A team of researchers has discovered a way to log keystrokes from computers simply by placing an iPhone 4 near a user's keyboard and monitoring the keyboard's vibrations.
(Broken iPhone 4 image by David, CC BY-SA 2.0)
The team at Georgia Tech used the accelerometer in an iPhone 4 to sense keyboard vibrations and determine what was being typed, without any connectivity to the user's computer or peripherals.
As documented in their paper, "(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers", the researchers could decipher complete sentences with up to 80 per cent accuracy, using a dictionary of about 58,000 words.
"We first tried our experiments with an iPhone 3GS, and the results were difficult to read," said Patrick Traynor, assistant professor in Georgia Tech's School of Computer Science, "but then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better."
However, it's not just the iPhone that can be used in the attack. Traynor believes that most smartphones made in the past two years would be sophisticated enough to launch an attack.
The technique works by detecting pairs of keystrokes, determining whether the pair of keys are pressed on the left or right side of the keyboard and whether they are close together or far apart.
After the system has determined the characteristics for each pair of keys depressed, it compares the results against a dictionary, each word of which has been broken down into two-letter groups and similarly classified as being close together or far apart, and used to determine the most statistically probable word.
"The way we see this attack working is that you, the phone's owner, would request or be asked to download an innocuous-looking application, which doesn't ask you for the use of any suspicious phone sensors," said Henry Carter, a PhD student in computer science, and one of the study's co-authors. "Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening."
While acoustic keyloggers, which can perform the same analysis using audio samples at up to 93.9 per cent accuracy (PDF), could be used, they would require the app to request permission to use the phone's microphone, raising suspicions.
Similar accelerometer-based keylogging has been documented for smartphones themselves, with a pair of researchers from the University of California being able to log taps on a smartphone with an accuracy rate of over 70 per cent.