Long a theoretical threat, the observation of typing patterns has been refined into a "a highly practical attack" aimed at user anonymity over the internet.
Ars Technica's Dan Goodin reports on a devilish profiling technique entering maturity.
The gathering of unique keystroke characteristics is an example of what's known as behavioral biometrics, or the measurement of something a person does, such as speaking, walking, or typing. So far, Thorsheim and Moore say, several banking websites appear to be using keystroke profiling to perform an additional layer of authentication on site users. In theory, such an approach could allow the sites to detect account hijackings, even when the attacker enters the correct username and password. … To be fair, behavioral biometrics is by no means a new field of study. As evidenced by this Slashdot thread from 2007, people have long recognized the potential of using it to identify people behind a keyboard. There's also a huge library of research papers showing how to profile and de-anonymize browsers connecting over Tor. Still, if banks and other sites can use the technique to create reliable and accurate profiles of customers, it stands to reason that governments around the world can and do profile people of interest.
Keyboard Privacy is a Chrome plugin that subtly randomizes the rate your keyboard actions are injected into the browser environment.
Security consultant Paul Moore writes about Behavioral Profiling: The password you can't change.
Last week at Defcon, a security researcher named Smea presented their findings on vulnerabilities in the Lovesense Hush, an internet-of-things buttplug that has already been shown to have critical privacy vulnerabilities.
Few states have voting machines that are simultaneously more obviously defective and more ardently defended by the state government than Georgia, where 16-year-old touchscreen systems are prone to reporting ballots cast by 243% of the eligible voters and where gross irregularities in election administration sends voters to the wrong polling places or sends co-habitating husbands […]
Apple's Faceid -- a facial recognition tool that unlocks mobile devices -- has a countermeasure that is designed to prevent attackers from scanning an sleeping/unconscious (or dead) person's face to unlock their phone, by scanning the face for signs of consciousness.
It’s a great time to be a maker. 3D printers are on store shelves for anyone to buy, and coder kits like Arduino and Raspberry Pi are letting kids as young as 9 or 10 dive into the Internet of Things. Here are a few examples of our favorite tech toys, all priced low enough […]
Want to make a hit? The right software is out there for anyone, but any music producer will tell you that finding the right sound can still take time and talent. Still, the right tools are a great shortcut, which makes this Synth & Sound Pack Bundle absolutely priceless. And now that it’s on sale […]
Let’s face it: People at the gym aren’t bragging about their headphones. If they were that great, they’d be listening to them instead of talking about them. So while we’re sure those new PowerBeats Pro earbuds are something special, why would you shell out $250 for a tiny pair of speakers when comparable ones are […]