Smartphones are a perfect portal for hackers, given that they are constantly “on” day and night.
But what you probably didn’t realize was that your computer’s info could be hacked by a nearby smartphone that’s intercepted the sound of your typing.
Researchers at Southern Methodist University’s Darwin Deason Institute for Cybersecurity discovered that the sound waves that are produced when typing on a computer keyboard can be picked up by the sensors in a smartphone. Those sounds picked up by the phone can then be analyzed by a hacker, who can figure out which keys were struck and which words were typed. (The hacker and the person with the computer would need to share a few of the same apps).
“We were able to pick up what people are typing at a 41% word accuracy rate. And we can extend that out – above 41% – if we look at, say, the top 10 words of what we think it might be,” lead author Eric C. Larson explained in a release.
Loud typers sink ships
The hackers can zero in on who they want to target – the sound waves can be picked up even in loud conference rooms where other people are typing and having conversations. The researchers discovered this by setting up a mock “conference room” environment, with several people talking to each other and typing on laptops. Up to eight smartphones were placed around the room.
“We were looking at security holes that might exist when you have these ‘always-on’ sensing devices – that being your smartphone,” Larson said. “We wanted to understand if what you’re typing on your laptop, or any keyboard for that matter, could be sensed by just those mobile phones that are sitting on the same table.”
It could. Researchers suggested that a revamp of the smartphone was in need.
“Based on what we found, I think smartphone makers are going to have to go back to the drawing board and make sure they are enhancing the privacy with which people have access to these sensors in a smartphone,” said Larson.
The study was published in the June edition of the journal Interactive, Mobile, Wearable and Ubiquitous Technologies by lead authors Eric C. Larson, assistant professor, SMU Lyle School’s Department of Computer Science, and Mitch Thornton, director of SMU’s Deason Institute of and professor of electrical and computer engineering, and co-authors.