Home Resources Blog New Insider Attack Steals Passwords by Reading Thermal Energy from Keyboards

New Insider Attack Steals Passwords by Reading Thermal Energy from Keyboards

Admin Globaldots
09.07.2018
image 1 Min read

After entering a password, your regular computer keyboard might appear to look the same as always, but a new approach harvesting thermal energy can illuminate the recently pressed keys, revealing that keyboard-based password entry is even less secure than previously thought.

Computer Science Ph.D. students Tyler Kaczmarek and Ercan Ozturk from UC Irvine’s Donald Bren School of Information and Computer Sciences (ICS), working with Chancellor’s Professor of Computer Science Gene Tsudik, have exploited thermal residue from human fingertips to introduce a new insider attack — the Thermanator.

Their paper, “Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry,” outlines the rigorous two-stage user study they conducted, collecting thermal residues from 30 users entering 10 unique passwords (both weak and strong) on four popular commodity keyboards.

As noted in the paper, results show that entire sets of key-presses can be recovered by non-expert users as late as 30 seconds after initial password entry, while partial sets can be recovered as late as one minute after entry. The study further revealed that hunt-and-peck typists are particularly vulnerable.

Image Source

Read more: Help Net Security

Learn More

What is FinOps? The Complete Guide
Cloud Cost Optimization
Nesh (Steven Puddephatt), Senior Solutions Engineer @ GlobalDots 31.05.23

While cloud-computing supports immense innovation – providing limitless resources in the pursuit of greater output and agility – public cloud end-user spending is projected to reach a staggering $600 billion this year. Hyperscale cloud vendors remain driving forces behind this growth, having proven their salt as highly strategic launchpads for digital transformation. The competition for […]

Read more
Cloud Cost Optimization: A Strategic Approach to Business Expansion
Cloud Cost Optimization
Francesco Altomare, Southern Europe Regional Manager @ GlobalDots 18.05.23

FinOps is a strategic framework designed to manage and optimize cloud costs effectively. It’s a transformative approach that brings financial accountability to the forefront of the variable spend model of cloud computing. This model allows businesses to gain a firm grip on their cloud expenses, ensuring that every dollar spent is accounted for and utilized […]

Read more
AWS Data Transfer Cost Optimization: Everything You Need to Know
Cloud Cost Optimization
Nesh (Steven Puddephatt), Senior Solutions Engineer @ GlobalDots 17.05.23

While AWS services provide a wealth of mission-critical services – storing over 2.2 trillion objects in S3 – many organizations are left floundering in the solution’s complex pricing structures. Spanning transfer types and geographies, data transfer costs can be hugely unpredictable and rapidly get out of hand.  Below, we leverage decades of industry experience to […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo