iPhone keylogger can snoop on desktop typing

Staff member working on an apple laptop with an iPhone on the side

Image credit: Daniel Reiter/STOCK4B

By Jacob Aron

Get into the office, sit down at the computer and lay your cellphone on the desk – a ritual that millions play out every morning, but one that could reveal more than you expect. Security researchers have discovered they can detect the vibrations caused by using a computer keyboard and read off what is being typed simply by placing a smartphone with a keylogging app on the desk nearby.

Patrick Traynor and colleagues at the Georgia Institute of Technology in Atlanta were able to use the motion sensors inside an iPhone to read keystrokes from a keyboard 5 centimetres away with up to 80 per cent accuracy.

The sensors don’t recognise the vibrations of particular individual keys, but for consecutive pairs of keystrokes they can tell whether the keys are on the left or right of the keyboard and how close together they are. This information is then matched to a dictionary to recreate the typed word. For example, the word “canoe” breaks down into four pairs: “CA”, “AN”, “NO” and “OE”. The first pair is classified as left-left-near, the second is left-right-far, and so on.

The resulting patterns aren’t unique to a particular word, but they are good enough to reconstruct a message when you already know something about its contents. The team tested their algorithm on a dictionary of 799 words such as “mayor” and “ballot” gathered from news articles about an election in Chicago. The algorithm provided its best guesses for matching patterns to words, identifying the correct word as a first guess 40 per cent of the time and as one of the top five guesses 80 per cent of the time. “Context can help us figure out what was really typed when mistakes are made,” says Traynor – and a human attacker could fill in the blanks by making their own guesses.

http://www.newscientist.com/article/dn21059-iphone-keylogger-can-snoop-on-desktop-typing.html

 
 
 

About the author

Anonymous

More posts by | Visit the site of J Williams