In a recent study led by University of California, Irvine, researchers find that traditional keyboard sounds can be decoded during skyping. This means typing while skyping could compromise privacy.
The finding is published online in arXiv. In the paper, researchers described a security breach whereby keystroke sounds, or acoustic emanations, could be recorded during a Skype voice or video call and later reassembled as text.
Skype is used by a huge number of people worldwide. According to the authors, during a Skype video or audio conference, the keystrokes are subject to recording and analysis by the call partners.
They can learn exactly what the user types, including confidential information such as passwords and other very personal stuff.
Moreover, people who talk on Skype are not always friends and do not always have mutual trust. For instance, a call may happen between lawyers on opposite sides of a legal case, between business competitors or diplomats representing different countries.
Researchers said that it is possible to build a profile of the acoustic emanation generated by each key on a given keyboard. If the sound of someone typing is recorded, each keystroke can be analyzed and matched to a key using machine learning techniques.
In the current study, researchers found that if attackers have some knowledge of the typist’s style and information about the keyboard, they have a 91.7% rate of accuracy in guessing a key pressed by the victim.
If snoops are oblivious to both the typing style and keyboard, they still have a 41.89% chance of identifying which keys are being struck, since the English language has a well-known frequency distribution of letters.
Researchers suggest that the touch-screen keyboards on many smaller devices, such as smartphones and tablets, are not susceptible to these attacks. Laser projection, or holographic, keyboards are also immune.
News source: University of California, Irvine.
Figure legend: This Knowridge.com image is for illustrative purposes only.