• Vendetta9076@sh.itjust.works
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    This isnt a new attack. Its been around for years. The newest scary development of this was that a website with a decent frontend was made for it but that was months ago. Use a password manager.

  • Grass@geddit.social
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    Time to make a keyboard that self switches between qwerty, colemak, etc and has some sort of indicator of it’s layout, and spits out random recordings of its own key presses, and you just have to be insane to type on it correctly.

  • teft@startrek.website
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    I felt a great disturbance in the Force, as if millions of mechanical keyboards suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened.

  • Alto@kbin.social
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    1 year ago

    Streamers especially are going to have to be incredibly careful going forward

    • Silentrizz@sh.itjust.works
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Not as much as you might think. A lot of audio communication softwares these days have some sort of background noise filter, not saying thay are perfect but they have been increasingly in effectiveness and adoption. My graphics card (nvidia) even supports it and works well. That plus my quiet switches, I’m not too worried about myself, or tech savvy streamers.

      The biggest target is probably the elderly and less tech savvy, who are also more likely to fall for scams, and probably have less password entropy (which would make this software more accurate).

    • Jimmycakes@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      9
      ·
      1 year ago

      They can just go back to dome keyboard that don’t make any sounds. Mechanical keyboard hype is overblown.

      • delcake@kbin.social
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        The article addresses exactly this suggestion.

        Remember, the attack model proved highly effective even against a very silent keyboard, so adding sound dampeners on mechanical keyboards or switching to membrane-based keyboards is unlikely to help.

        • InfiniteStruggle@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          What about a touchscreen keyboard? The layout wouldn’t have to change, and there needn’t be any sounds at all.

          I know it’s shitty but for high security purposes like on a bank terminal or something, shitty but secure trumps nice but insecure, right?

      • Alto@kbin.social
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Might be for you, but for whatever reason my brain really, really hates the tactile feel of rubber domes.

        I’ve also always had strong issues with certain textures/tactile feels in general

        • ludwig@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          Yeah, rubber domes suck. They are way too mushy.

          I hate how the actuation force changes a lot during a key press.

  • Dogeek@sh.itjust.works
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    What if the keyboard is not made of homogenous switches? Some reds, silvers, blues and browns thrown randomly around the keyboard ought to defeat the model, right?

    • winterayars@sh.itjust.works
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      As long as they can’t train the model on your specific keyboard yeah. If they can it would probably be even easier for it since the keys would be more distinct.

      • Dogeek@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Yeah that would make my keyboard signature even more unique. Though you could always hotswap some keys around every few weeks

  • Newtra@lemmy.ml
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    I can’t wait for passwords to be replaced with a cryptographic solution. Even with a password manager, login forms are an unnecessary waste of time.

  • MomoTimeToDie@sh.itjust.works
    link
    fedilink
    arrow-up
    7
    arrow-down
    2
    ·
    1 year ago

    How does that even work? Like, all the keys are generally manufactured to the same standards such that any physical difference in keys causing different sounds is a combination of user damage and random factory errors, no?

    • Rin@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Probably, but it’s definitely there. I managed to tell that one of my friend’s pin had the same key twice in it because i heard the same kind of sound twice.

      • MomoTimeToDie@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        I mean sure, but “same key twice” isn’t exactly a specific character to type. I mean I hit caps lock twice typing my password for this site.