never change, though!
Don't disappoint your bird dog. Go to the range.
Well, what about a simple application that plays a sound on each keypress. The pitch of the sound could be adjusted slightly every few minutes or so just to add to the confusion and keep it interesting for the user. The application might even become so popular that you can sell it to Hollywood Sound Engineers for use in movie computers when our hero has to type in the password.
Then that must mean coders are safe since most of them can't spell worth a damn unless they are coding. ;P
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
Yup, better yet may be to call the NOC and convince them to log into a router because you are seeing "strange problems". Record them typing, you will know the sound of the keystrokes for ssh YourRouterHere.com and can then derive the password.
The most dangerous strategy is to jump a chasm in two leaps. - Benjamin Disraeli
onscreen. keyboard.