iPhone used as a keylogging 'spiPhone'

iPhone used as a keylogging 'spiPhone'

Summary: A team of researchers has discovered a way to log keystrokes from computers simply by placing an iPhone 4 near a user's keyboard and monitoring the keyboard's vibrations.

TOPICS: Security, Apple, iPhone

A team of researchers has discovered a way to log keystrokes from computers simply by placing an iPhone 4 near a user's keyboard and monitoring the keyboard's vibrations.

(Broken iPhone 4 image by David, CC BY-SA 2.0)

The team at Georgia Tech used the accelerometer in an iPhone 4 to sense keyboard vibrations and determine what was being typed, without any connectivity to the user's computer or peripherals.

As documented in their paper, "(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers", the researchers could decipher complete sentences with up to 80 per cent accuracy, using a dictionary of about 58,000 words.

"We first tried our experiments with an iPhone 3GS, and the results were difficult to read," said Patrick Traynor, assistant professor in Georgia Tech's School of Computer Science, "but then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better."

However, it's not just the iPhone that can be used in the attack. Traynor believes that most smartphones made in the past two years would be sophisticated enough to launch an attack.

The technique works by detecting pairs of keystrokes, determining whether the pair of keys are pressed on the left or right side of the keyboard and whether they are close together or far apart.

After the system has determined the characteristics for each pair of keys depressed, it compares the results against a dictionary, each word of which has been broken down into two-letter groups and similarly classified as being close together or far apart, and used to determine the most statistically probable word.

"The way we see this attack working is that you, the phone's owner, would request or be asked to download an innocuous-looking application, which doesn't ask you for the use of any suspicious phone sensors," said Henry Carter, a PhD student in computer science, and one of the study's co-authors. "Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening."

While acoustic keyloggers, which can perform the same analysis using audio samples at up to 93.9 per cent accuracy (PDF), could be used, they would require the app to request permission to use the phone's microphone, raising suspicions.

Similar accelerometer-based keylogging has been documented for smartphones themselves, with a pair of researchers from the University of California being able to log taps on a smartphone with an accuracy rate of over 70 per cent.

Topics: Security, Apple, iPhone

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • This article is fake.
    How can an iPhone record what someone is typing?
    That is just stupid?
    I type with 2 fingers. An IT journalist would instantly know which fingers they are.
    The vibrations from all keys sound the same because I press them with the same finger and probably with the same amount of force.
    • Actually it doesn't matter what fingers or how much pressure you use. The program analyses the difference between left, right and far near sides of the keyboard. Typing with two fingers might make it easier as you have less fingers resting on the board thus softening the vibrations. I imagine the program does this via timings? not sure but it sound legit.
  • I don't think this article is fake, the science is logical and the technology is there.

    It's not measuring sound, but vibration (most likely through the desk surface). Therefore being able to determine if a key pressed on a keyboard is nearer/further, higher/lower allows you to estimate which keys may have been used. Matching that to known keyboard layout (eg. English) and then matching that to a library of words will give you a good idea of what was typed. Take a few words, spell check them, then match them to common phrases, and you're well on your way to figuring out what was typed.

    It's not that different from measuring the EMF signals emanating from various bits of electronics. If you know enough about how/what the cable is being used for you will be able to determine what data it's carrying. That is how the hopeless flawed Myki system was recently compromised.
    Scott W-ef9ad