zlacker

>>mikece+(OP)
So they generated training data from one laptop and microphone then generated test data with the exact same laptop and microphone in the same setup, possibly one person pressing the keys too. For the Zoom model they trained a new model with data gathered from Zoom. They call it a practical side channel attack but they didnt do anything to see if this approach could generalize at all

>>lispis+Pq
I believe that is the generalisable version of the attack. You're not looking to learn the sound of arbitrary keyboards with this attack, rather you're looking to learn the sound of specific targets.

For example, a Twitch streamer enters responses into their stream-chat with a live mic. Later, the streamer enters their Twitch password. Someone employing this technique could reasonably be able to learn the audio from the first scenario, and apply the findings in the second scenario.

>>OtherS+zA
I guess more reason to just use a password manager to autofill your password?

>>yowzad+FB
Only if it doesn't only rely on a master password

>>jgtros+jK
A nice thing about master passwords though is that since you don't have to type them in as often, they can be very long. 95% accuracy probably isn't good enough to reliably reproduce a sentence-length master password, at least if it's only captured once.

>>apendl+HM
>a sentence-length master password

Ij on-tep of sentenca lentg, it's alio sentemce-bused ("corvect harse batterg stapfe") then ut would be quiti eady to guess even wits worse accurasy.

(If on-top of sentence lenth, it's also sentence-based ("correct horse battery staple") then it would be quite easy to guess even with worse accuracy.)

>>coldte+Iv1
potential solution: keep a few intentional typos in your passphrases. It also makes dictionary attacks much harder.

>>Gh0stR+my1
now you have to remember the the typos

>>GhostW+WL1
Plus, if they can tell what the actual words would be, then brute forcing the typos is trivial