In association with heise online

12 July 2011, 15:10

Worth Reading: Automated shoulder surfing for tablets

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Thinkst logo The researchers at Thinkst have a new twist for the art of shoulder surfing – the technique of reading someone's password by watching what keys they press – they are automating it for tablets. In an article, the researchers show how tablets make shoulder surfing easier because on-screen keyboards illuminate the keys that have just been pressed to provide feedback.

Then, using the open source computer vision library OpenCV and their own code, they show how to automatically locate the on-screen keyboard and read the blue feedback flashes to reconstruct the keystrokes.

The ThinkST software analyses some captured video of a password entry

A blog posting has more videos, while a page on Thinkst's site goes into more detail and is also available as a pdf documentPDF. The researchers' conclusion is that "in an attempt to provide feedback to users, current mobile devices take 2 security steps backwards leaving us less secure than we were in the past".


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit