Doug Tygar of the University of California, Berkeley and his colleagues used a standard microphone to record 10 minutes of noise generated by computer typists. Because the sound generated by each keystroke is slightly different, the researchers were able to generate a computer program to decode what was written. "Using statistical learning theory, the computer can categorize the sound of each key as it's struck and develop a good first guess with an accuracy of 60 percent for characters, and 20 percent for words," explains team member Li Zhuang also of U.C. Berkeley. "We then use spelling and grammar check to refine the result, which increased the accuracy to 70 percent and the word accuracy to 50 percent."
The scientists also developed an iteration program that replayed the recording on a loop to improve the computer's performance at deciphering the text, which increased the accuracy to 88 percent for words and 96 percent for characters. Things that are not accounted for and thus could throw the system off include the use of keys such as shift, control or caps lock. "It's a form of acoustical spying that should raise red flags among computer security and privacy experts," Tygar says. "If we were able to figure this out, it's likely that people with less honorable intentions can, or have, as well." The researchers plan to present their results at the 12th Association for Computer Machinery Conference on Computer and Communications Security in November.