• United States



Clicking, Clacking and Snooping

Nov 02, 20052 mins
CSO and CISOData and Information Security

The idea of snooping on keyboards has been around since the Cold War,when Soviet spies bugged typewriters in the American embassy in Moscow.Now researchers at the University of California, Berkeley, have found away to turn the clicks and clacks of typing on a computer keyboard intoa startlingly accurate transcript of what is being typed.

The researchers, including Doug Tygar, a professor of computer science,have developed software that can analyze the sounds of someone typingon a keyboard for 10 minutes and then piece together as much as 96percent of what was typed.

The technique works because the sound of someone striking an “A” key,for example, is different from the sound of striking the “T,” accordingto Tygar. “Think of a Conga drum. If you hit a Conga drum on differentparts of the skin, it makes a different tone,” he says. “There’s aplate underneath the keyboard [that is] being struck in differentlocations.”

One lesson from the study is that even randomly generated passwords arenot secure. Tygar’s researchers were able to guess 90 percent of thefive-character passwords they generated within 20 tries.

There is one easy step that users can take to conceal what they’retyping: Turn up the music. In noisy environments, it is more difficultto separate the keyboard sounds from other sounds, says Li Zhuang, oneof the students who coauthored the paper.