With nothing but a MacBook Pro and an iPhone, researchers have managed to create a program capable of stealing your data as you type it — typing in your passwords in a Zoom or Skype call has just become a bit more dangerous.
As security measures continue to get better, so too do malicious programs and one interesting study has found that you can accurately predict keystrokes using sound waves. Though this is a scary concept, there are a few caveats.
You might want to turn off your mic
As originally reported by bleepingcomputer, researchers have trained a deep learning model to steal confidential information from keystrokes. It can use your built-in microphone to predict which keys you type with up to 95% accuracy.
To do this, it listens to keystrokes you make and matches them to previous behaviors and habits. Initially, it needs a way of recording sound and needs to know which keys you are pressing but will then be able to identify your strokes with just audio.
In the study, researchers pressed 36 keys on a MacBook Pro 25 times each and recorded all the sounds it makes. They then analyzed their waveform and produced spectrograms. Patterns were found between them, accurately guessing which key was pressed and when.
They recorded these presses with an iPhone 13 mini 17cm away from the keyboard and managed to capture strokes with a 95% accuracy from the phone, 93% accuracy from Zoom, and 91.7% accuracy from Skype. This is presumably down to lower-quality audio in those apps.
If you want to avoid a malicious actor using a program like this against you, there are a few things you should do. Firstly, don’t allow people you don’t trust to see which keys you are typing. Make sure you never type in your password when on a call with others.
Though it seems unlikely that someone is lurking in your calls to steal your data, being a little extra careful can ease any worries going into a chat. You could even try typing in your password in unique ways – making it extra long and seemingly random. This 95% accuracy means much less on a string of random letters and numbers. You could also use Apple’s own password manager to avoid this worry altogether.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
James is a staff writer and general Jack of all trades at iMore. With news, features, reviews, and guides under his belt, he has always liked Apple for its unique branding and distinctive style. Originally buying a Macbook for music and video production, he has since gone on to join the Apple ecosystem with as many devices as he can fit on his person.
With a degree in Law and Media and being a little too young to move onto the next step of his law career, James started writing from his bedroom about games, movies, tech, and anything else he could think of. Within months, this turned into a fully-fledged career as a freelance journalist. Before joining iMore, he was a staff writer at Gfinity and saw himself published at sites like TechRadar, NME, and Eurogamer.
As his extensive portfolio implies, James was predominantly a games journalist before joining iMore and brings with him a unique perspective on Apple itself. When not working, he is trying to catch up with the movies and albums of the year, as well as finally finishing the Yakuza series. If you like Midwest emo music or pretentious indie games that will make you cry, he’ll talk your ear off.