Hackers can read keystrokes via laptop vibration
7:56 AM * PERMALINK * 42 comments
Friday, March 20, 2009
Like The Raw Feed? Then you'll LOVE the FREE Mike's List newsletter!
Find Me On:
Mike's List Newsletter
Cell Phone Version
About Mike Elgan
Columns
Search
Old
Secret Link
Twitter
Technorati
RSS Feed
FriendFeed
Facebook
Google
Digg
Computer America
Other Blogs
And More!
AD: Master Windows 7 with Chris Pirillo's Windows 7 Tips eBook!
MORE MIKE ELGAN STUFF
Inside Google
Mike's List
Mike Elgan's Columns
The Spartan Diet
The Spartan Diet Blog
Mike Elgan's Lifestream
Comments:
While I find this technically interesting, I highly doubt it would work in real life scenarios. I could be wrong, but it seems like way too much work to put in when there are still people still falling for Nigerian scammers and stuff like that. There was another method of seeing what was typed or on screen by analyzing the reflection of people's eyeball itself. These methods are interesting that such a method is possible, but I really doubt it will be feasible in 99% of real life situations anytime in the near future.
owned ^^
I'm officially switching to Dvorak. Actually, I might make my own keyboard layout... your vibration monitoring will prove futile!!!
Don't you mean necessary not, feasible?
Yay for the hackers. Now, are the vibrations consistent from laptop to laptop? If not, useless.
Seems like it would also pick up tons of background noise so the "works up to 100 feet" may not be so accurate...
There is another method of this kind of surveillance of which I've heard called Van Ech phreaking where a device reads the electromagnetic radiation given out from the computer screen.
background noise? it uses a laser to read the vibrations, unless the laser beam is interrupted, where's the background noise come from?
There's only one solution: OLED screens build into each key on the keyboard, randomly changing the key after every key stroke.
Either that or just one key which cycles through the alphabet at random time intervals: you simply press it on the right letter.
Who gives a crap about productivity, as long as they can't read my comments on random blogs I "stumbled upon"!
:)
Background noise here is a term used to describe the stimulus generated by other objects that might report vibrations back to the device. In astronomy, the lights from a city interfering with equipment would be background noise as well.
why bother wasting time with some "vibration reading device" when a really intelligent hacker can just do a little social engineering and some slippery GNU based code? For that matter, why not just walk over and jack the mother-fucker and take his laptop home?
"reflection of people's eyeball" > does that count for those of us that can touch type?
I have no doubt it could work, but not in real life
I use a brail monitor. Now what?
You'd probably have to assume the person is also using the laptop on a solid surface and not...on the top of their lap. Otherwise the laptop probably vibrates more or less or is moving so the laser would have to be readjusted, etc.
hard to imagine that the vibrations would be consistent through different models of laptops.
>>There is another method of this kind of surveillance of which I've heard called Van Ech phreaking where a device reads the electromagnetic radiation given out from the computer screen.
This is indeed true...cryptonomicon is a great book...but I believe you have to have a receiving signal within 4 or 5 feet of the screen to use this method, not nearly as versatile as 100ft.
As long as you know which language the typist uses, and the keyboard is on a rigid surface this tech should work. Every language has its own most used keys, and there for you should only have to capture some 100 keystrokes and you knew which key had which vibration.
Layout changes don't help at all, unless they are random.
Ok, what about different sized keyboards (netbook vs. laptop), or different typing surfaces, as already commented on. Or, different weight of the laptop. Or, different kinds of feet in contact with the surface (my laptop has little rubberized feet on the bottom of it). Not to mention the fact that you may notice A FREAKING LASER POINTED AT YOU.
Blogger Insanity540 said...
"reflection of people's eyeball" > does that count for those of us that can touch type?
er... yes, it kind of usually appears on the screen.
not at all possible, I hit some keys hard sometime. not everyone is a typist.
"er... yes, it kind of usually appears on the screen."
no, i think it uses where your looking in refrence to the keys, those tiny movements you dont really notice.
Anon not all lasers show in visible light, there are ones that the human eye cannot see.
maybe it work maybe it doesnt. Im wondering how they would compinsate for the fact that i bounce my leg almost constantly when im sitting at the computer. My whole desk shakes around because of it. ADD FTW???
Well, years ago they came up with software that could tell what you are typing by the sound each key made. This is basically the something but using a device that can't be drowned out by ambient noise. Of course they would have to figure out each keyboard separately. It is based on the fact that there are slight difference in each key. So it really does no good, although they made be able to tell using a standard laptop type
^^Not to mention the fact that you may notice A FREAKING LASER POINTED AT YOU.
Maybe an infrared laser would be impossible to see . . . then again, I don't know how you'd aim it. Special glasses?
not possible in real life. they conducted experiments in controlled environments. In practical life hacker would have to "tune" their software and calibrate it according to unique user(we all have diffrent keystroke patterns that fluctuate by diffrent degrees).
Does it work with ..ahem... one handed typing?
yea, certainly, how much $$$, each key will have to have it's frequency identified or taught to the software for identification, the laptop will have to have a fairly reflective spot with angulation suitable to reflect the beam back to the photocell collector
which will be close to the laser device, oh, use an infrared laser or a red dot will show up on the surface of the laptop somewhere. How about a shotgun microphone with some dspsquelch type noisegate, ...
I remember the method where they record the sound of each keystroke. As I recall, the layout and type of laptop would not matter because they record a huge sample over time, then compare your most frequently pressed and least pressed keys to the commonly used letters. So whichever keypresses happen most are probably RSTLNE or whatever and least X and Z.
They use that for a 'best guess' at which key is which letter, then they just have to see how close they are to making words from the letters they guessed and make a few fixes to finish mapping out your keyboard to vibrations.
The only defense is to type gibberish so they can't map your keystrokes to words, but it wouldn't work instantly or without analysis either so if they only have a few minutes they won't get anywhere.
I believe that this would work in a controlled setting, such as where they built the device. I highly doubt they've tested this device in a real-world situation. Besides all of that, I also doubt that it will be able to recognize each laptop's keyboard "audio footprint" so to speak.
"'m officially switching to Dvorak. Actually, I might make my own keyboard layout... your vibration monitoring will prove futile!!!"
A frequency analysis will be able to give a pretty good guess as to what you are typing. It may not be able to guess everything, but humans are smart enough to fill in the gaps. Maybe not as useful for passwords.
So kudos really to the thought process that came up with this possible device but not really practical now is it? Further with most of the banks etc no offering virtual keyboards and software packages that are voice centric, this is hardly going to be of any practical use whatsoever!
Perhaps we should use the On-Screen Keyboard from now on? :D
These are false statements. God wouldn't create computers or laptops for evil purposes and theft of His children's privacy. Read the Bible, people! You will realize that God created everything for Man to enjoy and use in His name, and would never allow Man for an artrocity like this!
Changing the keyboard layout or making your own wouldn't help if the attacker monitored you for long enough to do some frequency analysis.
um... wouldnt work... every key makes the same note, they dont have musical beeps like password vault locks or anything.. they dont go "beep, bloop, bleep, boop, deet, doot, dee, doo" every key makes the same noise... "click" or maybe a "clack"... i mean, they might be able to hear the space bar, but every key would sound the same, exept maybe the shift, enter and backspace...
This is alarming. The potential of personal computing to be hacked by a stranger is increased. No matter how brilliant the said project was, if it falls in the wrong hands. Surely computing experience would be a chaos.
it's also possible to read out what you've written thru the vibrations that comes thru the pipes from your heater.
Two people seeking notoriety.
Tim Lewis has know it all syndrome and can't appreciate this nifty find for what it is. A nifty find. stfu tim lewis.
Isn't it great how all the naysayers are complaining about the laser technology not being feasible, when that's the only aspect given of the technology that has been tried and tested for DECADES? As per all the other issues brought up, as long as the laptop was on a hard surface (being something easily illimitable)anyone with the patience could simply recreate the situations, with an identical model of laptop on a similar hard surface, and test for the different vibrations made by each key, then match them up. If they needed this information bad enough to put the person under surveillance, this would be easy enough to accomplish. Also, laser listening devices aren't difficult to use, nor are they difficult to conceal. All they'd have to do is put it in an inconspicuous object then set it down facing the laptop. (Such as a pack of smokes on the table they're seated at.)
How soon until we see this technique used in the movies??
Post a Comment
<< Home