Comment by prmoustache
2 years ago
Also, author is typing his user password during live streaming with a mechanical keyboard while microphone is on.
2 years ago
Also, author is typing his user password during live streaming with a mechanical keyboard while microphone is on.
You mean that the sound of each key is unique and sufficiently different from the others? Or it has to do with how a person is typing?
This is an actual attack surface: https://www.researchgate.net/publication/284949922_Keyboard_...
I’ll be yodeling while typing from now on. Happy open-spacing everyone.
It doesn’t need to be unique, it just needs to leak enough information to decrease the search space enough to where brute force (or other methods) can kick in.
Each key will produce a different sound even if it's just a touch screen surface keyboard due to being in different positions on the surface and having a relative position to the microphone - it may be more difficult and require a higher quality microphone.
Once you isolate and cluster all the key sounds you end up with a simple substitution cipher that you can crack in seconds.
[dead]
While this comment doesn't seem 100% serious, I wonder if this kind of attack is made less effective by the trend in mechanical keyboards to isolate the PCB and plate from the case acoustically, e.g. gasket mount, flex cuts, burger mods. In my experience the effect of these changes is each key sounds more similar to the others rather than the traditional case mount setup where each key sound changes drastically based on its proximity to mounting points.
Poe's law strikes again.
[dead]