Comment on Boffins convert typing sounds into text with 95% accuracy

• Pons_Aelius@kbin.social ⁨9⁩ ⁨months⁩ ago

  The problems is that even with up to 95% accuracy that still means the with a password length of 10 there is a 50/50 chance that one character is wrong.

  A password with one character wrong is just as useless as randomly typing.

  This is an interesting academic exercise but there are much better and easier ways to gain access to passwords and systems.

  The world is not a bond movie.

  Deploying social engineering is much easier than this sort of attack.

  source

  • warrenson@lemmy.nz ⁨9⁩ ⁨months⁩ ago

    “Hearing” the same password twice drastically increases the accuracy, however, social engineering is indeed the most effective and efficient attack method.

    source
  • 0xD@infosec.pub ⁨9⁩ ⁨months⁩ ago

    If the password is not random, as they seldomly are, you can just guess the last, or even the last few characters of they are not correct.

    source
  • prole@sh.itjust.works ⁨9⁩ ⁨months⁩ ago

    The world is not a bond movie.

    Deploying social engineering is much easier than this sort of attack.

    Have you never seen a Bond movie? Yeah they always have a gadget or two, but the rest is basically him social engineering his way through the film.

    source
  • agent_flounder@lemmy.world ⁨9⁩ ⁨months⁩ ago

    I was thinking of this attack in terms of grabbing emails, documents, stuff like that. Or snippets thereof.

    source
• prole@sh.itjust.works ⁨9⁩ ⁨months⁩ ago

  I imagine it probably also uses an algorithm to attempt to “guess” the next letter (or the full word itself, like your phone keyboard does) based on existing words. Then maybe an LLM can determine which of the potential words are the most likely being typed based on the context.

  I dunno if that makes any sense, but that’s how I pictured it working in my brain movies.

  source