We already know that the phones they spy on us all the time, even when they're off. They hear our conversations and everything that happens in our environment. And that any application with access to the microphone can use that data for your benefit. But now it turns out that not only do they listen to our voice, they also listen to the keys that we press on the screen. And it does not do any good to lower the volume or mute the sound. That's not what they hear: every time you press the screen, the touch generates a wave that propagates on the surface and can be picked up by the microphones.
What is this for? Well, it's a golden opportunity for cybercriminals, especially now that an investigation of the University of Cambridge has shown that an artificial intelligence can discover passwords by processing the vibrations your finger produces when you touch the screen. According to the study, the microphone perceives the vibration and transfers that information to a software equipped with artificial intelligence that relates the distortions of the waves with the locations of our touches on the screen. Thus, the software records what combination of letters and numbers you are pressing to unlock the phone or to access a web page.
Although in many other cases artificial intelligence is used to anticipate cyber attacks, this time its effectiveness is on the side of the evil hackers. To train the AI, the people in charge of the investigation recorded the signals of two phones with a double microphone. The algorithm only needed three attempts to correctly predict more than 80% of the digits typed. Learn fast and, the more information you receive about your typing, the more rigorous it will be with passwords. Even so, it is an experimental project: the paper The process of reviewing other scientists necessary for publication in a scientific journal has not yet passed.
This software has proven to be effective, but we do not make it very difficult either. Year after year, and since 2011, the most used password to access the devices and the different online accounts is still 123456. The security application provider SplashData produces a ranking of the 25 most used characters every year by Internet users. and, therefore, the most vulnerable. The simplest continue to crown the podium: the second place is occupied password (password, in English) and the third, 12345678. We deserve it.