Please create an account to participate in the Slashdot moderation system


Forgot your password?
Cellphones Iphone Security

iPhone Keylogger Can Snoop On Desktop Typing 103

An anonymous reader writes "Researchers at Georgia Tech demonstrate that a mobile phone located near a keyboard can use its accelerometers to recover text typed by a target. 'The technique works through probability and by detecting pairs of keystrokes, rather than individual keys (which still is too difficult to accomplish reliably, Traynor said). It models “keyboard events” in pairs, then determines whether the pair of keys pressed is on the left versus right side of the keyboard, and whether they are close together or far apart. After the system has determined these characteristics for each pair of keys depressed, it compares the results against a preloaded dictionary, each word of which has been broken down along similar measurements (i.e., are the letters left/right, near/far on a standard QWERTY keyboard).'"
This discussion has been archived. No new comments can be posted.

iPhone Keylogger Can Snoop On Desktop Typing

Comments Filter:
  • by MrKevvy ( 85565 ) on Tuesday October 18, 2011 @09:21PM (#37757372)

    ... to switch to Dvorak.

    • by ackthpt ( 218170 )

      ... to switch to Dvorak.

      Why? I can type up to 30 errors a minute!

      • Haha, nice joke... Guessing than it's not just me that's noticed a huge decrease in error making? I haven't noticed as huge speed improvements, but error making has drastically went down. Anyone know why that is?
    • Sort of. This sounds like a pretty difficult attack vector, so if someone is using this kind of attack against you, you can bet creating profiles for Dvorak won't be an issue for them. Not to say there aren't good reasons to switch to Dvorak anyways, just that this isn't one of them.

      Note that this technique can't be used to recover passwords, since it is essentially a dictionary attack. Unless you use a password that can be broken by a dictionary attack, in which case you shouldn't be working on anything a

      • Also from tfa, keeping the phone > 3 inches from the keyboard also prevents it, and I assume different desk surfaces, types of wood/steel, keyboard material, type of keyboard (laptop keyboards?), keyboard trays, paper lying on a users desk and other sources of vibration interference also defeats this attack. It's almost laughable they bother suggesting setting extra permissions for the accelerometer's sample rate, when so many things need to fall into place for this to have a chance of revealing anything
      • by Kozz ( 7764 )

        Note that this technique can't be used to recover passwords, since it is essentially a dictionary attack.

        Judging by the typos and spelling errors to be found in the average slashdot post, most of these folks will be immune to dictionary attacks. Unless they build up a dictionary of misspellings, too... dagnabbit!

      • > Oh, and keeping your phone in your pocket also circumvents it.

        but gives you cancer...

    • Darn right! If they're using an English dictionary to crack our passwords, using French words will fool them! They'll never get around that!

      Exclamation points!!

    • Switch? I've been using it for a decade. I still love it when I'm showing somebody something on my computer and they watch me type. They look all confused. Wait a second, you didn't hit Ctrl-F!

    And for bonus: I type much faster with swype than trying to hunt/peck on my keyboard.

    • by TheInternetGuy ( 2006682 ) on Tuesday October 18, 2011 @09:51PM (#37757588)
      I ttryuiiiiiiiiiiiiiiiiiiiiiuytredf swsvbbbbbbyuiopoijnnbgg okmjn mjuy PLOKJHBGVC kjhygtrertyuuuuuuuuuuuuuhbjioooooiujhytrfdsaasd Translates into: I tried Swyping on my PC keyboard It didn't work to well, now did it? And would probably be just as detectable by an accelerometer.
    • by Sancho ( 17056 ) *

      Where can I download SWYPE for my desktop?

      Did you even read the summary? Or the headline?

      • yes. and yes. My point remains, just because you don't get it doesn't diminish it at all.

        Swype doesn't have sudden jolts to which one tie to keystroke taps on a virtual keyboard. It is fluid motion and is, in itself "guessing" by the complete pattern which word you're attempting to type. Good luck pairing two key taps together using SWYPE. How does software that depends on sudden jolts work with fluid motion?

        • by Sancho ( 17056 ) *

          The researchers place a phone with custom software near a desktop keyboard. The custom software records vibrations from the desktop keyboard using the phone's accelerometers. Using statistical analysis, they can decode the vibrations to figure out what was typed on the desktop keyboard. They wouldn't have to use a phone--it's just a cheap, convenient source of commodity accelerometers. They could just as easily put custom hardware (with accelerometers) on the desktop and sniff in exactly the same manner.


    • word up.
  • to select passwords that cannot be found in a dictionary.
  • "Why do you keep pressing the shift keys randomly?"
    "Just bEing CArefUl of keyLogGers."
    • by Threni ( 635302 )

      Why use the keyboard at all, vs clicking on things with a mouse. This works better somewhere you're not being watched, such as at home. Then again at home it's unlikely there's a hostile smartphone spying on you, other than via malware.

  • The ideal distance is too close to my keyboard. Usually if I'm leaving my phone on my desk I put it to the right of my designated "mouse area" which is generally a foot or more from the keyboard. I'm a computer technician so I don't just sit at one computer all day too. Plus most of our customers seem to follow the same policy. They kind of put their phone on the corner of their desk so they don't bump it as their hands move around the keyboard and mouse. If my phone is that close to my keyboard I'm likely

    • Sound can almost give away keys pressed. the sound on the desk is likely to work better than pickup from the air since solids conduct sound. Add vibration and you've got plenty of data to extract from! I somehow doubt the acceleration is precise enough to come close to a microphone; I wonder if an image from the camera (if in focus) could in some cases indicate more vibration than the accelerometer...
      SOUND ALONE could do it much better. use the microphone.

  • Newer iPhones also come with a Teslameter, I wonder if the can detect em spikes when the keys make contact with their pads. Depending on the distance, again, and using the same or similar logic you could determine keystrokes that way as well I would think. I'll try it once I get my new iPhone, the old 3g doesn't have teslameter in it.
  • passphrases (Score:3, Interesting)

    by Yojimbo-San ( 131431 ) on Tuesday October 18, 2011 @11:17PM (#37758212)

    So with this technique, a password of "correct horse battery staple" would be detected, but "Tr0ub4dor" would not (

    • by qxcv ( 2422318 )

      It's the same with all dictionary attacks, that's why "correct horse battery staple" isn't nearly as secure a password as Mr. XKCD claims when you're facing a moderately sophisticated adversary.

      If you wanted to make a "correct horse battery staple" password more secure against this kind of attack, you could just capitalise some of the letters, or mash your unbound mod keys when entering passwords (i.e. ctl, alt, mod4, etc).

      • No, the XKCD analysis isn't based on the presumed strength of the letters in that passphrase, but instead on the *words*. He's estimating 11 bits of entropy per word, which means that the dictionary he's using has a mere 2048 words in it. If using every word in the /usr/dict/words (/usr/share/dict/words on a mac), that would be anywhere from 15 to 17 bits of per word:

        zippthorne ~$ wc -l /usr/share/dict/words
        235886 /usr/share/dict/words

        The default dictionary for Ubuntu was circa 100k words the la

        • Unfortunately many people lack sufficient imagination to come up with a hard to guess string of words.

          • You don't come up with it using your imagination. No password you pull out of "head entropy" is random. Nor likely to be particularly secure.

            You use a pair of dice and a scrabble dictionary, or dice and a printout of 2k (or some other number of selected words so you can use an integer number of dice rolls per word).

            Or you take your 2k words, and chomp off 11 bits at a time from /dev/random to pick, for however long you want your password to be.

            If you hand select the 2k words, you can make sure that there

        • You lack an understanding of the actual entropy of english words. It is much lower than you think. But don't take my word for it, people have studied the topic seriously and even wikipedia has an entry level article. The short of it is that is 11 bits of entropy per word is hopelessly optimistic. []

          • by Anonymous Coward

            You lack an understanding of the actual entropy of english words. It is much lower than you think. But don't take my word for it, people have studied the topic seriously and even wikipedia has an entry level article. The short of it is that is 11 bits of entropy per word is hopelessly optimistic.

            I have an accurate understanding of the entropy of one random choice out of 4096. It is 11 bits. You are probably thinking about the entropy per word of English text. He's not suggesting you choose a sentence. H

    • After reading that comment, I don't know why the heck "correct horse battery staple" is somehow supposed to be easier to remember. I use a consistent "leetification" algorithm on my passwords, which is easier for me to remember that four completely random words (initially). Because remembering a horse saying "that's a battery staple" (which in and of itself makes no sense) and some other random person shouting "Correct!" makes so much sense...?
      • It's supposed to be easier to remember because you remember the composite image, and not the words themselves. You can choose images that are easy to remember (something based on goatse perhaps) and construct a phrase from there -- at the same time you meet the suggestion of a password that is so foul you would never tell another person what it is, thus preventing that whole password sharing problem. Double win. Except you have to remember goatse every time you log in. []
        • by neminem ( 561346 )

          Brilliant! Next time I have to create a password on some throwaway site I don't care about, I'm totally using "I just lost the game". I'll never forget -that- (downside, every time I log in, or think about the site, I'll lose the game.)

  • by Anonymous Coward

    Similar idea from 6 years ago, but using acoustics rather than vibrations

  • if you left your phone on a desk next to a keyboard, it'll get stolen. (but seriously, it's not much of a security risk, you would do better, IMHO, recording the sound of the keys with the phone's mic)

    • Ahhh, and a two-vector attack should be much more successful. Use both the mic and accelerometers and compare to a dictionary generated with data from the two combined. While we're at it, can we use the phone to somehow detect changes in the RF field due to key presses/processing by the keyboard's microcontroller? Maybe that's too much of a processing load for one phone. But beware if you spot several phones lying next to your keyboard.
  • Two Slashdot articles today about university researchers developing snooping technology - this, and the gizmo that sees through walls. Is it just me or is 99% of all academic research funded by the 'defense department' these days?

  • by jasonla ( 211640 ) on Wednesday October 19, 2011 @04:39PM (#37766862)
    Sooo... "Need to eavesdrop on someone? There's an app for that." And I make this joke as an iPhone user who got the 4S the first week it was out, so please, no "Apple hater" accusations.

An elephant is a mouse with an operating system.