Browse Definitions :
Definition

keyboard vibration attack

Contributor(s): Matthew Haughn

A keyboard vibration attack is a proof-of-concept (POC) exploit that involves placing a mobile device near to a computer keyboard in order to use the mobile device’s accelerometer as a keylogger. 

The accelerometer detects vibrations from the keyboard and an associated application translates them into the characters being typed. Although there have been no reports of keyboard vibration attacks in the wild, Georgia Tech researchers found a method to exploit the accelerometer in an iPhone to record keystrokes.

The researchers reported a captured character accuracy of 80 percent and claim that as accelerometers progress, the accuracy increases. They discovered this capacity by observing that the exploit functioned with higher accuracy on the newer generations of iPhones.

Although the research was conducted on Apple phones, the Georgia Tech researchers note that similar exploits could target other mobile devices and operating systems. The research follows similar investigations and discoveries involving the possibility of exploiting cameras, microphones and even status LED micro-pulses to reveal sensitive information such as passwords or financial details.

 

This was last updated in May 2015

Continue Reading About keyboard vibration attack

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I saw an article on this a while back. If you left your phone on and on your desk near your PC keyboard, they claim it can pick up the tactile keystrokes on the PC keyboard and record them like any other key logger. I'd have to see it to believe it.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • Transport Layer Security (TLS)

    Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating ...

  • van Eck phreaking

    Van Eck phreaking is a form of electronic eavesdropping that reverse engineers the electromagnetic fields (EM fields) produced by...

  • zero-trust model (zero trust network)

    The zero trust model is a security model used by IT professionals that requires strict identity and device verification ...

SearchHealthIT

SearchDisasterRecovery

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

SearchStorage

  • solid-state storage

    Solid-state storage (SSS) is a type of computer storage media made from silicon microchips. SSS stores data electronically ...

  • persistent storage

    Persistent storage is any data storage device that retains data after power to that device is shut off. It is also sometimes ...

  • computational storage

    Computational storage is an information technology (IT) architecture in which data is processed at the storage device level to ...

Close