[DMoya]

Bruce Schneier recoge en su weblog un interesante trabajo en el que unos investigadores de la universidad de Berkeley demuestran cómo, grabando el sonido que alguien hace al teclear durante 15 minutos, es posible averiguar en un 95% el texto escrito.

"We examine the problem of keyboard acoustic emanations. We present a novel attack taking as input a 10-minute sound recording of a user typing English text using a keyboard, and then recovering up to 96% of typed characters. There is no need for a labeled training recording. Moreover the recognizer bootstrapped this way can even recognize random text such as passwords: In our experiments, 90% of 5-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80% of 10-character passwords can be generated in fewer than 75 attempts.

Our attack uses the statistical constraints of the underlying content, English language, to reconstruct text from sound recordings without any labeled training data. The attack uses a combination of standard machine learning and speech recognition techniques, including cepstrum features, Hidden Markov Models, linear classification, and feedback-based incremental learning."

Aquí un pdf con los resultados del estudio.