Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Laser Sniffing Captures Typed Keystrokes From 50-100 Feet

Posted by timothy on Thu Mar 26, 2009 03:22 PM
from the shoot-back dept.
Security Privacy
Death Metal writes "Chief Security Engineer Andrea Barisani and hardware hacker Daniele Bianco used handmade laser microphone device and a photo diode to measure the vibrations, software for analyzing the spectrograms of frequencies from different keystrokes, as well as technology to apply the data to a dictionary to try to guess the words. They used a technique called dynamic time warping that's typically used for speech recognition applications, to measure the similarity of signals. Line-of-sight on the laptop is needed, but it works through a glass window, they said. Using an infrared laser would prevent a victim from knowing they were being spied on." (This is the same team that was able to pick up the electromagnetic signals emitted by PS/2 keyboards.)
+ -
story

Related Stories

Submission: Keystrokes remotely sniffed with laser by hessian (467078)
[+] Researchers Sniff Keystrokes From Thin Air, Wires 217 comments
narramissic writes "Two separate research teams have found that the electromagnetic radiation that is generated when a computer keyboard is tapped is actually pretty easy to capture and decode. Using an oscilloscope and an inexpensive wireless antenna, the Ecole Polytechnique team was able to pick up keystrokes from virtually any keyboard, including laptops — with 95 percent accuracy over a distance of up to 20 meters. Using similar techniques, Inverse Path researchers Andrea Barisani and Daniele Bianco picked out keyboard signals from keyboard ground cables. On PS/2 keyboards, 'the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna,' Barisani said. That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. Barisani and Bianco will present their findings at the CanSecWest hacking conference next week in Vancouver. The Ecole Polytechnique team has submitted their research for peer review and hopes to publish it very soon."
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Laser Sniffing Captures Typed Keystrokes From 50-100 Feet 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Not First Post (Score:5, Funny)

    by MyLongNickName (822545) on Thursday March 26 2009, @03:26PM (#27347453) Journal

    I would have had first post, but I had to close my blinds to avoid anyone spying on my leet Slashdot posting skills.

    • You misspelled 133t, 14m3r!

    • Except it wouldn't work. The sound would still reach the glass and be picked up by the laser mic.

      • Re: (Score:3, Insightful)

        by Anenome (1250374)

        If the song you play can be identified and reproduced to a good degree of the distortion created by your room and the bass levels, then removing that from the data stream is not particularly difficult. You would actually have to play two different songs at some non-standard or perhaps continuously variable playback-rate in order to create something hard to find and duplicate so that it couldn't be simply removed from the recording. It's like those Bose noise-canceling headphones, by sampling the sound as it

  • Let's... (Score:5, Funny)

    by Roadkills-R-Us (122219) on Thursday March 26 2009, @03:27PM (#27347475) Homepage

    dynamic time warp again!

  • looks like it's time to stock up on tinfoil and old reflective (mainly old aol) cds.

    imagine what the govt can do if regular scientists can do this with regular lasers (not including with sharks)

    • looks like it's time to stock up on tinfoil and old reflective (mainly old aol) cds.

      imagine what the govt can do if regular scientists can do this with regular lasers (not including with sharks)

      Consider that around 1980, they (the US Gov't) admitted to having spy satellites that could photograph a vehicle's license plate from orbit. That's what they were willing to admit to back then; you can bet that their most advanced technologies were kept secret. Then the stealth bomber was kept a secret for about thirty years. Anyone who saw one back when it was secret would have probably called it a UFO since, well, it's a flying object that couldn't be identified without proper security clearances. At

      • admitted to having spy satellites that could photograph a vehicle's license plate from orbit.

        I still have yet to see a picture of a license plate (horizontal OR vertical) from space. If they can take a picture of a flat object mounted 90 degrees at any distance from the source, I would certainly be impressed.

    • This [xkcd.com] seems apposite.

  • It's time to switch to a DVORAK keyboard [wikipedia.org]. Let them sniff that.

    • It's time to switch to a DVORAK keyboard [wikipedia.org]. Let them sniff that.

      Actually, Dvorak users tend to be the most sniffable, in the literal olfactory sense of the term.

    • Re: (Score:2, Insightful)

      by srollyson (1184197)
      I don't know if that's a good enough defense. TFA says that the laser sniffing method is "analyzing the spectrograms of frequencies from different keystrokes." Once you've got a signature for each key and a large enough typing sample, your problem is reduced to a simple substitution cipher.

  • Bummer.
    My favorite keyboards are always the loudest ones.

    • Bummer.
      My favorite keyboards are always the loudest ones.

      And your recorded keyboard sounds of innocuous typing will become your new favorite background music.

    • Make an MP3 of random key press noise and music mixed... and play it loud. Better yet write a program to play back individual key stroke noises randomly based on your normal typing speed. I too like the old click clack keyboards, I've even got spares.

  • Just type with l33t text or other slang what words ain't on the dictionary and they just cant find out what you are typing.

    Even school kids knows this and thats why they write short messages with their cell phones and for tests so the kid on the next bench can not copy what they write....

    • Just type with l33t text or other slang what words ain't on the dictionary and they just cant find out what you are typing.

      I'll just pull my tinfoil hat down over my eyes and face - that'll stop 'em.

    • Just type with l33t text or other slang what words ain't on the dictionary and they just cant find out what you are typing.

      The invisible lasers are listening. Write in codes and speak in tongues!

      Gods, we sound like madmen.

  • Apple has sloved this issue (Score:2, Funny)

    by Anonymous Coward

    http://www.theonion.com/content/video/apple_introduces_revolutionary

  • Everything I type on my keyboard is of great value, so of course spies will adopt sophisticated technologies to try to monitor me. They want to be wealthy and famous just as I have .. oh wait.

  • Line of sight needed? (Score:5, Funny)

    by dfm3 (830843) on Thursday March 26 2009, @03:59PM (#27348165) Journal
    I hear that a pair of binoculars works well for this purpose, too. I'm told that they even work through glass.

  • Just try sniffing my keystrokes! I use the on screen keyboard.

  • ...thinking of. (Not very much, though.)

  • Now I need a bigger piece of tinfoil!

    • Now I need a bigger piece of tinfoil!

      Shiny side out! Take THAT, laser.
      Though a tinfoil covered laptop might get lousy wifi reception...

  • Simple. Encrypted keyboard. (Score:3, Funny)

    by Karganeth (1017580) on Thursday March 26 2009, @04:17PM (#27348465)
    Use a keyboard which changes the entire key layout every time you press any key.

  • Get Smart! (Score:4, Funny)

    by Scrameustache (459504) on Thursday March 26 2009, @04:51PM (#27349019) Homepage Journal

    And the keystroke that was planted in my brain
    Still remains
    Within the cone... of silence.

  • For high-tech methods of electronic surveillance, I thought Stephenson's van-Eck phreaking in Cryptonomicon held the record. But laser microphones clearly win as far as range is concerned. :)

  • Line-of-sight on the laptop is needed, but it works through a glass window, they said. Using an infrared laser would prevent a victim from knowing they were being spied on.

    The reason greenhouses work so well is that glass does a decent job of blocking infrared light (hmmm... maybe someone can think up a catchy name for the effect).

    I'm not an optics wonk but I'd expect the infrared laser through a window trick would be tough to pull off. Especially so if the glass is low-e.

  • the world's first decent reason not to use a model m. (of course, if you do get sniffed using one, you'll have a much better chance of killing the bastards with it than you will with some rubber-dome POS from dell....)

    • on the contrary: !Easy to dectect (Score:4, Informative)

      by CaptainPatent (1087643) on Thursday March 26 2009, @03:32PM (#27347575) Journal

      If you go blind while you are typing, you are probably being sniffed.

      Or you are having severe problems with your retinas.

      In either case, you should feel your way to an opthamologist quickly.

      Actually, Infrared lasers only hurt eyes if you look directly into them. Using a low-powered infrared laser pointed at a keyboard wouldn't be any different than using a red laser pointed at a keyboard except that the victim would see the dot. Unless they're using a mirrored keyboard the light would be diffused and not refracted so it would be similar to looking at a resultant red dot from a laser instead of directly into a laser.

      • Re: (Score:3, Interesting)

        by DMUTPeregrine (612791)
        Also, the point is to point the laser at the window and have it reflect. By measuring changes in the angle of reflection you can reconstruct sound hitting the inside of the window. Double-pane glass with a vacuum between the panes removes this attack vector.

        • Re: (Score:3, Insightful)

          by causality (777677)

          Also, the point is to point the laser at the window and have it reflect. By measuring changes in the angle of reflection you can reconstruct sound hitting the inside of the window. Double-pane glass with a vacuum between the panes removes this attack vector.

          Is it common for double-pane glass to contain anything that could be called a vacuum? I'll admit I don't know but I always thought they just had regular atmospheric-pressure air between the panes, as an extra layer of insulation. Would you need a proper vacuum to dampen the sound vibrations enough to defeat this attack?

          • Re: (Score:3, Informative)

            by DieByWire (744043)

            Is it common for double-pane glass to contain anything that could be called a vacuum? I'll admit I don't know but I always thought they just had regular atmospheric-pressure air between the panes, as an extra layer of insulation.

            A vacuum would be great for stopping heat loss, but isn't present in any normal double pane window. Atmospheric pressure (14 lbs/sq in) * the number of sq inches in a window pane is a big number. Any pane that didn't break would be noticeably bowed.

            Some higher end double pane windows are filled with argon, since it insulates better than standard air.

            • They're filled with N2, Ar or plain air. (Score:5, Informative)

              by Xenographic (557057) on Thursday March 26 2009, @06:07PM (#27350271) Homepage Journal

              Parent post is correct. I work for a window manufacturer and our IG units are only ever filled with normal air, nitrogen, or argon.

              ("IG units" are insulated glass units, AKA double pane windows, and consist of two lites of glass with a spacer between them. They are sealed shut with PIB and silicone.)

              It's possible that they're confused by part of the manufacturing process where the IG units go through a vacuum chamber which removes all the air, before filling the units with nitrogen or argon and sealing them. But I'm quite sure we don't make any vacuum filled units. And even if we did, I have to think that at least some sound would be transmitted through the spacer that holds the two lites of glass apart.

              As if the bow wouldn't be bad enough, the vacuum would cause the windows to explode even more violently than they already do if they were broken. As someone who has seen tempered lites of glass around 6' x 9' explode, I can tell you that your living room would already be a mess of broken glass if a picture window like that broke. You really don't want a vacuum in there to make things worse. Especially given that a window that size would likely be made out of 6 mm glass...

              Well, I guess if someone was crazy enough to make a window like that, they'd use laminated glass. At least, I hope they would. Our customers are always trying to push the limits of how big you can allow a lite to get before it has to be thicker ...

          • They use argon or xenon (on the expensive ones) to insulate double (or triple) pane windows. I know this because I was a door-to-door almost-salesman for a summer. Worst. Job. Evar.

      • Re: (Score:3, Informative)

        by Yokaze (70883)

        > Actually, Infrared lasers only hurt eyes if you look directly into them.

        Someone could mistake what you are saying, so let me state the following: there is no eye-safe wave length.
        The wave-length of the laser only decides which kind of injury it might inflict to your eye, when the energy density is high enough. Granted, for UV wavelengths a lower energy density is dangerous, but the difference between visible light and infra-red can be neglected. Which is comes similar to what you are saying next.

        > U

    • You should go see Doctor Odin [slashdot.org] or another retina specialist. And yes, I know the irony of his name.

      Dr. Odin shined a high powered laser into my left eye several times. The laser is used to weld a torn retina back together, the linked journal is about the vitrectomy he performed after the retina detached.

      I would not wish a vitrectomy on my worst enemy. Becoming a cyborg [slashdot.org] is a piece of cake by comparison.

    • Basements with windows seems slightly ridiculous.

      Of course, anything with Windows seems slightly ridiculous I guess.

      [tongue in cheek, posted from Win XP..)

    • don't forget to close the blinds--the "reflection" from a white wall is reconstructable for a source from up to a dozen feet away or so, iirc, so facing your computer away from the window is no use.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.