Tuesday, August 22, 2023

AI can steal passwords based on sound of keystrokes

Link

 

In the future I will be playing music while banking

AI can be trained to steal passwords with over 90% accuracy based on the sound of key-strokes.

Every style of keyboard has a unique set of vibration signatures and each key is like a different hammer hitting its own piano string.

Presumably, it could also pair the passwords with the sites...your bank, the trust that holds your IRA and 401-k, your employer and so on by the same method.

 

7 comments:

  1. This is not new, The Russians did this with typewriters in the seventys and eighties.

    ReplyDelete
  2. From the actual report they seem to have trained the models on the same MacBook they used for testing and assumed all units of the same model would have the same acoustic profile.

    I'd like to see how well (or even if) their method works on other Macs and on other brands of laptops.

    ReplyDelete
    Replies
    1. Deeper in the text the article states:
      "According to the research, each keystroke produces a unique, almost inaudible sound. The AI processes these sounds by analyzing the waveform, intensity and timing of each key press. In tests, the researchers meticulously pressed 36 keys on various laptops 25 times each, altering the pressure and the finger used."

      It states that "...various laptops..." were used which is ambiguous but suggests that has some degree of stability within a given model.

      Delete
  3. As mentioned, this is not a new idea. Note, however, that it required a close microphone and was only tested on a single model of laptop - there are LOTS of different keyboards out there, with widely varying noise levels (remember the old metal IBM ones sturdy enough to chop a tree down?).
    This reminds me of ballistics matching tests done between a small batch of one model of gun - not very realistic.

    ReplyDelete
    Replies
    1. Not to be difficult, but many laptops have a microphone embedded in the bottom. Mine is in the lower, right corner. It could not be any closer to the keys.

      I think the risk is that software could be Trojan Horsed in that runs FFTs on the microphone's signal and then sends the compressed, acoustic content to the party who sent the malware.

      Delete
  4. Join this most wonderful and cool online home based job and start making more than $700 every day. {c43} I made $24583 last month, which is incredible, h and I strongly encourage you to join and begin earning money from home. Simply browse to this website now for more information.
    For Details.......... Www.SmartCash1.com

    ReplyDelete
  5. Was in Navy mumbly-crypto-mumbly school way back when. If the stories we heard were half true, we haven't had privacy/security for a long time.

    ReplyDelete

Readers who are willing to comment make this a better blog. Civil dialog is a valuable thing.