Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploiting the iPad's Glowing Keyboard

Posted by timothy on Thursday July 14, 2011 @03:22PM from the easy-solution-turn-off-screen dept.

nonprofiteer writes "Earlier this week, a South African security researcher released shoulderPad, an app that's designed to auto-snoop on iPad users' passwords by watching their touchscreen keyboards. When a user types on an iPad's touchscreen, each key glows blue for a fraction of a second after it's struck, a helpful bit of feedback for any virtual keyboard. ShoulderPad's image recognition algorithms, based on Open CV's open source image recognition software, look for that flash of blue. 'At any distance, if the blue is distinguishable, shoulderPad can detect that keystroke,' says Meer."

3 of 127 comments (clear)

Min score:

Reason:

Sort:

Security Enhancement by PPH · 2011-07-14 15:32 · Score: 4, Funny

Enable the iPad camera and feed a video window on the login screen so you can see who's looking over your shoulder.

--
Have gnu, will travel.
1. Re:Security Enhancement by Kenja · 2011-07-14 15:40 · Score: 5, Funny
  
  Its some suspicious looking guy! Man is he ugly, its almost as if.... oh, its me.
  
  --
  
  "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
It's not even that hard by Anonymous Coward · 2011-07-14 15:36 · Score: 4, Insightful

To make it easier to catch typos, secure text fields on iOS persistently display the most recent character typed (and hide it when you type the next one). If you're already recording video of the iPad screen, why not just look for that?