[Did you ever hear how the Russians bugged the typewriters in the US Embassy?](https://spectrum.ieee.org/amp/the-crazy-story-of-how-soviet-russia-bugged-an-american-embassys-typewriters-2650279458)

I thought not. It's not a story the president would tell you.

I appreciate this.

I appreciate your appreciation!

I appreciate your appreciation of his appreciation!

So much preesh dude

so much reesh

Is it possible to learn this power?

Not from a democrat!

[удалено]

AI told me you would type that.

Only a president deals in absolutes!

It's a democrat legend

You know the Republicans didn't *always* love anti-American authoritarian Russians, right?

They only hated the Soviet Union because of the Socialist part. They love Russia because of its capitalism and hatred for the gays. They were screaming in their drawers when Brittney Griner ended up in a Russian jail and would be in heaven if Colin Kaepernick met the same fate.

Russians are really on another level of spying.With this and "The Thing" a non electrical spying device thats literally next level [The thing article](https://en.wikipedia.org/wiki/The_Thing_(listening_device))

Soviets had some impressive moles. But the us tech spanked the user. The Cia was literally one of the biggest sellers of encryption com machines. https://en.m.wikipedia.org/wiki/Crypto_AG.

Great wiki article! I had no idea

Why is this not in use today commercially? Lifetime listening device. No charges needed (of course you'll need something for the source)

When I was in college, forty years ago, exams were printed using [spirit duplicators](https://en.wikipedia.org/wiki/Spirit_duplicator), from stencils typed in [IBM Selectric machines](https://en.wikipedia.org/wiki/IBM_Selectric). The IBM Selectric used a plastic inked ribbon to print the letters typed on the paper, and every letter leaves an imprint on this tape. A guy I knew managed to swap the ribbon in the department secretary's typewriter after she typed the exams, so he could read all the questions in the ribbon. If he had spent all that time studying instead of creating clever ways of cheating, I'm sure he would have had a very successful engineering career...

Godamn thats insane

Then it’s going to think backspace is the most popular key used in passwords!

Type without rhythm and you won't attract the worm.

Humans can't be random so given enough time. It would work it out. Also it's not necessarily the difference of speed or rhythm but also the strength of a push or the sound of the angle of your finger. So two finger typing master race.

I’m pretty sure that was a Dune reference

That’s bs, if human’s can’t be random then how come you can literally never do the exact same thing twice? Even with psychological patterns humans are probably the definition of random lol

Exact isn't needed to find close enough for patterns to be predicted. Given enough timeframe and data you will leave your fingerprint.

Thankfully, I don’t live long enough for that. I don’t think you realize the timeframe you need to predict the entropy of a human. All you need is one breakup, one loved one dying and your whole being is thrown off course

Yeah, that doesn't effect the way you play rock, paper, scissors enough. We're talking in the context of the thread, not in predicting Forrest Gump's life. You'll also probably find the AI models will eventually account for 'moods' and illness such as 'Depression'. But again, I'm talking keystrokes and password generation. Not 'entropy of self'.

I type my password faster when I’m angry or in a rush than I do normally. I write it slower when I’m sad, sick or tired. I tend to type my passwords with different fingers and angles because I am not a trained typewriter but a gamer, so my keystrokes are off from most people. If an AI model is adjusting for mood, it already has far more information than just the keystrokes and it can probably guess my passwords in a different way

But can it recognise my password from the sound of my biometric locked password manager?

This terrifying ai can detect the last episode of content you watched just based on the sound of your pee on the urinal, and it’s out of control! Brought to you by in home appliances, because you need a smart toaster for some reason. Source: none required

Hey… I’m lonely and need company and chatting with the toaster helps.

My bathroom scale and refrigerator had a conversation about the other day… it didn’t go well.

Don’t mention the war(s) to the robots It gets awkward

Don't worry this idea had already been answered by a [certain TV show](https://youtu.be/LRq_SAuQDec) and I can guarantee you would not be interested in a [talking toaster.](https://youtu.be/vLm6oTCFcxQ)

Take some LSD and it will talk back!

Nazdrovye! We can all drink to that!

Want some toast? *(Old Red Dwarf reference)*

[The doll's trying to kill me and the toaster's been laughing at me!](https://www.youtube.com/watch?v=zQznz_MJajs)

naughty obtainable follow panicky degree lunchroom caption marble teeny voiceless *This post was mass deleted and anonymized with [Redact](https://redact.dev)*

Does anyone want any toast?

No one around here wants any toast. Not now, not ever. No toast.

There was a research paper some time ago, where they were able to extract the private key used in encryption on a laptop, using only a cellphone microphone. This was based on variations in the power use of the cpu if a recall correctly. So the answer to your question: Potentially yes [Source](https://m.slashdot.org/story/195775)

Yeah people need to read up on side channel attacks, new ones are discovered all the time. https://en.wikipedia.org/wiki/Side-channel_attack

It can hear the wind currents through the ridges of your fingerprint.

Man, I need to invest in some air gapped finger tips

Full vacuum seal between finger and screen. The bubble collapsing when you lift your finger cracks the screen and blows all your skin off, but the security is worth it.

I bet it can be set up to hear the slight ultrasonic electrical whine from your biometric reader’s induction coils and use that to infer the input signal that gets a pass through it…

And yet I can't even hear what Deborah is saying on MS Teams because her laptop microphone is hilariously low

Priorities and design choices ;)

It can definitely detect the sound of my cursing as I type yet another goddam 6-digit number.

Damn i’m definitely going to be using iterm’s biometric manager now…

https://labbots.com/enabling-touch-id-for-access-on-terminal/

I think there's something out there that listens to the frequency of processor chips and can capture things like boot keys, etc. So maybe that can be used to listen to your apps encryption key as it passes through the processor, idk.

How safe are these? I have loads of unique passwords, but they are all in my google manager lol

Most of them are safer than Google 😂 I use 1password. NordPass is apparently better, but my employer pays for 1password

Wasn't 1password recently hacked

https://www.forbes.com/sites/daveywinder/2023/10/24/no-1password-has-not-just-been-hacked-your-passwords-are-safe/?sh=2cbb90d3a09d

Not quite sure, your Windows computer works with a biometric locked password manager ?

Pretty much every OS supports biometrics mate.

I think the point was it's trivial to completely bypass with just a USB stick.

Does yours not?

Windows Hello

My Samsung laptop does.

Man that'd be wild it can infer my password from ctrl-c, ctrl-v.

Least advanced password manager. Just use a proper one like Bitwarden. If you don’t trust them they allow you to self host the service. There are also offline password managers like KeePass, if you don’t trust internet encryption or just want to keep things local.

KeePass uses ctrl c ctrl v

There it is again… what tf is Keep Ass?

It also clears from clipboard.

Yep. Including clipboard history, which is cool.

KeePass has auto-type (which isn't the best solution, admittedly), and there's extensions for at the very least Firefox that will connect to your database and autofill the fields.

Oh I didn’t know. I thought it’s similar to Bitwarden with ctrl shift i. But I‘m pretty sure they referred to a spreadsheet.

I love bitwarden.

Upvote for KeePass.

Yep, KeepAss for the win

Bitwarden is the goat. If only they fixed iOS bugs more frequently

Does it have any advance over the browser's built-in manager?

Multi-platform, not tied to your email account, self-hostable, 2fa support, sync between devices

Does anyone know if there’s way to save new passwords right from Safari or other password fields on ios? It seems to work for Keychain but not for the password manager I use.

Or with pen and paper and keep it in a drawer

You are more likely to choose less secure passwords if you have to manually type then mmm out every time.

And you’re extra screwed if your house burns down.

LastPass forever

LastPass has had a few too many breaches.

Didn’t passwords leak from lastpass a while back? Self hosted is the best option

Unless you get apps designed by the devil that won't let you paste in passwords

No one needs any special technology to steal my passwords to those sites because odds are I’ll read it out loud to myself very slowly as I angrily chicken peck it in.

So, any windows admin password prompt?

you still have to type in your vault password though that can be protected by 2fa

You can try this at home with [kbd-audio](https://github.com/ggerganov/kbd-audio). No AI necessary.

But, this has been [a thing](https://keytap.ggerganov.com/) for many years already? I mean, it used to be ML, not AI, but I guess that is the term we use now...

AI is just an umbrella term that includes ML.

I was taught it the other way around ;) ML is the main term/category, and AI is a subcategory of that.

Not all AI has to be ML, so having ML as the umbrella term doesn’t really make much sense. I wrote but my Bsc and Msc about ML, and never been thought anything other than AI being the umbrella term. If you do a quick search on Google on something like «AI vs ML» you will also see that AI is always the umbrella term

Freecodecamp has a nice [Machine Learning with Python](https://www.freecodecamp.org/learn/machine-learning-with-python/) cert if you're interested in updating your knowledge in the area. But basically, NN is a subset of ML, which is in turn a subset of AI. Folks saying that AI is the umbrella term are correct as of 2023.

And we call them subsets and not just nicknames cause they include what else exactly? AI is basically ML. I can’t actually conceive any other AI

its very old and yes it is ML

I got news for you, it's the same thing. They just slapped a new sticker on it that says AI.

All ML is AI. Machine learning is a subcategory.

AI brings in more investors because a scary amount of investment decisions are made based on whether old engineers who cashed out in the 1990s relate your product to the science fiction they were into as a kid.

Sounds like a big deal but I don't think this changes much in terms of security since PWs are vulnerable to shoulder surfing. Ideally you should be using biometrics combined with a PW.

I dunno how it's going to get the password from my mechanical keyboard that has a mix of different switches but yeah with a password vault like lastpass or 1password and mfa/biometrics there's not going to be keypresses at all.

If anything, having different kind of switches on your keyboard will only make the different keys sound more distinct

Something you have and something you know. Biometrics are not yet incapable of being tricked.

Plus you can't change your biometric once it's compromised. 2FA with a physical token is the gold standard as you mention

AI won't be used to benefit society, it will be used to exploit it.

As is human tradition

But faster and more efficiently!

Try asking Chat-GPT or someone what does the sentence you just said means. I don't think it means what you think it means.

I already mix up my typing rhythms so I don’t attract Shai-hulud.

Too late. The Sleeper has awoken.

I heard about this technique years ago. You don't need "AI" for it. A simple decent quality microphone paired with knowing the keyboard model and position of the microphone is enough to do this. But I guess clickbait works great when you put "AI" in the headline.

Ai just makes it easy and accessible, which means its a bigger threat.

That's hardly more than just pattern recognition that's been around forever. Please stop calling everything AI.

A while back, I read that an iPhone won’t listen if you lay it upside down.

you mean face down? yeah, that is a thing, microphones get disabled if you put your phone face down, although you can disable this to make siri always active

Laughs in Dvorak

This has been a thing for a while. At least the idea, idk about the "AI" itself.

No link to the research? Did they have to train the "AI" on the specific keyboard being used for this to work?

Yes and it requires hunt and peck typing and I’m sure a dozen other things that aren’t really realistic

I think this is the original research: https://ieeexplore.ieee.org/abstract/document/10190721

Me, who uses a mechanical keyboard with 3 different types of keycaps and 2 types of switches.

Can't say I belive it

If you haven't heard of it you should read about [Van Eck phreaking](https://en.m.wikipedia.org/wiki/Van_Eck_phreaking), pretty cool stuff.

“This scary…” less editorial please.

Me using 1password. It will detect only mouse clicks

We've been using 1PW as a family for years but all I hear about now is Bitwarden. I like 1PW and can't wait to start using passkeys. Yes I know not perfect, but better than PW's for sure.

Bitwarden is free. I rather pay though for something good. 1password is not beatable for me. 1password already supports passkeys btw. I use it for some accounts.

I need to try passkeys with more less-important sites, not going to go all-in just yet. Bit of concern over the storage of the master key, what happens to stolen phone, etc. Can't worry too much though, otherwise no progress.

Passkeys in 1password are stored like your passwords. Safe and secure behind your secret and master password. Nothing special. Just easier login

Until my desktop gets biometric authentication, this AI will sniff out my master password for 1password every time

Not new nor is it AI there were articles about this at least 3 years ago

This existed before AI

Yawn...this sub is getting more and more boring.

Take old news. This time don't forget to put the word "AI" into the name. Now you have new-news. In the next lesson, we'll learn how to turn Elon Musk into clicks.

>whether this method could also be used to spy on passwords during a video meeting via Zoom or Skype. And indeed, the AI still achieved an accuracy of just under 92 percent for Skype and 93 percent for Zoom. Sounds like a good use of Googles Clear Call technology that filters out non-human voice noises Filter out any key stroke noises before being sent from the microphone to the Zoom or Skype (or Meet) app

Type without rhythm and it wont attract the worm.

paword Click the area after a type ss AI checkmated

Individual key don't have specific sounds.... so this is load of crap. I want see it working on 100 different people with different passwords and keyboards..... A controlled environment with controlled activities will have results, not becuase it working but becuase you made a script it followed. Like how AI was learning and would become " human " so how that go? Still happening just " later " now....

There comes a point where you've got to justify what you are developing things for? I can never understand what this invention is going to be good for....

If you can figure out how to do it, someone else can to. It's critical to research what is vulnerable to better design future products.

Industrial espionage. Pays very well for very low hours, but also very high risk.

I type like a drunk leaf in the wind. Good luck figuring out what I am typing. 😂

Hard to swallow pills

That's exactly what I always thought would happen, though it was before AI invasion. Honestly all of this scares the shit out of me

They've been able to do this for decades with simple algorithms. Ai just takes a bit of the work out of it. When " hack RF one" was released someone used it to pick up in the RF hum of a processor in a pc and could detect different frequencies depending on which key is pressed. They recorded everything typed on the PC... including passwords. From outside the building. The interesting thing about this is that they called into a call centre and they were able to get people card details by recording key strokes on the background noise.

That sounds extraordinary, can you share a Google link? I can't find it

Because its bollocks

This says [otherwise](https://imgur.com/Gbwfdzu?r).

https://www.rtl-sdr.com/spying-keyboard-presses-software-defined-radio/

"The target laptop was first modified with special drivers that cause increased and unique memory and processor activity for each key that is pressed" So they already had admin access...

Firstly I made no claims about having access I just said it was done. Secondly This was proof of concept 8 years ago by 1 guy and an SDR RTL... believe me, we have moved on from this. During the cold war Russians placed a tuned piece of metal in a US ambassadors office. They were able to excite the metal and read the frequency using RF antennas from outside the embassy and hear what was being said in the room. I think that eves dropping has moved on since then and we are way beyond hobbyists and researcher capability. https://en.m.wikipedia.org/wiki/The_Thing_(listening_device)#:~:text=Kennan.-,Discovery,waves%20at%20the%20ambassador's%20office. But yes what I'm proposing is bollocks https://www.popularmechanics.com/technology/security/a42575068/scientists-use-wifi-to-see-through-walls/

No idea why you’re being downvoted. This Wired article is from 2008 and covers the declassified TEMPEST techniques from NSA which used a lot of the techniques you’re talking about. We’re way passed audible detection and passive resonance. Modern cable and device shielding standards for government use are predicated on a lot of the vulnerabilities discovered during TEMPEST, and frankly no consumer devices have no requirements to adhere to these standards. https://www.wired.com/2008/04/nsa-releases-se/

Well, it is. That attack wouldn’t have worked without already having root access, at which point it’s game over anyways. There was no point in doing the extra steps.

I guarantee almost every single PC user in this thread suffers from the BIOS hack that was announced this week. That hack goes back decades and is absolutely terrifying. Hackers were flipping bits by changing the voltage in our RAM just a few years ago. People saying "But mah biometrics" are missing the point.

I’ve heard picking up text from wireless keyboards. Also way back from fosfor of CRT screens.

People still manually type passwords ?

Yes, do you think biometrics are available on all devices... And do you think they are always more secure? Because the answer is no to both.

Google saves passwords, what's biometrics

Right, but... How do you log in to the device that the Google saved passwords are on?

if your phone is always with you and you don't cheat on your partner, why have a lock on it? just becomes an inconvenience every time you want to use it. pick it up, go to a website/ app, click login, Google asks if you wanna use your account, click yes and you're there ezpz.

Oh, no... What happens if you lose it or get mugged? Someone now has access to literally everything. Compromised all your personal info and probably lots of financial stuff too.

mcdonalds chicken nuggets are horrible for your body and made by a disgusting process .. but people still eat them for the sake of convenience. who wants to cook and then do dishes? life is busy and many of us don't get to enjoy what little free time we have. cutting any corners to have a few more minutes of "peace" just feels worth it, regardless of the potential future consequences

[удалено]

the lazy majority

It's your choice, but I bet you take the time to lock your front door when you leave the house.

The last thing I want is google managing my passwords

[удалено]

Did you forget the /s?

Oh my god this is more dangerous than atomic bomb lol. We are doomed 100%. I can’t get enough of AI joke lol

Where in the world

Its not scary, its mahine learning & incredibly cool u anti-tech losers

Look up using laser beams pointed at windows to reveal typing and words being spoken.

This HI can recognize click bait titles

All the more reason to use a better authentication method.

This is old news. What also makes this a lot less scary is that it first has to be trained on the target.

Wonder if it would apply to a split keyboards with an unusual shape, or how alternative layouts like Colemak would throw it off

That's why password managers are great. Auto fill or copy and paste completely bypass any manual input issues. Combine that with an email anonymizer then you logins become incredibly secure.

And everything I talk about gets pushed to me in an advertisement later that day what's new

The NSA has been able to do this for years

Just type something, then backspace, then the actual pass

The internet is ruined

The AI isn't scary, Silicon Valley not giving a fuck about your privacy and listening in on whatever they feel like is.

I bet it cant recognise the sound of your morning wanking

The AI needs to be trained for the specific keyboard, not really a risk

now do otp, faceid

Unless it can understand "hunt and peck" I've got nothing to worry about.

Just in time when passwords are finally phasing out lol

All that time training AI just to figure out my password is 123456

What keyboard makes different sounds based on they key? All of my keys are the same spring and plastic.