1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Your passwords could be cracked using thermal cameras powered by

    From TechnologyDaily@1337:1/100 to All on Wed Apr 26 15:15:03 2023
    Your passwords could be cracked using thermal cameras powered by AI

    Date:
    Wed, 26 Apr 2023 14:09:28 +0000

    Description:
    Researchers show how successful thermal imaging and AI software can be in capturing key presses.

    FULL STORY ======================================================================

    Thermal cameras, with the help of AI, can be used to detect the keys you
    press when inputting your password on a keyboard.

    A team at the University of Glasgow looked at how AI, rather than mere visual inspection, can be used successfully in processing thermal images that pick out traces of heat left on the keycaps of keyboards when passwords were entered.

    The researchers demonstrated the effectiveness of the system, known as ThermoSecure, using 1,500 images of keyboards with heat traces leftover from typing. ThermoSecure

    In their first study, the researchers claim that "ThermoSecure successfully attacks 6-symbol, 8-symbol, 12-symbol, and 16-symbol passwords with an
    average accuracy of 92%, 80%, 71%, and 55% respectively, and even higher accuracy when thermal images are taken within 30 seconds." Read more

    New attack method can steal offline PC data through walls



    This new malware doesn't even need a connection to infect devices



    This devious attack turns a SATA cable into a data-stealing antenna

    They also said that "typing behavior significantly impacts vulnerability to thermal attacks: hunt-and-peck typists are more vulnerable than fast typists (92% vs. 83% thermal attack success)."

    The second study also revealed that the material the keys are made of had a significant impact on the success of thermal attacks. A common material used, the copolymer plastic Acrylonitrile Butadiene Styrene (ABS), resulted in longer lasting heat traces from presses than those on PBT keys. This meant that attacks on ABS keycaps had an average accuracy of 52%, while those on
    PBT keycaps had only 14%.

    When it comes to the equipment used, only a basic thermal camera is needed - the researchers noted that models costing only around $150 suffice. The AI software works via object detection based on Mask RCNN, which maps the
    thermal image to the keyboard keys. Variables such as keyboard localization are taken into account, before key entry and multi-press detection is
    factored in, and an algorithm determines the order of the key presses.

    Although it is unlikely you'll have a thermal camera trained on your device
    in the real world, there are a few steps you can take to secure yourself against such attacks. Firstly, as previously indicated, hunt-and-peck typists are at greater risk, so using longer passwords and typing faster where possible may help.

    Also, backlit keyboards can emit more heat, which actually helps to mask the heat signatures from pressed keys. And even if you use the most secure passwords created by a password generator , along with the best password manager possible, biometric and other passwordless options will always be better as there are no significant key presses at all from a thermal attack perspective. Use the best Identity theft protection to defend yourself
    against more common cyberattacks



    ======================================================================
    Link to news story: https://www.techradar.com/news/your-passwords-could-be-cracked-using-thermal-c ameras-powered-by-ai


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)