Slashdot Mirror
Traditional Keyboard Sounds Can be Decoded By Listening Over a VoIP Connection, Researchers Say (onthewire.io)
Reader Trailrunner7 writes: Researchers have known for a long time that acoustic signals from keyboards can be intercepted and used to spy on users, but those attacks rely on grabbing the electronic emanation from the keyboard. New research from the University of California Irvine shows that an attacker, who has not compromised a target's PC, can record the acoustic emanations of a victim's keystrokes and later reconstruct the text of what he typed, simply by listening over a VoIP connection.
The researchers found that when connected to a target user on a Skype call, they could record the audio of the user's keystrokes. With a small amount of knowledge about the victim's typing style and the keyboard he's using, the researchers could accurately get 91.7 percent of keystrokes. The attack does not require any malware on the victim's machine and simply takes advantage of the way that VoIP software acquires acoustic emanations from the machine it's on.
The researchers found that when connected to a target user on a Skype call, they could record the audio of the user's keystrokes. With a small amount of knowledge about the victim's typing style and the keyboard he's using, the researchers could accurately get 91.7 percent of keystrokes. The attack does not require any malware on the victim's machine and simply takes advantage of the way that VoIP software acquires acoustic emanations from the machine it's on.
What is new however, is that 25% of my keyboard interactions now involve autocomplete popping up and me selecting something with a mouse. Better hurry up and exploit this while you can...