He first one is a known issue which is why professional image modifiers will run their modded images through an analog stage (take a picture of the screen with a film camera then scan the developed picture)
The second one is pure bullcrap. That story is a modification of a story from the spy vs spy genera. That story is that some spy in the german office who was a secretary learned how to type in morse code patterns, so they would type out german secret documents for the german high command and while they were typing the noise of their typing was transmitting morse code of those documents to an off hook phone that was on a call to an accomplice. That story was a modification of the actual reality, documented here: https://people.duke.edu/~ng46/collections/crypto-underwood.htm I guess the AI proponents are so desperate for people to believe that AI is the greatest thing since sliced bread they will invent anything. AI in computing is just another Microsoft Bob. In 5 years it will have some solid niche applications but everyone will be laughing at the current ideas of AI putting us all out of work and most of the AI dumped into the next version of Windows will have been deprecated as being worthless. Ted -----Original Message----- From: PLUG <plug-boun...@lists.pdxlinux.org> On Behalf Of Keith Lofstrom Sent: Thursday, January 11, 2024 2:52 PM To: plug@lists.pdxlinux.org Subject: [PLUG] Password guessing with a microphone This shades towards plug-talk, except that it specifically involves how we configure and use our Linux computers. ---- I use keyboards with clicky keys, sometimes in the same room as devices with microphones. I read the mostly excellent "A History of Fake Things on the Internet" by Walter Scheirer, 2024 Stanford University Press, reminding me that everything we do leaks information. The book points out that every pixel on a specific digital camera imager has a different offset and gain - when you post two photos, the pixel field can be analyzed to show they come from the same imager, even if cropped or modified in GIMP. The techniques can easily detect image tinkering. I was surprised to discover that the citation trail leads to a paper I wrote for an integrated circuit conference, decades ago (with a zillion cites, I've earned tenure of I want it). All your web photos are belong to us. --- Anyway, physical keyboard keys will also have these small variances, but mostly, so does your individual typing style. A computer microphone hearing me type this would notice a lot of backspaces; I type somewhat spastically. After listening to a large enough corpus of typing, and RECORDING ALL OF IT, and ANALYZING THE HELL OUT OF IT, a smart-enough AI-like program could make some accurate guesses of what specific keys I am typing. Also what keys I ALREADY typed in past sound recordings, perhaps YEARS ago, with a long-enough audio recording file. Including the SPECIFIC key sequences that I type entering passwords. Some websites and apps require that frequently. MANY training opportunities for a clever program hooked up to a microphone, perhaps a parabolic dish microphone blocks away, pointed at the outside window of my office. I just added some sound damping to that window. Yes, I've changed my passwords, but not the brain that remembers them and the hands that type them; my mind and muscles follow patterns that can vastly narrow down the brute force search space for a password that works. The passwords may be machine-generated random strings; my small hesitancies and mistakes while typing a random string will also show up in an audio record. Bracketed by my grumbles: "type my password AGAIN???" Typical phone conversations are less than 10 kilobits per second compressed (with pauses); for a 2000 hour work-year, 10% typing time, that is less than a gigabyte per year. With SSDs costing $30 per terabyte recently, that is 3 cents a year per target. Stored forever. The surveillance microphone will cost a lot more, but mass-produced electronics can be cheap as well. If the "microphone" is a hack on your smart phone, perhaps government sponsored ... ... well, time to respond with "can't happen here" or "why would they target me" or "xkcd/538 Security pipe wrench", but then, that's what THEY want you to think. It is amusing that some prefer that we waste our paranoia on the poor and the foreign and the sexually different. Or on the agro-Americans who suffer those sad paranoias. But then, that's what THEY want you to think. Sweet dreams! Keith L. -- Keith Lofstrom kei...@keithl.com
