SCI/TECH: Sounds from keyboard typing could be security risk

A researcher at the University of California, Berkeley has developed an algorithm that can identify the sounds made by typing. The program can recover almost 96 percent of the characters typed by analyzing a recording of the sound made. Doug Tygar, a professor of computer science and information management, built on research done by IBM who's program had topped out at 80%.



Interesting, but if you are worried about workplace snooping, the odds are that somebody in your IT department is reading this post along with you. The device was built with off the shelf components and can filter out cell phones and other typing sounds as well. It may turn out to be one of those lab curiosities that have no real world application.

Brilliant!

Great article FredT.

I would be surprised if this was the first program of its kind. There could very well be a dozen itterations of it, with a decade or more of development already finished and in the hands of professional (government) snoops.

The possibilities raised by microwave snooping beg for adaptations like this, to increase the overall sensor clout. On a government level, this technology could be insanely powerful and wide-ranging but, I think the potential for real abuse may be less grand.

Any scammer with a decent shotgun mic and a copy of the algorithm could gain enormous amounts of information just by doing laps around the financial centers of the country.

In as little as a month they could have enough information to blackmail or bankrupt God himself. Not that I would ever consider doing such a thing, but rest assured, some people would like nothing better than to have that kind of power.

However, the problem I think may be encountered is in trying to decode messages that were typed in encrypted form. Few, if any people do this anymore (easier to type straight and drag the message through software before sending), but I sense that may change now.

Generally the pattern I've noticed is this, when the snoops develop a new toy, the sneaks go back to using old, even archaic methods to evade detection as a stop-gap to buy time for new methods to develop. New methods to defeat detection, by the way, are always being developed, and I've never heard of a case where they failed to develop eventually.

The spy race has been going on a long time, it survives because of the natural balance achieved by swinging back and forth between two extremes. Isn't this same race going on in Iraq as we speak, with the US and its high technology surveillance against the resistance with its various techniques (which seem to be getting more complex, but also more primitive, in order to escape detection)

For example, I think the resistance fighters on the ground no longer communicate with each other via radio, because they don't want to give away their plans to those listening in.

Instead, they reverted back to earlier methods of communication, using symbols and gestures. I think I even saw a picture the other day of two mujahadeen conversing using two plastic cups and a length of string. (No, not really)

If this technology gets widely adapted by the sinister crowd, and used for corporate espionage or whatever, I think the next logical countermeasure would be sound shielding in offices where sensitive information is conveyed through a keyboard. Wouldn't take much, either physical or electrical interference, to render the technology impotent - just a good dose of soundproofing for every business in the country. Excuse me..I'll be right back..I just have to change my profession real quick.

Personally, just as an aside, I think technology has a lot to gain by studying the animal kingdom. Surveillance and counter-surveillance has been adapted by many, many different species. And they've been testing and refining their systems in the crucible of evolution for millions of years longer than man in many cases. From elephants to insects, the animals have some amazing tech we should be co-opting for our own use. Imitation is, after all, the highest form of flattery, no?

Back on point, the only other thing I had to add was regarding quantum encryption, which should, theoretically, be crack-proof. This may indeed come to be, but I'm not sure it's the end of the race. It's one of the technologies that may have the potential though.

In any case, a very interesting article you posted. I enjoyed reading it very much.

What a waste of of time & money purchasing all kinds of security software when my keyboard has been singing like a canary all along. I guess magic lantern is now magic jukebox.

There are silent keyboards, touch active keyboards and changing keyboard layouts regularly to protect against this.

Something new on the horizon will also help against this:

www.artlebedev.com...

I'm confused....

Accoustic differences??

Does the keyboard make a different sound when I hit "p" than when I hit "q"??

Of course I understand the amount of keystrokes could be easily heard, but which keys? Based on sound?

Probably based on the distance between the keys and the common hand positions, or commonly 'fast-typed' words.

If you record a bunch of people typing a bunch of different phrases, you can get some parameters in place for identifying sound sequences with written material.

I'm not sure how they'd do it without a base set of sounds, recorded of people typing, for use in calibrating the algorithm.

Ok, gotta quick question here. Recently I was in france and the keyboards were different....like the "W" was where the "A" is at...or something like that, all messed up and wrong, IMO. So I had to put the typing settings thing for english or whatever. OK, does the UK have keyboards like france or the US?

On topic....I heard of that before, really good idea, IMO. As WyrdeOne said, I would not be surprised if it has been out now for like 10 years and is in full use by many governments and private sectors.

Think about it....it could be preprogrammed to activate or loggin any attempts to type certain words...like maybe "bomb" or "threat" or bank account numbers and SSN's...the possibilities are endless.

sporty

Exactly... unless the sniffer has recorded the keystroke signatures before hand, there is nothing to compare to and no security risk.

Originally posted by Djarums
I'm confused....

Accoustic differences??

Does the keyboard make a different sound when I hit "p" than when I hit "q"??

Of course I understand the amount of keystrokes could be easily heard, but which keys? Based on sound?

My guess is that it's more based on the difference in sound caused by the distance the key is away from the mic and the angle of the sound coming to it. If the mic is on the right hand side of the keyboard, a "p" will have a slightly different signature than a "q". The human ear probably would never catch that, but the difference might be rather significant to a computer.

As thematrix pointed out, there's quite a few existing solutions to this. Another thing that strikes me as a potential barrier is that not all keys on a keyboard may be functioning properly; I'm sure everyone's had a keyboard with one or two sticky keys on it. Even then though, that'll only create a handful of problems when they're trying to parse it.

I don't wanna be the one to sound like a retard...but I think I hear a slight difference in the keys when I push them. Like the space bar and the "A" compard to the "L"....give it a try and see if you hear it too.

Also, all one would have to do is get a worddoc or file that the target has typed and assign the typed letters with the acoustic sound.

People are going to think this is a joke, but I mean it seriously.

Any sound coming from keyboards, regardless of how sensitive the mic is going to have to take one thing into account - debris.

Have you ever held your keyboard upside down and shaken it? You could fill a garbage bag with that stuff.

When you're talking about sounds that low, these things will interfere as well!

this reminds me of a docu i watched once, about americans building there embassey in moscow. they had to make a room sound proofed because they said this was one of the problems they faced with spying in there embassey

I just checked out hhis blogsite and found this which has more detailed info.

Microphones placed near keyboards can record keystrokes. Li Zhuang, Feng Zhou, and I have developed a set of algorithms for recreating the material typed directly from the keystrokes. Unlike previous approaches, our algorithms require no information about the typist, keyboard, room, or text typed. Unlike previous approaches, our algorithms do not require any “labeled training data” (matching acoustic recordings to the actual text typed by a particular typist.) In contrast, our algorithm can use data from a cheap microphone in the room with a typist, collect ten minutes worth of data, and the algorithm will be able to recover the typed text. In fact, once our algorithm has ten minutes worth of typed English text, it can recover arbitrary text, such as passwords. Even if the typist uses a “quiet keyboard”, we can still recover the text. And our work further suggests that the microphone need not be placed in a room — a parabolic microphone outside the room would work equally well at recovering the signals.
tygar.blogspot.com...

Interesting any cheap microphone can be used and need not even be in the room if a parabolic microphone is used and will work and even on a silent keyboard. hmmmmm :shk:

Here is additional detailed article on these acoustical spy techniques.

Researchers Recover Typed Text Using Audio Recording of Keystrokes By Sarah Yang, Media Relations 14 September 2005

The researchers were able to take several 10-minute sound recordings of users typing at a keyboard, feed the audio into a computer, and use an algorithm to recover up to 96 percent of the characters entered.

"It's a form of acoustical spying that should raise red flags among computer security and privacy experts," said Doug Tygar, UC Berkeley professor of computer science and information management and principal investigator of the study.

What makes the technique feasible is that each keystroke makes a relatively distinct sound, however subtle, when hit. Typical users type about 300 characters per minute, leaving enough time for a computer to isolate the sounds of individual keystrokes and categorize the letters based upon the statistical characteristics of English text.

"Using statistical learning theory, the computer can categorize the sounds of each key as it's struck and develop a good first guess with an accuracy of 60 percent for characters, and 20 percent for words," said Li Zhuang, a UC Berkeley Ph.D. student in computer science and lead author of the study. "We then use spelling and grammar checks to refine the results, which increased the character accuracy to 70 percent and the word accuracy to 50 percent. The text is somewhat readable at this point."

But that's not the end. The recording is then played back repeatedly in a feedback loop to "train" the computer to increase its accuracy until no significant improvement is seen. In the UC Berkeley experiments, three feedback cycles were often enough to obtain recovery rates of 88 percent for words and 96 percent for characters.

Once the system is trained, recovering the text became more straightforward, even if the text was a password and not an English word. After just 20 attempts, the researchers were able to retrieve 90 percent of five-character passwords, 77 percent of eight-character passwords and 69 percent of 10-character passwords.

www.berkeley.edu...

Very interesting but troubling at the same time. Debating whether to waste more $ on a 'silent' keyboard.

all you have to do is record someone typing for a few hours and you would then be able to decode everything they typed. no prior setup required.

each strike on the keyboard has a different sound, just like each fret on a guitar has a different note. then simply apply some rules about how often certain letters/sounds appear in typical communications and there you have it. keyboard decoding.
daved

OMFG

that is so cool...

before this, keyloggers where the best tools to use to see what a person was typing...

Originally posted by they see ALL
OMFG

that is so cool...

before this, keyloggers where the best tools to use to see what a person was typing...

this has been known for decades

This acoustic technology still implies that there is surrepticious access to the keyboard, or the immediate vicinity of the KB. If this is true, then a keylogger is a much more convenient and less complex solution. Commercial products like these represent a big headache for computer security specialists.

However, if a peripheral device (like a webcam, headset, or laptop) that is equipped with a mic could be remotely accessed and activated, then you could use the audio to remotely record keystrokes, which would be mega-cool......

Fascinating article, FredT. I can see it now - soon you'll be able to buy "Secure Keyboards" at Circuit City!

Nifty. Still has fallbacks, but cool none the less.

They also fail to mention that a laser pickup mic could be used. The fuzz could sit in their Ice Cream truck outside and decode your keystrokes through your window.