Sounds from typing could be security risk - study

SAN FRANCISCO: Forget about watching, Big Brother may be listening.

Sounds from typing on computer keyboards are distinctive enough to be decoded, allowing security breaches caused by "acoustic snooping," University of California, Berkeley researchers said on Wednesday.

The researchers said they were able to feed sound recordings of typing on keyboards into a computer and use an algorithm to recover up to 96 percent of the keyboard characters entered by typists.

"It's a form of acoustical spying that should raise red flags among computer security and privacy experts," said Doug Tygar, a Berkeley professor of computer science and information management.

"If we were able to figure this out, it's likely that people with less honorable intentions can -- or have -- as well," Tygar said.

The research builds on earlier work by International Business Machines Corp. researchers who were able to recover 80 percent of text from keyboard recordings.

That research relied on the same typist using the same keyboard and an algorithm trained with known text and corresponding sound samples.

By contrast, the algorithm in the Berkeley study adapts to typing patterns of multiple typists and overcomes background noise such as music or ringing cell-phones. Also, no special recording equipment was required; keystroke noise could be recorded using off-the-shelf gear.

"The message from this study is that there is no easy escape from this acoustic snooping," Tygar said.

But computer security expert Peter Tippett said that while such research is interesting, the prospect of such spying should not concern individuals worried that employers would use it to monitor them or businesses fretting over possible snooping by rivals.

"It's like worrying about anvils dropping on automobiles," said Tippett, founder of Cybertrust Inc., a Herndon, Virginia-based information security services company. "There are all kinds of attacks like these but they are only relevant to top secret organizations."