Laptops more susceptible to having keyboard recorded in quieter areas, like coffee shops, libraries, offices. Previous attempts at keylogging VoIP calls achieved 91.7 percent top-5 accuracy over Skype in 2017 and 74.3 percent accuracy in VoIP calls in 2018.

  • Fredselfish
    link
    fedilink
    51 year ago

    Basically if on a zoom call they can record my key strokes and steal our passwords?

    • @[email protected]
      link
      fedilink
      English
      91 year ago

      Only if you leave your mic unmuted.

      This is a troubling advancement, they all are, but the methods of countering this specific one are plentiful.

      Really, what’s needed is a more robust mute function with a good voice recognition system that automatically cuts off the mic when you’re not speaking. That, and people need to learn to use push to talk.

      • @[email protected]
        link
        fedilink
        91 year ago

        Also left out of the headline is the fact that this attack was specifically designed to be leveraged against one specific common laptop, a MacBook. Admittedly, if you are using one it can be a concern, but it’s safe to assume that unless your attacker knows the exact model of computer you are using and dedicates serious resources in to building a targeted attack like this, you’re fine.

        The tiniest variation will likely dramatically improve your security.

        As a cybersecurity researcher, there are plenty of other attacks that are cheaper and easier to implement that you should be concerned about.

        • FaceDeer
          link
          fedilink
          91 year ago

          The tiniest variation will likely dramatically improve your security.

          Security via having lots of crumbs and hair and crud built up inside your keyboard. Check.

          • Rhodin
            link
            fedilink
            11 year ago

            So, just leave it with my kids and dog for 10 minutes?

        • @C4d
          link
          English
          21 year ago

          Yes. Why go to all the trouble of doing very technical things when you can instead do moderately technical but very cunning things?

          An old episode of the defunct Reply All podcast comes to mind: “what kind of idiot gets phished?”

          https://gimletmedia.com/shows/reply-all/rnhoww/

      • @C4d
        link
        English
        2
        edit-2
        1 year ago

        How long before they can recreate enough of your keyboard and screen via webcam using the reflections from your glasses / eyeballs?

    • @[email protected]
      link
      fedilink
      English
      2
      edit-2
      1 year ago

      I mean there’s a lot of ifs here. Is your microphone next to your keyboard? Is someone on the calling attempting this with mature software? Do you they know you are typing your password or something else sensitive?

      I would imagine passwords are harder to pin down, assuming it’s like cryptography. If someone types three sentences that’s a lot of coherent data to work with. If someone types 1234BossSucks! then from a cryptography perspective, going to be a low chance to understand.

      My I’ll informed two cents.

      Edit:

      Reading more of the bot summary, and yeah, this sounds more like cryptography. If the microphone can hear your key strokes, data like the volume, timbre, overall rhythm, etc, can be collected and mapped to possible text.